A security researcher canceled a presentation at Black Hat Asia for hacking biometric face recognition on Apple iPhones at the request of his employer.
The prospect of a Face ID break is quite worrying because it is used to lock up operations on tens of millions of iPhones from bank and healthcare applications up to emails, text, and photos.
According to Apple, the chance to accidentally unlock a device that is protected by Face ID is one in a million, as opposed to the Touch ID that was one in 50.000.
Wu Wu, a researcher from China, was scheduled to present a speech entitled "Bypass Strong Face ID: Everyone Can Deceive Depth and IR Camera and Algorithms" at the Black Hat Asia conference to be held in Singapore in March. Wu told Reuters that his employer, Ant Financial, has asked him to withdraw the presentation from Black Hat.
Why; Ant Financial's Alipay payment system is compatible with face recognition technologies such as Face ID.
Note that since Apple released the 2017 security feature with the iPhone X, the company released three other phones that are protected by Face ID: iPhone XS, XS Max and XR.
Wu said to Reuters that he agreed to withdraw his presentation by indicating that he was able to play hack only on the iPhone X under certain conditions and that it did not work on iPhone XS and XS Max.
"In order to ensure the credibility and maturity of the research results, we have decided to cancel the speech," he told Reuters in a Twitter message.
"Research into the face-to-face verification mechanism is incomplete and would be misleading if presented," Ant Financial said.
The organizers of Black Hat naturally withdrew a speech summary from the event's website at the end of December, when Ant Financial revealed the research problems.
The fact of withdrawing a presentation from the Black Hat page is very rare. The organizers of the conference told Reuters that they accepted Wu's presentation because he persuaded them that he could do it.
"Black Hat accepted the speech because it believed that the hack could be reproduced based on the materials available to the researcher," said conference spokeswoman Kimberly Samra.
Anil Jain, a computer science professor at Michigan State University, said he was surprised by Wu's claim that Apple had invested so much in "anti-spoofing" technology that made such hacks very difficult.