Security researchers have cracked Apple’s FaceID biometric system yet again. But there’s an unusual caveat to this trick: to successfully unlock an iPhone, the attackers first need to make sure the victim is out cold.

Tencent researchers demonstrated the exploit vector at Black Hat USA 2019, Threatpost reports. The attack involves putting a pair of modified glasses on the victim’s face. That, coupled with carefully placing a piece of tape over the glasses’ lenses, makes it possible to circumvent FaceID and log into a victim’s iPhone.

Of course, the exploit is fairly difficult to pull off considering the attackers would need to figure out how to put the glasses on a victim without waking them up.

The attack leverages a biometrics function called “liveness” detection, designed to tell apart “fake” versus “real” features on people. The system essentially monitors background noise, response distortion or focus blur.

“With the leakage of biometric data and the enhancement of AI fraud ability, liveness detection has become the Achilles’ heel of biometric authentication security as it is to verify if the biometric being captured is an actual measurement from the authorized live person who is present at the time of capture,” the researchers said during the presentation.

So why do you need glasses to pull off the attack? Well, it turns out FaceID scans eyes differently when people wear glasses.

“We found weak points in FaceID,” the researchers explain. “It allows users to unlock while wearing glasses […] if you are wearing glasses, it won’t extract 3D information from the eye area when it recognizes the glasses.” Using this trick, the researchers were able to unlock a victim’s phone and even transfer their funds through a mobile payment app.

Researchers have bypassed Apple’s FaceID to unlock iPhones in the past

This is hardly the first time researchers have cracked FaceID.

Back in 2017, a Vietnamese security firm released footage showing how an attacker could circumvent iPhone X’s facial recognition system with a cheap $150 mask.

Apple has previously bragged the chance of randomly unlocking FaceID is one in a million, but there are anecdotal reports suggesting family members might have a higher chance of bypassing facial recognition to unlock someone else’s iPhone.

If anything, Tencent‘s proof-of-concept goes on to show that even Apple’s security systems aren’t invincible.

For more gear, gadget, and hardware news and reviews, follow Plugged on Twitter and Flipboard.