Face ID is one of the two signature features of the iPhone X, with the other one being the all-screen design. The device’s new facial recognition feature is powered by a miniaturized Kinect camera and sensor setup, and should be able to perform the same features as Touch ID. In fact, Apple says it’s an even more secure than the fingerprint reader. On the other hand, the TrueDepth camera is also the component that’s currently holding up iPhone X production, but hopefully it’s worth the wait.
If you still have questions about how Face ID will work compared to Touch ID, then you should know Apple just revealed all its secrets.
Apple explains Face ID Security in a white paper that you should read if you’re concerned about the security of your private data. In what follows, we’ll touch on the highlights from Apple’s document.
How does Face ID scan your face?
The TrueDepth camera projects 30,000 infrared dots to form a depth map of the face along a 2D infrared image. The data is used to create a sequence of 2D images and depth maps which are digitally signed and sent to the Secure Enclave, the same element that also safeguards Touch ID fingerprint data.
The system will rescan your face and update the information every time it considers it necessary to do so without prompting the user, likely when certain facial changes are determined as worthy of a data upgrade.
The system works in all lighting conditions, regardless of whether you’re outdoors or indoors.
Does Face ID let Apple keep any of your pictures?
Face ID doesn’t actually store pictures of you on the iPhone in the Secure Enclave. Instead, the data is turned into a mathematical representation and the images are deleted immediately. For each login, a math representation is compared to the one that’s stored in the Secure Enclave.
The only time pictures will be sent to Apple is when you choose to run Face ID diagnostics to solve a problem. The process isn’t automatic. You have to enroll in it, and then approve which images should be sent to Apple’s team along with other diagnostic data.
Here’s what Face ID data the Secure Enclave will always keep:
- The infrared images of your face captured during enrollment.
- The mathematical representations of your face calculated during enrollment.
- The mathematical representations of your face calculated during some unlock attempts if Face ID deems them useful to augment future matching.
How fast is Face ID?
Apple says Face ID will help you use a more complex password on the iPhone X without having to worry about typing too often. “Face ID doesn’t replace your passcode, but provides easy access to iPhone X within thoughtful boundaries and time constraints,” Apple says, which implies that Face ID functionality should be at least as fast as Touch ID.
What about encryption?
Yes, Face ID will encrypt your phone, just like Touch ID and regular passwords.
When won’t Face ID unlock the iPhone X?
For security reasons, Apple implemented several failsafe mechanisms in Face ID — and Touch ID. That’s why Craig Federighi’s demo failed on stage on the first device he tried it on. Here are all the instances where a Face ID unlock will not work:
- The device has just been turned on or restarted.
- The device hasn’t been unlocked for more than 48 hours.
- The passcode hasn’t been used to unlock the device in the last 156 hours (six and a half days), and Face ID has not unlocked the device in the last 4 hours.
- The device has received a remote lock command.
- After five unsuccessful attempts to match a face.
- After initiating power off/Emergency SOS by pressing and holding either volume button and the side button simultaneously for 2 seconds.
Does Face ID work in apps?
Face ID will work everywhere Touch ID is currently used. You will be able to unlock your device and portions of apps, and you can use it to authenticate secure transactions. The process might be even faster than Touch ID, since you won’t have to do anything else. You’re already looking at the device if you’re using an app, so it’ll just notify you that authentication was successful.
What about Apple Pay?
Apple already explained on stage that Apple Pay works with Face ID. In stores, you have to double-click the side button to authenticate before placing the phone near the contactless payment reader. You can then confirm the preferred payment method before you make the payment. So if you decide to switch cards, you’ll have to Face ID once again.
If you enable the feature for online use, you’ll have to double-click the button to confirm intent and then you have 30 seconds to authenticate the transaction using Face ID. In most cases, it’ll probably be instant.
Face ID can be used to approve store purchases in iTunes Store, App Store, and iBook Store as well.
Can someone take your phone and unlock it using your face?
The white paper doesn’t address this question directly. If you’re thinking about someone using a picture, then the answer is no, because 2D images won’t work.
The paper does say that the probability of a random person in the world being able to unlock your phone with their face is 1 in 1,000,000, which makes Face ID significantly more secure than Touch ID (1 in 50,000). The likelihood of a false match grows for twins and children under 13, Apple says. That probably means a twin will be able to unlock the other twin’s iPhone.
On the other hand, if someone takes the phone away from you and points it to your face, there’s a chance it’ll unlock unless a second failsafe is enabled: attention. The attention feature requires you to look at your phone in order to unlock it, which means your significant other can’t point the phone at your face while you’re asleep to read all your chats. That’s why it’s advisable to have Face ID check your eyes for attention, though you can choose to disable the feature to speed up unlocks.
Also of note, you can disable Face ID at anytime by holding the power button and volume button simultaneously. It’ll require some quick thinking on the user’s part, but it’ll prevent authorities or anyone else from forcibly unlocking an iPhone with Face ID.