Previewed at WWDC, launching in the fall.
Apple Shares In-Depth Security Info on Face ID in New White Paper and Support Doc
Apple has already shared many details on the upcoming Face ID facial recognition feature in the iPhone X through its software engineering chief Craig Federighi, who did several interviews, but now the company has consolidated that information into a new support document and an in-depth security white paper released this morning. [PDF]
If you've been paying attention to Federighi's interviews and all of the Face ID coverage on sites like MacRumors, you may already be familiar with the content of the support document, but it does a good job addressing all common questions and concerns in a single spot.
It outlines the way Face ID works, the conditions in which it works - in the dark, with sunglasses, with hats, etc., and how it's set up, along with security information, including the conditions that will lead to Face ID being disabled:
- The device has just been turned on or restarted.
- The device hasn't been unlocked for more than 48 hours.
- The passcode hasn't been used to unlock the device in the last six and a half days and Face ID hasn't unlocked the device in the last 4 hours.
- The device has received a remote lock command.
- After five unsuccessful attempts to match a face.
- After initiating power off/Emergency SOS by pressing and holding either volume button and the side button simultaneously for 2 seconds.
Face ID, as Apple has said, adapts to changes in appearance, and the document gives a bit more info on that topic. If there is a major change in appearance, like the disappearance of a full beard or a significant haircut, Apple will require a passcode and then update the stored facial data accordingly once your identity is confirmed.
It also covers privacy, explaining that Face ID is just like Touch ID: protected by the Secure Enclave and handled all on-device, using years of established security protocols. Accessibility and safety are also topics Apple addresses.
In fact, developers do not need to update their Touch ID apps for those apps to work with Face ID because the systems are the same.
The TrueDepth camera system will not cause harm to eyes or skin, says Apple, and if damage is caused to the infrared emitters, the camera will be disabled. Apple warns that repairs will need to be conducted by Apple or an authorized service provider, which should not come as a surprise as the same applies to the Touch ID home button.
The white paper, meanwhile, explains in better detail exactly how the TrueDepth camera and the A11 Bionic processor in the iPhone X work together to accurately identify a face and avoid spoofing.
Face ID will become available to the public starting on November 3, the official launch date for the iPhone X.
If you've been paying attention to Federighi's interviews and all of the Face ID coverage on sites like MacRumors, you may already be familiar with the content of the support document, but it does a good job addressing all common questions and concerns in a single spot.
It outlines the way Face ID works, the conditions in which it works - in the dark, with sunglasses, with hats, etc., and how it's set up, along with security information, including the conditions that will lead to Face ID being disabled:
- The device has just been turned on or restarted.
- The device hasn't been unlocked for more than 48 hours.
- The passcode hasn't been used to unlock the device in the last six and a half days and Face ID hasn't unlocked the device in the last 4 hours.
- The device has received a remote lock command.
- After five unsuccessful attempts to match a face.
- After initiating power off/Emergency SOS by pressing and holding either volume button and the side button simultaneously for 2 seconds.
Face ID, as Apple has said, adapts to changes in appearance, and the document gives a bit more info on that topic. If there is a major change in appearance, like the disappearance of a full beard or a significant haircut, Apple will require a passcode and then update the stored facial data accordingly once your identity is confirmed.
It also covers privacy, explaining that Face ID is just like Touch ID: protected by the Secure Enclave and handled all on-device, using years of established security protocols. Accessibility and safety are also topics Apple addresses.
In fact, developers do not need to update their Touch ID apps for those apps to work with Face ID because the systems are the same.
The TrueDepth camera system will not cause harm to eyes or skin, says Apple, and if damage is caused to the infrared emitters, the camera will be disabled. Apple warns that repairs will need to be conducted by Apple or an authorized service provider, which should not come as a surprise as the same applies to the Touch ID home button.
The white paper, meanwhile, explains in better detail exactly how the TrueDepth camera and the A11 Bionic processor in the iPhone X work together to accurately identify a face and avoid spoofing.
To counter both digital and physical spoofs, the TrueDepth camera randomizes the sequence of 2D images and depth map captures, and projects a device-specific random pattern. A portion of the A11 Bionic chip's neural engine--protected within the Secure Enclave--transforms this data into a mathematical representation and compares that representation to the enrolled facial data. This enrolled facial data is itself a mathematical representation of your face captured across a variety of poses.Anyone who plans to buy an iPhone X and has questions about how the Face ID feature on the device works should take a look at both the support document and the white paper, as both together answer many questions on security and functionality.
Face ID will become available to the public starting on November 3, the official launch date for the iPhone X.
Related Roundup: iPhone X
Tag: Face ID
Buyer's Guide: iPhone X (Caution)
[ 102 comments ]
Top Rated Comments
(View all)
12 months ago
It also fails if youre Craig during a keynote.
