Biometric Authentication Under Threat: Liveness Detection Hacking

Conference:  BlackHat USA 2019



The presentation discusses methods of bypassing biometric authentication and proposes solutions for mitigating vulnerabilities.
  • The presentation proposes using hardware level signal injection to bypass biometric authentication.
  • The algorithm of attention detection can be reversed to find weak points in the system.
  • The presentation proposes a threat model for injecting signals directly into the device.
  • The presentation demonstrates how a photo can be used to generate an animation and audio to bypass biometric authentication.
  • The presentation proposes solutions for mitigating vulnerabilities, such as using trusted cameras and increasing weight synthesis detection.
The presenter demonstrates how they were able to unlock a phone with ordinary glasses and two kinds of tape in just two minutes.


Biometric authentication has been widely used in scenarios such as device unlocking, App login, real-name authentication and even mobile payment. It provides people with a more convenient authentication experience compared with traditional technique like password.A classic biometric authentication process includes biometrics collection, preprocessing, liveness detection and feature matching. With the leakage of biometric data and the enhancement of AI fraud ability, liveness detection has become the Achilles' heel of biometric authentication security as it is to verify if the biometric being captured is an actual measurement from the authorized live person who is present at the time of capture. Previous research mainly focused on how to generate fake data but lack of systematic survey on the security of liveness detection. In this talk, we'll introduce our arsenal of attacking liveness detection and show how to apply them to bypass several off-the-shelf biometric authentication products, including 2D/3D facial authentication and voiceprint authentication. Our arsenal includes the following two kinds of weapons: -Injecting fake video or audio streams by evil hardware to hidden attack media-Creating specific recognition scene to trigger the defect of liveness detection algorithmMake use of above weapons and combinations thereof, we can:-Compromise App's biometric-based login or password recovery function then log in victim's account remotely by injecting fake video or audio streams which generated from a face photo or a short phone recording-Unlock a victim's mobile phone and then transfer his money through mobile payment App by placing a tape-attached glasses (we named it X-glasses) above sleeping victim's face to bypass the attention detection mechanism of both FaceID and other similar technologies.In addition, we propose a new attack model to log in App remotely based on hardware injection and device ID spoofing.