Apple recently announced its new iPhone X. A central innovation of this smartphone is the “Face ID” system, that recognizes users by scanning their faces. This method is rumored to replace the established Touch ID system, a fingerprint reader integrated with Apple’s Home Button and introduced in 2013 in the 5s model. Besides ditching the Touch ID system (and the home button itself that it’s attached to) the new iPhone X is very expensive. Some users are skeptical and question the consumer privacy and security implications of this new feature. Sen. Al Franken (D-MN) on September 13 wrote a letter to Apple questioning the security of the Face ID system. Franken stated that “substantial questions remain about how Face ID will impact iPhone users’ privacy and security.”
Franken’s letter focused on ten main questions regarding Face ID’s security. He expressed concern over: whether faceprint data could be extracted from the iPhone or stored remotely, either by Apple or by a third party; where did Apple source the one billion facial images that Apple claimed it used in developing the algorithm; what steps did Apple take to ensure a lack of bias (racial and otherwise) in training the Face ID system; what steps did Apple take to ensure that the Face ID system can distinguish a person’s actual face from a photo or mask; whether Apple has any plans to share faceprint data with a third party or use it for any purpose other than Face ID; what is the process for informing users if Apple did decide use data for other purposes or to store data in the Cloud; is the system “always on”; what prevents someone from unlocking an iPhone merely by holding up to a user’s face; and how will Apple cooperate with law enforcement requests for faceprint data.
Apple recently responded in a letter of their own signed by Vice President for Public Policy Cynthia Hogan, that aimed to explain how the system works and address the potential security risks.
According to Apple, before unlocking the phone the system performs an in-depth analysis that compares much more information than fingerprinting. While Touch ID uses two-factor authentication, Face ID adds more depth. Apple states that Face ID uses “TrueDepth” and “machine learning” to create a secure authentication solution. Face ID data, including the mathematical expression of a face, is encrypted and protected by a key, which only Apple’s “Secure Enclave” program can access. Face ID allows five failed attempts to match, and then requires a code entry to unlock the phone.
Apple claims that the likelihood that a random person could unlock your iPhone X with Face ID by looking at it is approximately 1: 1,000,000 (compared to a Touch ID sensor that has a probability of 1: 50,000). This statistical probability is different for twins and siblings, who are very similar to the owner of the phone, and children under 13 because their distinctive facial features are not yet fully developed. Apple states that Face ID employs sophisticated neural networks that prevent it from falsifying identity using masks and other techniques. Face ID even watches your attention and sees if you have eyes open and looking at the device. It makes it difficult for other people to unlock your iPhone without your knowledge, for example when you are asleep.
To use Face ID, you need to set up a code on your iPhone. If you lose or someone has stolen your device, you can use the Find My iPhone feature to disable camera unlocking with Face ID using the Lost Mode feature. Face ID data does not leave the device and never backs up to iCloud or anywhere else. This data will only be transferred from your device if you want AppleCare to provide Face ID diagnostic data when using support. If you decide to sign up for Face ID, you control how it is used and it can be disabled at any time. According to Apple, the iPhone X and the TrueDepth camera system have been thoroughly tested and meet international safety standards. Using the TrueDepth camera system is safe under normal conditions. This system has low light output, so it does not cause any visual impairment.