Will the new FaceID Apple login make Mission Impossible Face Masks a Real Threat?

Apple has removed the TouchID in its new iPhone X model. They have replaced it with FaceID. This new login approach brings many opportunities. But are those opportunities being created for bad actors?

How FaceID Login Works?

The new TrueDepth camera uses 30,000 invisible dots on a person’s face to precisely map that person’s facial identity.

With 30,000 points it makes it less likely that someone will be able to fake your login. Or so it’s seems?

The Identical Twin Hack

Identical twins have identical DNA. By definition, those 30,000 points should be identical between both twin persons. In reality, there will be some differences. Are those difference different enough where an “evil” twin could hack the other twin to perform malicious activities?

Denial of Service by Gaining 10 Pounds

This might be a scenario probably little considered. How do those 30,000 points fare with weight gain and weight loss? Does the FaceID incrementally update to work as a living identity or is it a snapshot in time?

As a practical joke, a relative could feed you high caloric pie during that holiday vacation just to lock you out of your phone.

FaceID Login Crack Using a “Plump” Face Replica

Let’s assume the FaceID was intelligent enough to account for weight loss and weight gain. Could someone create a face replica of a person that had gained 10 pounds an successfully login?

Mission Impossible

Now Ethan Hunt can wear the plump person’s face and steal data off that person’s phone.

(Personally I think it is more likely that someone will make someone unconscious and use that FaceID to log into the phone, use it again to update the FaceID, and then replace it)

Conclusion

Thinking about the opportunities new technologies bring is fun. Sometimes it is just as fun to think of the threat scenarios they enable, even if they are far fetched.

I would love to hear what threat scenarios you dreamt up. Please leave a comment and share.