Researchers have uncovered some interesting security features within Apple’s newly-released iOS 15 and iPadOS 15, including improvements to the anti-spoofing models of Face ID.
Face ID was one of the big talking points when announced with the launch of iPhone X back in 2017, replacing the Touch ID fingerprint scanner for unlocking the device.
Critics of the technology were soon nitpicking Apple’s implementation, and some even tried to bypass it by using 3D printed masks.
We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.
Apple has now itself admitted that the previous implementation of the facial recognition technology had a vulnerability where “a 3D model constructed to look like the enrolled user may be able to authenticate via Face ID.”
New and improved
Originally tracked as CVE-2021-30863, the vulnerability is credited to security researcher Wish Wu of Ant-financial Light-Year Security Lab. However, it’s status has since been changed to REJECT, and the reason stated is that “this candidate was withdrawn by the CVE program.”
Sharing details about the security enhancements in the latest release, Apple claims that it has addressed the issue and has managed to close the vulnerability by “improving Face ID anti-spoofing models.”
According to Apple, the fix is applicable to all devices with the TrueDepth Face ID sensor including iPhone X, iPhone XR, iPhone XS (all models), iPhone 11 (all models), iPhone 12 (all models), iPad Pro (11-inch), and iPad Pro (3rd generation).