Apple Shares In-Depth Security Info on Face ID in New White Paper and Support Doc
Apple has already shared many details on the upcoming Face ID facial recognition feature in the iPhone X through its software engineering chief Craig Federighi, who did several interviews, but now the company has consolidated that information into a new support document and an in-depth security white paper released this morning. [PDF]
If you've been paying attention to Federighi's interviews and all of the Face ID coverage on sites like MacRumors, you may already be familiar with the content of the support document, but it does a good job addressing all common questions and concerns in a single spot.
It outlines the way Face ID works, the conditions in which it works - in the dark, with sunglasses, with hats, etc., and how it's set up, along with security information, including the conditions that will lead to Face ID being disabled:
- The device has just been turned on or restarted.
- The device hasn't been unlocked for more than 48 hours.
- The passcode hasn't been used to unlock the device in the last six and a half days and Face ID hasn't unlocked the device in the last 4 hours.
- The device has received a remote lock command.
- After five unsuccessful attempts to match a face.
- After initiating power off/Emergency SOS by pressing and holding either volume button and the side button simultaneously for 2 seconds.
Face ID, as Apple has said, adapts to changes in appearance, and the document gives a bit more info on that topic. If there is a major change in appearance, like the disappearance of a full beard or a significant haircut, Apple will require a passcode and then update the stored facial data accordingly once your identity is confirmed.
It also covers privacy, explaining that Face ID is just like Touch ID: protected by the Secure Enclave and handled all on-device, using years of established security protocols. Accessibility and safety are also topics Apple addresses.
In fact, developers do not need to update their Touch ID apps for those apps to work with Face ID because the systems are the same.
The TrueDepth camera system will not cause harm to eyes or skin, says Apple, and if damage is caused to the infrared emitters, the camera will be disabled. Apple warns that repairs will need to be conducted by Apple or an authorized service provider, which should not come as a surprise as the same applies to the Touch ID home button.
The white paper, meanwhile, explains in better detail exactly how the TrueDepth camera and the A11 Bionic processor in the iPhone X work together to accurately identify a face and avoid spoofing.
To counter both digital and physical spoofs, the TrueDepth camera randomizes the sequence of 2D images and depth map captures, and projects a device-specific random pattern. A portion of the A11 Bionic chip's neural engine--protected within the Secure Enclave--transforms this data into a mathematical representation and compares that representation to the enrolled facial data. This enrolled facial data is itself a mathematical representation of your face captured across a variety of poses.
Anyone who plans to buy an iPhone X and has questions about how the Face ID feature on the device works should take a look at both the support document and the white paper, as both together answer many questions on security and functionality.
Face ID will become available to the public starting on November 3, the official launch date for the iPhone X.
Top Rated Comments
There isn't a security system that can't be defeated by someone, in some way. It may require lots of money, being sneaky, getting the owner drunk or brute force but it can be done.
[doublepost=1506532063][/doublepost] Craig Federeghi’s interview with John Gruber. He said Touch ID was plan B and once they got Face ID working they stopped working on Touch ID.