Forbes cybersecurity journalist Thomas Brewster commissioned a 3D printed model of his own head to test the facial recognition security feature on four Android handsets: LG G7 ThinQ, the Samsung Galaxy S9, the Samsung Galaxy Note 8, and the OnePlus 6.
New - We had a 3D model of my head made to break into a bunch of Android phones using facial recognition: https://t.co/i50s8Y0sSO— Thomas Brewster (@iblametom) 13 December 2018
Neither Apple nor Microsoft tech was fooled by the fake...
Brewster managed to unlock all the Android phones, though he notes it was “with differing degrees of ease.”
Phones from LG and Samsung warned that using facial recognition wasn't the safest security method, advising users that anyone with a close resemblance might be able to unlock the devices. The G7 ThinQ was opened straight away, though the company has since updated the device to make it more difficult to unlock.
The Samsung phones were also fooled by the printed head. They took longer to open when the less secure “faster recognition” feature was disabled, requiring different lighting and angles.
The OnePlus 6 fared worst of all, offering no security warnings and opening instantly when shown the model.
One handset that wasn’t fooled was the iPhone X. This shouldn’t come as too much of a surprise—back when the firm first revealed the device last year, Apple said it had worked with Hollywood studios to create realistic masks to test the system. Additionally, Microsoft’s Windows Hello facial recognition couldn’t be tricked, either.
There are some caveats with the experiment. Brewster’s head was recreated by professionals in a dome-like studio containing 50 cameras. And all the Android makers advise using the fingerprint scanner for extra security, while the iPhone X, which doesn’t have one, has more advanced tech in its facial recognition system, such as IR depth matting and attention awareness.