Face ID never failed during the event. It did exactly what it was supposed to do, and revert to a passcode option because others handled the iPhone before Craig did, which locked him out. The only thing that failed was the actual demo to the audience, not Face ID itself.
12 months ago
What if someone takes my phone, ask me to look up? Now do I have to quickly cover my face so that my phone doesn't end up unlocked?
What if you're sleeping and they take your iPhone 6, 6s or 7 and unlock it by holding your thumb on Touch ID? What if they have hi res cameras in the room and just watch what password you enter when you start the phone? Or what if they take your phone, point a weapon at you and demand you tell them your password, so you can't trigger the emergency lock or auto 911?
There isn't a security system that can't be defeated by someone, in some way. It may require lots of money, being sneaky, getting the owner drunk or brute force but it can be done.
12 months ago
That is all interesting and stuff, but why remove the TouchId option? :(
Why do you need two options? Seems confusing and more expensive for what gain?[doublepost=1506532063][/doublepost]
Reference?
Craig Federeghi’s interview with John Gruber. He said Touch ID was plan B and once they got Face ID working they stopped working on Touch ID.
12 months ago
Yeah it did. He looked at it, it failed. He turned the screen off and on again to reset the try and then it failed again and asked for the code as per spec on the second fail.
Wrong. Federighi himself confirmed exactly what happened, which was reiterated during the Keynote.
http://www.businessinsider.com/face-id-on-the-iphone-x-did-not-actually-fail-to-recognise-craig-federighi-during-apples-presentation-2017-9
12 months ago
Hopefully this will resolve some of the confusion, and incorrect information being spread about their technology. Listened into a few podcasts and read some articles that appeared to be conflicting / unclear.
12 months ago
That is all interesting and stuff, but why remove the TouchId option? :(
It's an unnecessary extra cost that also takes valuable space inside the phone.
12 months ago
It sounds like you’ll have to put the password in a lot. I hate doing that.
i'm pretty sure touchID has the same conditions.
12 months ago
There are a couple of edge cases that aren't addressed here: the first is currently multiple people can register their fingers and unlock the phone but FaceID will it register a single face
The second is connected somewhat and that is if it automatically updates the face details, what happens if someone other than the owner unlocks the phone with a PIN while looking at the phone - will it update to use their face for recognition?
This would potentially be an issue for me as I know my wife's passcode and she knows mine in case we need to access the other's phone (for example, if I'm driving and an important email comes through she will read it to me and reply if necessary)
As I said, they are edge cases but I'd like to know how they would be handled
The second is connected somewhat and that is if it automatically updates the face details, what happens if someone other than the owner unlocks the phone with a PIN while looking at the phone - will it update to use their face for recognition?
This would potentially be an issue for me as I know my wife's passcode and she knows mine in case we need to access the other's phone (for example, if I'm driving and an important email comes through she will read it to me and reply if necessary)
As I said, they are edge cases but I'd like to know how they would be handled
12 months ago
Wrong. It failed.
It failed. People have dissected the video with a lot of scrutiny, you can see that it tries to read his face twice and fails. Did you really think Apple would come out and admit it?
This is what your original quote quoted:
"It also fails if youre Craig during a keynote."
Which is an accurate in itself, because it didn't fail on Craig, The actual demo did. They're two different things that you and others are conflating. It reverted back to passcode exactly as it intended to, regardless if It didn't go accordingly. But that doesn't mean Face ID failed, wouldn't allow him access because of the prior attempts. That's not a fail, that's called a fail safe.
[ Read All Comments ]
Dutch media is reporting that an Apple Store at Leidseplein in Amsterdam was briefly evacuated today, likely after an iPad battery overheated.
Image Credit: AS Media
At 2:20 p.m. local time on...
Facebook is contesting a demand from the U.S. government that it break the encryption of its popular Messenger app so that law enforcement can listen in to a suspect's conversations as part of an...
Child actress Brooklynn Prince has been cast in the lead role of Apple's upcoming drama series that's based on the life of young journalist Hilde Lysiak, reports Deadline.
Eight-year-old...
Netflix is testing a new feature that adds video promos in between episodes of TV shows, Netflix confirmed to TechCrunch this afternoon.
The promos Netflix is showing to some users include...
Logitech often works with Apple to introduce new accessories for Apple devices, and in early August, Logitech announced its latest product designed in collaboration with Apple, the new POWERED...
For this week's giveaway, we've teamed up with Choetech to offer MacRumors readers a chance to win a 7.5W Wireless Car Charging Mount that can be used to charge an iPhone X, iPhone 8, or...
The developers of the Transit app this week announced the expansion of real-time crowdsourced data for buses, trains, streetcars, ferries, and so forth to 175 cities across the United States, Canada,...
In a new interview today with The Los Angeles Times, Beats 1 host Zane Lowe discussed a few topics related to Apple Music's daily streaming radio show, including the company's rivals. Without...
