How I bypassed the face-unlock security on my OnePlus 6?
I have always been critical of uploading images online. I was having a discussion with one of my friend regarding people uploading their images mindlessly on social network websites like Facebook, Instagram and other. In a world where we use facial-recognition features on a daily basis it can be pretty dangerous and from there I got the idea to write this article when I tried to explain it to him how images uploaded online can have an adverse affect on our lives.
Facial Unlock feature has been proven to be insecure time and time again. There have been claims about how security researchers have found creative ways to bypass the security and I was always amazed by the level of sophistication it took to carry them out, but there were some which found out ways truly easy and simple to carry out the hack. This is my story how I carried out the easiest but the most effective hack that lead me to bypass the facial-unlock feature of OnePlus 6.
Let’s dig in!
So, to first bypass security mechanisms set in place we need to understand how these facial recognition feature works. The time we are scanning our face for the facial recognition feature, the phone takes clues about the distance of our facial feature in regards from each other, like how far our eyes is to our nose or the distance between the lips and chin and above all it makes a boundary line for our face.
Let me show you what I mean. See the lines and dots it is using to map my face and make a structural note of it.
This gave me an idea and it struck out of the blue that this doesn't account in the 3-D depth of my face, so anything that has the same size and features as of my face on a 2-D surface should also bypass the facial-recogntion security of my phone.
So, I straight away opened up the passport size photo that I has saved for official purposes and pointed it towards my locked OnePlus 6. Let me show you the setting
I enlarged my passport size photo and placed it in front of my OnePlus 6 in locked screen state and then viola!
It took me few failed attempt and in the very next attempt I was able to open up my phone.
Face Unlock features have always been debated in the security world and shouldn’t be used if you really care about security. Most of the phones have fell prey to this.
On the security front I would recommend using iPhone X as it is secure when it comes to these things. They have surpassed various tests with flying colours ( as of now! ).
If you enjoyed it please do clap and happy hacking!
Twitter : twitter.com/aditya12anand
LinkedIn : linkedin.com/in/aditya12anand/
E-mail : [email protected]
If you guys wants a video demonstrating how I carried out the hack then let me know, I will provide a video link below.