Connect with us


Cops, hackers and your mom can unlock your phone with a 3D printed model of your head

Flagships like the LG G7 ThinQ, OnePlus 6, and Samsung Galaxy S9 and Note 8 are susceptible.

A picture of a man tricking facial recognition by using a 3d printed head
Image: Forbes

The Android operating system has had support for facial recognition unlocks since before Lollipop came out in 2014, via Google’s Trusted Face feature. That nifty feature lets you unlock your phone by looking at it, in a similar function to Apple’s FaceID.

Trusted Face lets you take a bunch of photos of your face while training it to recognize your features.

Crucially, it no longer has a “Liveness” test. When the face unlock feature was introduced in 2011’s Android 4.0, Ice Cream Sandwich, it made the user blink once it recognized the face. That was a guard against unauthorized users unlocking your phone via photographs, models or while you were asleep.

Facial recognition can be tricked

The feature has never been secure, with black and white photos fooling the camera, selfies, this hilarious way of fooling the Blink Test, and this new method used by Thomas Brewster of Forbes.

Brewster used Backface, a 3D scanning, and printing company in Birmingham, UK, to get a lifelike replica of his own head to test the face unlock capabilities of a bunch of Android phones and one iPhone with FaceID.

50 cameras took photos of Thomas from every angle, those images were then stitched back together into a 3D image. Then the model gets 3D printed in colored gypsum, essentially making a plaster head.

He then took that plaster head to try and break into five smartphones, an iPhone X and four Android devices: an LG G7 ThinQ, a Samsung S9, a Samsung Note 8 and a OnePlus 6.

So, which phones were fooled?

Here’s the kicker – all of the Android phones unlocked using the cloned head. The LG and OnePlus devices unlocked almost instantly when presented with the head. Samsung’s S9 and Note 8 both have iris scanning, which wasn’t fooled by the 3D printed eyes, but when using the non-iris version of face unlock, both were unlocked via the fake head.

Apple’s turn in the spotlight went completely differently, leaving the iPhone unlocked no matter what lighting or angles they tried. The iPhone X’s FaceID also uses a dot projector to test the 3D features of your face.

While testing the feature, Apple paid a Hollywood studio to make realistic masks to test with so it’s not terribly surprising that a fake head didn’t unlock it. Microsoft’s Hello functionality also wasn’t fooled.

If you still want to use facial recognition on your Android handset for easy unlocks, that’s down to you. Just don’t treat it as secure – it’s closer to “swipe to unlock.”

Do you use facial recognition? Do you consider it safe? Let us know down below in the comments or carry the discussion over to our Twitter or Facebook.

Editors’ Recommendations:

Follow us on Flipboard, Google News, or Apple News

Maker, meme-r, and unabashed geek with nearly half a decade of blogging experience. If it runs on electricity (or even if it doesn't), Joe probably has one around his office somewhere. His hobbies include photography, animation, and hoarding Reddit gold.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Deals of the Day

  1. Paramount+: Live Sports Starting at $2.50/mo. for 12 Mos. Sports - Try It Free w/ code: SPORTS
  2. Save $20 on a Microsoft365 subscription at Best Buy with a Best Buy Membership!
  3. Try Apple TV+ for FREE and watch all the Apple Originals
  4. Save $300 on a Segway at Best Buy, now $699

More in Mobile