When Apple introduced Face ID with iPhone X in 2017, the tech site "Motherboard" posted a report about Face ID security being fooled by a 3D-Printed mask. Researchers from the Vietnamese cybersecurity firm "Bkav" used a highly sophisticated facial scanning system and a professional artist to fool Face ID successfully. Meaning that your average hacker wouldn't be able fool Face ID, only Mission Impossible-type of pros could.

Apple filed a new patent application months after Face ID had been cracked on iPhone X so as to ensure that the 3D mask approach would fail in the future. The patent application was made public this week.

Specifically, Apple notes early on what the goal of the new Face ID technology is to do: "Spoofing" attacks typically utilize invalid data, e.g., data from another device or module purporting to be from a device's camera or images of masks, busts, 3D projections, etc. that are not actually current images of a known user. For example, malicious entities may send signals pretending to be from a device's camera unit, to trick the device into thinking that its camera captured an image of the user, when the image was actually previously-captured by another camera. This is one example of an attack that involves spoofing a camera. As another spoofing example, a malicious entity may present a mask or bust of an enrolled user to a camera of the device in an attempt to pass an authentication process as the enrolled user. In various embodiments, the disclosed techniques may reduce or eliminate the effectiveness of such schemes, such that authorized users who intend to authenticate biometrically are successfully authenticated while others are denied."

It would appear that Apple changed its Face ID formula. Just for starters, Apple's patent claims point to two illumination modes are used in Face ID with the first using a flood illumination process followed by a second illumination mode that uses multiple discrete points of illumination using a vertical-cavity surface-emitting laser (VCSEL) to determine depth.

Next, Apple uses a 'secure circuit' configured to generate a different cryptographic nonce for ones of different facial recognition sessions, provide a cryptographic nonce to the camera unit, and confirm that each image in the sequence includes the cryptographic nonce.

Further, the secure circuit is configured to communicate with the camera unit using an elliptic curve Diffie-Hellman (ECDH) session and wherein the secure element is configured to use a different ECDH exchanged secret key for communications during each of multiple different facial recognition sessions with the camera unit.

15 Detailed Points about Face ID

This is a very detailed patent application with a systematic overview of how Face ID functions in iDevices. Those wishing to delve deeper into Apple's biometric authentication system will be able to review the following:

Overview of Exemplary Device

Overview of Using Pseudo-Random Sequence of Image Capture Modes

Overview of Secret Illumination Pattern Techniques

Exemplary Secure Circuit Techniques for Authentication Security

Exemplary Secure Circuit Implementation

Exemplary Camera Module

Exemplary Emitter Arrays for Depth Capture and Probing Pattern

Exemplary Probing Pattern Method

Exemplary Storage of Calibration and Enrollment Data

Exemplary Lockout Techniques

Exemplary Method for Using Sequence of Image Capture Modes

Exemplary Facial Recognition Session with Multiple Validation Checks

Exemplary Organization of Modules

Exemplary Device Configuration Method

Additional Exemplary Embodiments

Apple's patent application 20190044723 was filed back in Q3 2018 and Published last Thursday. You could check out the details here.

Some of Apple's Inventors

Ivan Krstić: Head of Apple Security Engineering and Architecture

Petr Kostka: Software Engineer Manager, Core Biometrics. Projects: Face ID, Touch ID, Apple Pay

Lucia Ballard: Engineering Manager, Security and Privacy Engineer

Feng Tang: Machine Learning Algorithm Manager at Apple

Etai Littwin: This is an odd one. Etai's LinkedIn profile shows him as the senior algorithm developer at "RealFace," a company rumored to have been acquired by Apple in 2017. Etai is clearly listed on Apple's Face ID patent but his profile page still has him working at RealFace. Perhaps Apple is allowing this Israeli company to function independently while still answering to Apple.

Eitan Hirsh: Software and Algorithms Manager came to Apple via PrimeSense

Tal Kaitz: Algorithm Team Leader (works from Israel)

Jonathan Pokrass: Software & System Engineer came to Apple via PrimeSense

Ziv Hendel: Software Architect who came to Apple via PrimeSense

Andrei Kolin: Image Processing. Specialties included Computer Vision, Optics, Mobile Sensors, AR/VR, Wearable Devices and Satellites. Kolin, works out of Israel, came to Apple via Samsung where he was Computer Vision Expert and Team Leader.

Thorsten Gernoth: Computer Vision Engineering Manager, Camera Algorithm Engineer.

Lucie Kučerová: Software Development Engineer came to Apple via AuthenTec

Matt Waldon: Director, Depth Hardware. He came to Apple via Lockheed Martin Space Systems working on infrared camera systems.

Thomas Mensch: Secure Systems Engineer who came to Apple via Telenav

Christopher Zeleznik: Sensor Analog Engineer

Michael Malone: Sensor Engineer who came to Apple via their acquisition of InVisage Technologies

Anup Sharma: Core Sensing Technologies









About Making Comments on our Site: Patently Apple reserves the right to post, dismiss or edit any comments. Those using abusive language or negative behavior will result in being blacklisted on Disqus.