Apple Face ID is Facing Growing Security Concerns

Thomas Wellburn
September 13, 2017

The Apple iPhone X has only been announced less than a day and already, people are starting to worry about the underlying Face ID technology on-board.

The uproar feels very familiar to what happened back in 2013, when Apple first announced Touch ID inside the iPhone 5S. There was big concerns over security back then, with crazy theories about people cutting off fingers and using them to unlock the device. Unsurprisingly, none of that actually happened.

The inclusion of Face ID on the Apple iPhone X feels a little different however as, on paper at least, the pretense for exploits seems much greater. Twitter users were quick to say how theft would be easier for criminals, with some saying that the handset could be flashed in front of your startled face and unlocked with minimal effort. Apple has stated that users eyes need to be open for Face ID to authorise the unlock but, unless you’re asleep at the time, it doesn’t really stand up as suitable security. Equally, if you’re somebody who happens to have a twin this will pose another problem, as Face ID will just presume you’re the same person. Fingerprints are the result of a phenotype characteristic, meaning they are susceptible to both genetic, body-wide and environmental factors. No such problem there. Apple has stated that the chances of someone having the same face as you is 1,000,000 to 1, while a fingerprint is 1,000 to 1. If that’s the case, why does border control and law enforcement still insist on using finger biometrics as it’s number two identification method behind DNA?

Facial scanning technology is nothing new. It’s been trialed on plenty of devices before the iPhone X with very mixed results. Samsung’s Iris scanning technology can be fooled with a simple photograph, HP tried it with webcams and screwed up massively when it couldn’t recognise black people, while Facebook auto-tag regularly messes up on a daily basis with people of colour. In fact, it’s this very issue of skin tone which has held the technology back so far. Unless you’re a white person, it’s going to give sub-par results. Apple has tried to overcome this by waiting for the competition to mess up and learning from their mistakes. There’s no doubt that with it’s incredible array of sensors and dot mapping technology, Face ID probably represents the most robust facial scanning technology to date… or does it?

For all the company’s who have made a disaster of their facial scanning technology, Microsoft was one such giant who actually did very well. The company uses a similar method to Apple, creating a 3D map of the users entire face. It works with different hairstyles, glasses, facial hair etc. and has a claimed false positive failure rate of just 0.001%. It also has the advantage of telling twins apart. Still, Windows Hello is not without it’s own faults. Microsoft states that in addition to a low false positive failure rate, it also has a 5% failure rate on detecting the correct face. For Apple Face ID to be successful, it really needs to get the perfect blend of speed versus security. For an relatively new technology to get this right will take some effort, although there’s no doubt that Apple is one of the company’s who could actually pull it off.

About the Author

Share this article