Perhaps the most remarkable feature of the upcoming iPhone X revealed at Apple’s product launch Tuesday is its Face ID system. To unlock their phone, a user will just look at the screen, have the iPhone recognize them as the owner, and away they go.
It’s a big leap for the iPhone, one that makes the Touch ID fingerprint recognition system look quaint by comparison. And with any system as bold as this, the obvious question is one of security: Has Apple taken all necessary precautions to keep people from faking their way into others’ phones, and to prevent people from being made to unlock their phones against their will?
“There’s no perfect system,” said Phil Schiller, Apple’s senior vice president of worldwide marketing, during the presentation. Indeed, unforeseen problems and unintended consequences are inevitable, and we will really only know how well the Face ID system works once iPhone X users start showing their faces. But Schiller outlined enough safeguards during the presentation to suggest Apple isn’t being cavalier about this.
Face ID works by projecting 30,000 invisible dots on the user, using the resulting infrared image and neural networks inside the iPhone to create a mathematical model of their face. The phone then checks that model against the saved rendering, only unlocking the phone if there’s a match. The iPhone X’s neural engine can perform 600 billion calculations per second to help ensure there’s no mistaken association between the two images.
“Face ID can’t be spoofed,” said Schiller. “The team has worked hard to protect your face data.”
He noted Apple had worked with professional make-makers and makeup artists to field-test Face ID against counterfeit versions of people’s faces. The model of a user’s face is only stored locally, with the entire analysis taking place within the phone’s neural engine.
The system is designed to learn your face and update its model as your appearance changes. Schiller specifically mentioned Face ID would still work if a person changed their hairstyle, put on glasses or a hat, or grew a beard. He didn’t specifically address the question of how Face ID might respond to trans iPhone users should they take steps to change their facial appearance.
For those worried about Face ID being used to unlock a user’s phone against their will, Schiller did mention that the system is designed to respond only if a person is actively paying attention. If the user’s eyes are closed or they are looking away, the phone won’t unlock. Sufficiently motivated parties — whether they are law enforcement or otherwise — could likely still find ways to force users to look at the system in a way that would trigger the unlock, but that at least indicates a key safeguard.
Schiller compared Face ID’s false positive rate with that of the Touch ID. For the latter, there’s a one in 50,000 chance that someone could use their fingerprint to unlock your phone. Face ID has considerably longer odds.
“The chance that a random person in the population could look at your iPhone X and unlock it with their face is about one in a million,” he said. “Now, of course, the statistics are lower if that person shares a close genetic relationship with you. If you happen to have an evil twin, you really need to protect your data with a passcode.”
Accompanied by an image of the goateed Mr. Spock from Star Trek’s mirror universe episode, this line drew a laugh from the crowd, but it does speak to one area where Touch ID has the advantage over Face ID. Identical twins will generally have faces that are, well, identical, but their fingerprints actually aren’t the same.
For everyone else, iPhone X’s Face ID could prove just as secure as advertised. As ever, it’s hard to predict how well a system will work until people actually start using it.
The iPhone X launches November 3, starting at $999.