A Look at How Easily 3D-Printed Heads Can Hack Facial Recognition

Despite the undeniable benefits of 3D printing, especially in both the manufacturing and medical sectors, there is also growing concern about some of the unexpected challenges which come with the technology.

[see-also]

For one, there is growing concern about the potential health hazards from nanoparticles dispersed into the air during the printing process, but more important is security issues which come from 3D-printed masks being used to hack into smartphones.

Recently, hackers have raised the bar on ways to get into your phone, evolving the capabilities to 3D-printed heads. The result: instant access to any phone which uses a facial recognition password. This is quickly becoming one of the most urgent issues today in biometrics. 

Putting the Theory to the Test

To demonstrate this, UK-based Forbes staff writer Thomas Brewster had a copy of his head 3D printed at Birmingham-based Backface Studio, and very cheaply, considering the payoffs that come with accessing another's phone: In all he spent only £300.

In all, it was tested out on five phones--four Android and one iPhone X were tested--with only the Apple-based device keeping Brewster from gaining access. The results essentially show how vulnerable our phones are when we rely only on facial recognition.

The experiment exposed a surprising irony about facial recognition security passwords: in many cases, they are less effective than the old, but trusted, numerical password option or fingerprints. LG implies this in their statement on the subject: 

"The facial recognition function can be improved on the device through a second recognition step and advanced recognition which LG advises through setup," importantly noting that it should be seen as "a secondary unlock feature".

Combining Approaches Offer a Solution

In terms of what consumers can do to increase security, there are essentially only two options: put more pressure on smartphone providers to enhance the effectiveness of the facial recognition software, or engage secondary methods for enhancing safety.

As Matt Lewis, Research Director at NCC Group, a global cybersecurity consultancy firm, explained to Forbes in an interview:

"Focus on the secret aspect, which is the PIN and the password. The reality with any biometrics is that they can be copied. Anyone with enough time, resource and objective will invest to try and spoof these biometrics."

What's needed is an informed and multi-faceted approach that takes into account both existing and emerging cybersecurity issues.

Ironically, the average smartphone user is wary of data misuse, yet there is often little diligence in fully protecting access to the device itself.

With no end in sight to the amount of personal data which we access, store and accumulate on smartphones, it is up to the consumers to make better decisions about how best to arm themselves in this new era of highly sophisticated hacking.

Put another way, increased access to technology does not necessarily imply increased awareness about its capabilities, or risks. Cryptoccurency traders are especially vulnerable.

This represents a kind of growing information gap which we must address as technology continues to evolve; otherwise, we run the risk of creating cybersecurity issues that will become too large to handle.