This work addresses the vulnerability of camera-based identity verification systems in real-world scenarios to physical adversarial attacks by proposing a Digital-Physical Adversarial Attack (DiPA) method. DiPA dynamically displays adversarial patches on a smartphone screen, eliminating the reliance on printed media and enabling purely digital, high-efficiency evasion attacks. Notably, it achieves significantly enhanced transferability and deployment flexibility under black-box conditions without requiring total variation regularization. By integrating state-of-the-art face recognition models such as ArcFace, MagFace, and CosFace into an ensemble attack strategy, DiPA supports real-time patch generation and interactive demonstration. Experimental results demonstrate that DiPA outperforms existing physical attack methods in terms of attack success rate, feature perturbation efficiency, and reduction in model confidence on real-world facial recognition cameras.

This demonstration presents Digital-Physical Adversarial Attacks (DiPA), a new class of practical adversarial attacks against pervasive camera-based authentication systems, where an attacker displays an adversarial patch directly on a smartphone screen instead of relying on printed artifacts. This digital-only physical presentation enables rapid deployment, removes the need for total-variation regularization, and improves patch transferability in black-box conditions. DiPA leverages an ensemble of state-of-the-art face-recognition models (ArcFace, MagFace, CosFace) to enhance transfer across unseen commercial systems. Our interactive demo shows a real-time dodging attack against a deployed face-recognition camera, preventing authorized users from being recognized while participants dynamically adjust patch patterns and observe immediate effects on the sensing pipeline. We further demonstrate DiPA's superiority over existing physical attacks in terms of success rate, feature-space distortion, and reductions in detection confidence, highlighting critical vulnerabilities at the intersection of mobile devices, pervasive vision, and sensor-driven authentication infrastructures.