Cybersecurity Researcher Withdraws Face ID Hacking Talk From Black Hat Conference

A cybersecurity researcher has withdrawn a presentation on hacking Apple’s Face ID technology at the prestigious Black Hat Asia conference.

According to Reuters, China-based researcher Wish Wu was originally scheduled to present his work “Bypass Strong Face ID: Everyone Can Deceive Depth and IR Camera and Algorithms” in March at the Black Hat Asia hacking conference in Singapore. However, he had to cancel the presentation at the request of his employer Ant Financial.

According to the abstract for the talk, Face ID can be spoofed using an image printed on ordinary paper. However, Ant Financial found inconsistencies in his work during the latter part of 2018 and decided to cancel the public talk.

Wu agreed on the cancellation of the talk at the conference in part because the methodology to bypass Face ID only worked on the iPhone X and only under “certain conditions.” The bypass method is apparently not able to bypass Face ID on the iPhone XS or iPhone XS Max at all, under any circumstances.

“In order to ensure the credibility and maturity of the research results, we decided to cancel the speech,” he told the news outlet via Twitter.

Ant Financial, known for its Alipay mobile and online payments platform, which work with Face ID, then clarified the reasoning behind the withdrawal decision:

“The research on the face ID verification mechanism is incomplete and would be misleading if presented,” the company said.

Black Hat took down an abstract of the talk from its website in late December after Ant uncovered problems with the research. The hacking conference said that it had initially accepted Wu’s talk because Wu convinced its review board he could pull off the hack.

Black Hat conference spokeswoman Kimberly Samra said, “Black Hat accepted the talk after believing the hack could be replicated based on the materials provided by the researcher.”