Security & Fraud

Hackers Unlock Phones Via 3D Printing

There’s a new method hackers can use to break into someone’s smartphone: create a 3D-print life-size replica of the owner’s head.

To show how the method can work, Forbes reporter Thomas Brewster had a 3D print of his own head created at Backface in Birmingham, U.K. He then used his real-life head to set up facial recognition on five phones, including the iPhone X and four Android devices: an LG G7 ThinQ, a Samsung S9, a Samsung Note 8 and a OnePlus 6.

“I then held up my fake head to the devices to see if the device would unlock. For all four Android phones, the spoof face was able to open the phone, though with differing degrees of ease. The iPhone X was the only one to never be fooled,” he wrote.

While creating the 3D head might seem like a hard task, the entire process only took a few days and cost just over £300.

And it’s not just hackers who can use the method to their advantage. Since biometrics isn’t protected under the Fifth Amendment, law enforcement can potentially use 3D printing to legally gain access to your phone.

“Legally, it’s no different from using fingerprints to unlock a device,” Orin Kerr, professor at USC Gould School of Law, said via email, according to TechCrunch. “The government needs to get the biometric unlocking information somehow,” by either the finger pattern shape or the head shape.

So what is the best way to protect a smartphone? Matt Lewis, research director at cybersecurity contractor NCC Group, suggests using a strong alphanumeric passcode.

“Focus on the secret aspect, which is the PIN and the password,” he said. “The reality with any biometrics is that they can be copied. Anyone with enough time, resources and objective will invest to try and spoof these biometrics.”


Featured PYMNTS Study:

More than 63 percent of merchant service providers (MSPs) want to overhaul their core payment processing systems so they can up their value-added services (VAS) game. It’s tough, though, since many of these systems date back to the pre-digital era. In the January 2020 Optimizing Merchant Services Playbook, PYMNTS unpacks what 200 MSPs say is key to delivering the VAS agenda that is critical to their success.