When Apple announced the iPhone X last month—its all-screen, home-button-less, unlock-with-a-look flagship—it placed an enormous bet on facial recognition as the future of authentication. For hackers around the world, Face ID practically painted a glowing target on the phone: How hard could it be, after all, to reproduce a person's face—which sits out in public for everyone to see—and use it to bypass the device's nearly unbreakable encryption without leaving a trace?
Pretty damn hard, it turns out. A month ago, almost immediately after Apple announced Face ID, WIRED began scheming to spoof Apple's facial recognition system. We'd eventually enlist an experienced biometric hacker, a Hollywood face-caster and makeup artist, and our lead gadget reviewer David Pierce to serve as our would-be victim. We ultimately spent thousands of dollars on every material we could imagine to replicate Pierce's face, down to every dimple and eyebrow hair.
For any reader with face-hacking ambitions, let us now save you some time and cash: We failed. Did we come close to cracking Face ID? We don't know. Face ID offers no hints or scores when it reads a face, only a silently unlocked padlock icon or a merciless buzz of rejection. All we learned from our rather expensive experiment is that Face ID is, at the very least, far from trivial to spoof.