Here’s What Security Experts Think About The iPhone X’s New Face ID Feature

Likes

Posted on: September 12, 2017

Posted by:

Josh Edelson / AFP / Getty Images

Of the smorgasbord of features stuffed into Apple's new thousand-dollar iPhone X, one of the most intriguing is Face ID — a new feature that lets you unlock your iPhone with your face, after the system has learned your facial features using Apple’s first-ever neural engine. “How do you unlock your phone with iPhone X?” asked Phil Schiller, Apple’s senior vice president of worldwide marketing, onstage at today’s iPhone event. “In the iPhone X, your phone is locked — until you look at it, and it recognizes you. Nothing has ever been simpler, more natural, and effortless.”

Here’s how it works: Apple deploys various sensors working in tandem to recognize your face in an instant, using what it calls the TrueDepth camera system. First, a dot projector beams more than 30,000 invisible dots onto your face to build a face map, while a “flood illuminator” helps confirm your face with what little light is available, even in the dark. Then an infrared camera reads the dot pattern and sends this information over to the secure A11 Bionic chip embedded in the iPhone X to process and confirm that your face is a match. The whole system works only when you look directly at the camera without closing your eyes or angling your face away. With Face ID, Apple says, your face becomes your secure password.

Apple claims Face ID is more secure than the previously used Touch ID in old iPhones — which Schiller said had become, before today, the “gold standard in consumer device biometric protection” — and even said there is only a one in a million chance for a nefarious actor to fool the system and break into your phone. Face ID learns your face and who you are, and adapts to you even if you wear glasses or grow a beard, the company says. And it isn’t tricked by photographs.

But how secure is Face ID? Security professionals and AI experts say it’s hard to know this early on. Still, that “one in a million” statistic Apple brags about? “It’s meaningless,” Matthew Green, a John Hopkins University cryptographer, told BuzzFeed News. “The threat with Face ID is that someone with a picture of your face might be able to fool the camera. We leave pictures everywhere.”

The threat of this happening is very real, as reports recently circulated that mere photographs could fool the facial recognition security feature in another new top-shelf phone, the Samsung Galaxy Note 8. Apple seems to be positioning itself as more secure, given the additional “depth sensing” capabilities it says live inside the new iPhone X (which confirms that your face is indeed three-dimensional, and not a flat photograph). But without any independent testing of the iPhone X conducted as of yet, it’s impossible to know this for sure.

Meanwhile, Bruce Schneier, an internet security expert and chief technology officer at IBM’s cybersecurity arm, said Apple’s “one in a million” failure claim may well hold up — but that it doesn’t matter if people are still able to break into your phone. “That’s why [security] professionals don’t unlock phones that way,” Schneier wrote to BuzzFeed News in an email.

‘Better than a security guard sitting at a desk’

The problem, according to Chris Nicholson, the CEO and founder of a deep learning startup called Skymind, is that it isn’t immediately clear whether Face ID is more secure than the Apple’s biometric Touch ID. But that doesn’t mean it’s useless. “It does introduce another factor” when you talk about the two-factor authentication of accounts and devices, Nicholson said. Even if a bad actor managed to fake one of your identifying “factors,” or passwords, it’s less likely that actor could fake multiple ones.

As Nicholson explained, AI is getting very good at recognizing faces nowadays — and it’s entirely believable Apple is deploying state-of-the-art technology in its devices. “Facial AI and deep learning is at the heart of computer vision, and AI can recognize people better than even people can,” Nicholson said. “In a sense, it’s even better than having a security guard sitting at a desk.”

But as others point out, Face ID will never be totally secure. What if a cop stops you and points the phone at your face, one Twitter user asked, while they have you in handcuffs — then he or she proceeds to look at your phone without a warrant?

This doesn’t exactly tread new territory, as security analyst Will Strafach, pointed out. “If someone were willing to violate the law and threatened you not to look down or close your eyes, then at that point the same could occur as with Touch ID — your finger could be pressed onto the sensor,” he told BuzzFeed News. “If it’s true that Face ID has a much lower false positive rate than Touch ID, Apple could update its security white paper and independent researchers would be able to confirm this.”

