The Living Dead - Hacking Mobile Face Recognition SDKs with Non-Deepfake Attacks

Explore the vulnerabilities in mobile face recognition systems through this 37-minute Black Hat conference talk. Delve into the critical importance of liveness detection in preventing identity spoofing, especially in high-stakes applications like mobile banking. Examine real-world incidents of non-deepfake attacks and uncover the technical flaws in face recognition protocols and implementations. Gain insights from an analysis of 18 mobile face recognition libraries, including those from industry leaders, revealing security weaknesses that can lead to liveness detection bypasses. Learn about low-cost, easily scalable attack methods that exploit these vulnerabilities, going beyond traditional deepfake or presentation attacks. Presented by Wing Cheong Lau, Kaixuan Luo, and Xianbo Wang, this talk offers valuable knowledge for cybersecurity professionals, developers, and anyone interested in the security challenges of mobile biometric authentication systems.