Apple has published a white paper [PDF] that goes into detail about Face ID security. It should allay most fears people may have over iPhone facial recognition. Face ID is Apple’s new biometric technology for the iPhone X. It replaces Touch ID, and Apple says it’s more secure.
Face ID Security
In order to use Face ID, you must set up a passcode, just like you would with Touch ID. When the iPhone X’s True Depth camera detects your face, it logs you in without asking for the passcode. Since you don’t have to enter it as much, using a more complex passcode might be beneficial, like an alphanumeric code.
Your passcode is only required instead of Face ID under these circumstances:
- The iPhone has just been turned on or restarted.
- The iPhone hasn’t been unlocked for more than 48 hours.
- The passcode hasn’t been used to unlock the iPhone in the last 156 hours (six and a half days) and Face ID has not unlocked the iPhone in the last
- The iPhone has received a remote lock command.
- After five unsuccessful attempts to match a face.
- After initiating power off/Emergency SOS by pressing and holding either volume button and the side button simultaneously for 2 seconds.
The paper notes that the probability that a random person could unlock your iPhone using Face ID is about one in a million. This is a step up from Touch ID’s 1 in 50,000. Of course, the probability decreases a bit for people with twins or siblings that look similar to you.
Facial recognition information is stored in the same Secure Enclave that fingerprint data is stored. There is a difference though. After the iPhone processed your fingerprint and converted it into pure math, the enrollment images of your print were deleted. Face ID keeps images of your face stored. This is for convenience, because the neural network can be updated without needing you to re-register your face.
But just like Touch ID fingerprints, your facial information is only kept in the secure enclave, isn’t sent to Apple, and doesn’t leave your iPhone X in any way. It’s not even included in backups either. Another boost to Face ID security is a separate neural network specifically designed to thwart spoofing attacks.
Face ID and Law Enforcement
So far, the biggest fear that people seem to have is whether the police can unlock your iPhone X by holding it up to your face. Rene Ritchie of iMore has a great quote for this:
That a significant segment of humanity is more concerned about illegal search and seizure by law enforcement agencies than the criminals they’re meant to protect us from should embarrass and appall governments around the world, but that’s a different editorial for a different day.
By default, Face ID requires you to look at your iPhone. If you close your eyes and look away, it won’t log you into the phone. Now, police could try to force you to open your eyes and look at the iPhone. But they could also force you to put your thumb on the Touch ID sensor on iPhones that have it. So the attack surface isn’t too different in this regard. If security is your main concern, stick with a passcode. If you want convenience, go ahead and use Face ID.