Apple Explains How Face ID's Security Features Set It Apart

Apple recently unveiled the iPhone X, a more premium (and more expensive) version of the iPhone 8 that boasts a few additional features, including a “FaceID” face authentication system meant to replace the fingerprint-based Touch ID. In a recent post and paper, Apple revealed more details about the feature's security, and how it may be better than previous (failed) attempts at doing face unlocking properly.

Face Unlocking: A History Of Failure

Face authentication technology has proven to be one of the most unreliable authentication methods, especially in the mobile industry. Almost every time Google or an Android OEM would launch (and re-launch) such a feature, the system was bypassed quickly, often in a matter of days and with something as simple as using a 2D photo of the phone’s owner.

Even one of Samsung’s latest flagship smartphones, the Galaxy S8, suffered from the same problem recently, despite the issue of 2D photos bypassing face authentication systems being known for years.

Research has also shown that systems using 3D profiles of someone’s face could also be bypassed, so it’s no surprise that many are skeptical about Apple’s new 3D Face ID system.

Face ID’s Security Features

Face ID brings a few new security features that should protect it against being easily bypassed, but ultimately it remains to be seen if it can withstand attacks from security researchers, malicious hackers, and law enforcement trying to access a phone without the owner’s permission.

One of the additional protections that many face unlocking systems don’t use is an infrared camera. This should make the system more secure because you can’t extract an infrared profile from someone’s photos. It should also eliminate some issues with trying to unlock the device in low-light environments.

Another one is creating a depth map of your face, using the “TrueDepth” camera, comprised of 30,000 data points. The system uses an algorithm only Apple knows, so presumably if anyone wants to spoof someone’s face, they’d first have to reverse engineer that algorithm.

The depth map and infrared image are then transformed into a mathematical representation that is compared to the originally enrolled facial data, every time the user unlocks the device. Both the original data and the later mathematical representations are encrypted with a key that’s stored in the Secure Enclave.

According to Apple, Face ID has a False Acceptance Rate (the probability that a random person will unlock the device) of 1:1,000,000 compared to “only” 1:50,000 for the fingerprint-based Touch ID. However, this doesn’t necessarily mean that Touch ID is 20x more secure than Touch ID. If someone wants to break into your phone, they may already have your online photos or a 3D profile from public surveillance cameras, so they will build their spoofed profile from that data, rather than from random pictures of people.

Face ID also uses machine learning to detect when someone tries to spoof the system, such as with a mask or some other 3D profile of your face that doesn’t have all the data the system requires to identify a real face.

Face ID is also attention-aware, which means that someone can’t unlock your device without you looking straight at the camera with the eyes open.

Additional Protections

To use Face ID, you must first set-up the iPhone’s passcode. The password is also required in the following situations:

The device has just been turned on or restarted.The device hasn’t been unlocked for more than 48 hours.The passcode hasn’t been used to unlock the device in the last six and a half days and Face ID hasn't unlocked the device in the last 4 hours.The device has received a remote lock command.After five unsuccessful attempts to match a face.After initiating power off/Emergency SOS by pressing and holding either volume button and the side button simultaneously for 2 seconds.

The last one specifically could be used before going through an airport’s security line or when stopped by cops, for example, if you fear that they may physically force you to unlock your device. Typically, password-protected devices are safer in courts  than devices locked via biometrics.

Additionally, if the phone is lost or stolen, you can remotely prevent anyone from trying to unlock the device using the “Lost Mode” provided by Apple’s Find My iPhone service. This should further guarantee that someone can’t bypass Face ID by stealing your phone and then trying to spoof your face (if the thief is able to bypass all the other protections in the first place).

The TrueDepth camera also comes with tamper-detection features. The Face ID system may be disabled for safety reasons if the tampering detection is activated.

Above And Beyond What’s Required

Face unlocking systems have had a poor track record, which may be why Apple seems to have gone above and beyond what is needed for such a system to function, to ensure that it can’t be bypassed. This can’t be said by the far too many manufacturers that continue to provide users with presumably safe face authentication systems that can then be disabled with a simple 2D photo of the device’s owner.

People interested in using face unlocking systems for their mobile devices should recognize that not all such systems are equal. In fact, most of them are not secure, unless their manufacturers also use additional hardware (such as infrared and depth cameras) and additional anti-spoofing algorithms and protections to ensure it’s all but impossible to bypass them. (Which is, of course, exactly what Apple has done with the iPhone X.)

In the meantime, simple front-facing cameras being used for face unlocking should probably be considered insecure, and you should stick to fingerprint authentication or PINs and passphrases.

Lucian Armasu
Lucian Armasu is a Contributing Writer for Tom's Hardware US. He covers software news and the issues surrounding privacy and security.
  • dark_lord69
    My phone won't unlock until I blink...
    Reply
  • vijer
    I owned an iPhone 3 and will never own another iPhone. Overpriced and locked in to what Apple thinks is good. No thanks.

    I do want to thank Apple for teaching the Chinese how to build phones. Good job exporting the jobs and technology to Asia.
    Reply
  • husker
    They are missing an obvious security flaw, in my opinion: I pick up or grab your phone and hold it up to your face and then run away. I now have your unlocked phone. Doing this same kind of thing with fingerprint identification would be much more difficult.
    Reply
  • linuxgeex
    Touch ID isn't 20x more secure than Touch ID. Who'd've thunk it?
    Reply
  • The Paladin
    so aside the face recognition.... its does everything the Samsung android S7 or S8 does, so why is it setting itself apart again.. Ah yes no warranty programs in case you drop and break your lense/glass, limited memory selection with no additions or insertion possible of additional sim card to expand it, still unable to simply drag and drop files unto phone or from phone to desktop without using apple application.

    I change a long time ago from IPhone 3 to Samsung series phone, I have an i7 for work which I hate so much I simply wall mounted it and I forward it to my Samsung phone, because I dont want my client to have my personal cell phone number. So much happier with my S8+

    Oh yeah I have eye retinal recognition on my S8+ so that is even more secure than face recognition anyways.
    Reply
  • Finstar
    The only reason Face ID even exists is because Apple couldn't build Touch ID into the screen.
    Reply
  • elho_cid
    Hey Microsoft, Apple copied another your smartphone innovation and calls themselves the market leader.
    Reply