The Privacy Tradeoff

Bolstering that idea of security is the additional detail that Apple says authentication happens instantly on your phone using its new A11 Bionic chip, and that your information (i.e., your face) is never sent to the cloud. In fact, Apple has a long history of aggressively positioning itself as a company that is more privacy- and security-minded than its competitors — and that it is less interested in collecting user data, because it sells devices, not advertising. (As it turns out, this is also great PR for Apple.)

“This reflects Apple’s commitment to privacy, and I respect that,” Nicholson told BuzzFeed News. At the same time, he warned that this hampers Apple from building more powerful AI: “Apple isn’t allowing the data from all the users of its phone to go to a central AI brain and make the AI smarter. That makes everyone feel nice and safe, but it means Apple’s AI isn’t learning as fast as, say, Google” — which puts Apple at a disadvantage as the AI race heats up among tech giants.

Still, whether or not Face ID does have improved security, it doesn’t guard against one-off flukes of the feature failing onstage, as happened during the event on Tuesday. Apple has until October 27, when the iPhone X pre-orders begin, to address the issue.

Source: New feed

Related Products to this Post

Related Posts

The best soda maker

Likes Posted on: November 20, 2017

The best GPS trackers for cats and dogs

Likes Posted on: November 19, 2017

Ben Heck's Xbox One X teardown

Likes Posted on: November 19, 2017

This week's tech titan 404s | Engadget Today

Likes Posted on: November 18, 2017

Digital democracy's steep decline

Likes Posted on: November 17, 2017

Google adds salaries to its job search tool

Likes Posted on: November 15, 2017

Toshiba sells its TV unit to Hisense

Likes Posted on: November 14, 2017

The Morning After: Monday, November 2017

Likes Posted on: November 13, 2017

VW considers making an electric Beetle

Likes Posted on: November 12, 2017

The best turkey fryer

Likes Posted on: November 10, 2017

Tesla's newest driving mode is 'chill'

Likes Posted on: November 10, 2017

The best humidifier

Likes Posted on: November 5, 2017

After Math: Xs and Os

Likes Posted on: November 5, 2017

Ben Heck's Hex game: Fun with soldering

Likes Posted on: November 5, 2017

Ask Engadget: Where should I put my router?

Likes Posted on: November 4, 2017

Take a peek inside the iPhone X

Likes Posted on: November 4, 2017

RCA's 4K Roku TVs start at $600

Likes Posted on: November 2, 2017

Xbox One X will support 1440p monitors

Likes Posted on: November 2, 2017

After Math: Everything is Awesome

Likes Posted on: October 29, 2017

Intel AI helped create a music video

Likes Posted on: October 29, 2017

Kinect: Seven years of strange experiments

Likes Posted on: October 28, 2017

Great, now there's 'responsible encryption'

Likes Posted on: October 27, 2017

Autoblog's 2017 Tokyo Motor Show roundup

Likes Posted on: October 26, 2017

For Microsoft, it's all about the cloud

Likes Posted on: October 26, 2017

How To Use The New Instagram "Superzoom"

Likes Posted on: October 26, 2017

Blizzard gives Battle.net a social makeover

Likes Posted on: October 24, 2017

The best DSLR for beginners

Likes Posted on: October 22, 2017

Ben Heck's oscilloscope throwdown

Likes Posted on: October 22, 2017

LG's OLED TVs now pack loss-free 3D audio

Likes Posted on: October 21, 2017

Fake iPhone X has a fake notch, obviously

Likes Posted on: October 20, 2017

Microsoft resurrects its most iconic mouse

Likes Posted on: October 17, 2017

Garmin Speak puts Amazon Alexa in your car

Likes Posted on: October 17, 2017

Google Photos Can Recognize Your Pets Now

Likes Posted on: October 16, 2017

The best 4K TV on a budget

Likes Posted on: October 15, 2017

After Math: Starting up, shutting down

Likes Posted on: October 8, 2017

AIM 🔴 AFK 4EVA

Likes Posted on: October 7, 2017