During the Black Hat 2019 conference, researchers demonstrated a way to spoof Face ID using nothing more than glasses and tape.
To launch the attack, researchers with Tencent tapped into a feature behind biometrics called “liveness” detection, which is part of the biometric authentication process that sifts through “real” versus “fake” features on people. It works by detecting background noise, response distortion or focus blur. One such biometrics tool that utilizes liveness detection is FaceID, which is designed and utilized by Apple for the iPhone and iPad Pro.
Apple is testing biometric login for iCloud.com. If you’re a beta tester for iOS 13, iPadOS, or macOS Catalina, you can go to beta.icloud.com and login with Face ID/Touch ID. Web Login So far, iPhone and iPad users haven’t been able to access iCloud web apps. If you navigated to the website you couldn’t use…
Tapplock came out with a new product called the Tapplock one+. It features 7mm reinforced stainless steel shackles, strengthened by double-layered lock design with anti-shim and anti-pry technologies, making it the ultimate utility fingerprint padlock. Plus, a state-of-the-art capacitive fingerprint sensor allows unlocking in under 0.8 seconds. Its adaptive algorithm means the lock becomes faster and more accurate with each access. You can store up to 500 different fingerprints per lock, and manage users and fingerprints via the Tapplock app. There are three ways to unlock: fingerprint, Bluetooth, and Morse code. The battery lasts up to a year or 3,500 unlocks. You can get a single Tapplock one+ for US$99, a double pack for US$179, and a four-pack for US$359.
Take this with a grain of salt because this tweet is all I’ve seen about this. But David Ruddock of AndroidPolice mentioned a Google investigation trying to determine if certain types of fingerprint sensors are secure.
Another CES Story: I’ve heard Google is currently investigating whether current optical fingerprint sensor designs are secure enough to be used for TrustZone auth (mobile payments, banking apps, etc). There is real concern optical FPRs may be too easy to spoof.
Although facial recognition came to Android first, it was there for convenience as a way to unlock your device. But Apple added it for security, and it looks like they bet on the right horse.
A U.S. federal judge has ruled that law enforcement can’t force you to unlock an iPhone or iPad via Face ID or Touch ID.
In the United States, a suspect’s property has the potential to be searched by law enforcement officials as part of an investigation, but some items are typically left alone. While people are protected from having to unlock their devices via a passcode, biometric security has been considered fair game for use by investigators, bypassing the passcode rules.
This will certainly set a precedent for the future. Although it doesn’t completely stop the investigation, it does give people a bit more freedom.
Thanks to a photo shared through WhatsApp, police got enough of a fingerprint to identify and arrest a drug dealer and his accomplices.