Apple says it worked with Hollywood make up artists who have helped its engineers design Face ID so that it couldn’t be spoofed by photos or masks, but now a Vietnamese security firm claims to have successfully fooled the system using a facial mask.

According to security firm Bkav, via AppleInsider, the expensive, specially crafted mask that has allegedly managed to bypass the Face ID security system on iPhone X is a combination of a 3D-printed frame with makeup, a silicone nose and 2D images.

“Special processing” has been applied to the cheeks and around the face to make the mask feel more lifelike. Bkav has shared a demonstration video seemingly showing an iPhone X being unlocked by both the mask and the person it’s based on.

Bkav says this proves facial recognition is still “not mature enough” at this point. The company previously bypassed facial recognition systems on some laptops and showed a proof-of-concept demo at the Black Hat security conference.

Bkav will soon publish details about crafting the mask that beats Face ID.

“In practice Bkav-style masks are unlikely to pose a threat, since they would not only be difficult and expensive to make, but require the dimensions of a person’s face and detailed imagery,” notes AppleInsider.

While the hardware certainly has its limitations, it’s important to remember that Face ID relies heavily on machine learning and artificial intelligence to prevent spoofing. Theoretically, Apple could re-train Face ID’s neural network to protect from those kinds of attacks in the future.

Apple’s marketing boss Phil Schiller said during the iPhone X event:

Apple engineering teams have even gone and worked with professional mask makers and makeup artists in Hollywood to protect against these attempts to beat Face ID. These are actual masks used by the engineering team to train the neural network to protect against them in Face ID.

Face ID was previously fooled by identical twins.

What do you make of this?

Are you concerned that a sophisticated face mask can bypass Face ID just like Touch ID can be fooled in some cases using a very high-resolution print of a person’s fingerprint?

Let us know in the comments!