IPhone X Face ID spills secrets as Apple talks security

IPhone X Face ID spills secrets as Apple talks security

The paper answers a handful of the most pressing privacy and security related questions that people have had in the weeks following the iPhone X reveal.

The paper notes that the probability that a random person could unlock your iPhone using Face ID is about one in a million. Now, police could try to force you to open your eyes and look at the iPhone. It also cops to the reality that the tech-powering Face ID may not be as all-powerful as Apple first suggested. Those images, the representations they're used to generate, and "mathematical representations of your face calculated during some unlock attempts if Face ID deems them useful to augment future matching" are saved locally, in the Secure Enclave on the iPhone X. According to Apple, "these augmentation processes allow Face ID to keep up with dramatic changes in your facial hair or makeup use, while minimizing false acceptance". In a white paper released today, Apple assures that the "facial matching is performed within the secure enclave using neural networks trained specifically for that objective", which means data never leaves the user data.

Meanwhile, some privacy activists will be assuaged with Apple's decision to bar third party developers from using Face ID to identify individuals other than consenting, authorized users in its official guidelines.

So how anxious should we be about Apple's Face ID?

Phil Schiller, Apple's senior vice president of worldwide marketing, announces features of the new iPhone X, including Face ID, at the Steve Jobs Theater on the new Apple campus, in Cupertino, Calif on September 12.

Take, for example, Apple Senior VP Phil Schiller's statement that Face ID may not be able to distinguish between twins.

Facial recognition information is stored in the same Secure Enclave that fingerprint data is stored. If the model is good enough, it may keep using it for an unspecified "finite number of additional unlocks before that data is discarded".

"At Apple, we believe privacy is a fundamental human right", the site says.

Security researchers worry that Apple's assurances on the security of its features make users overconfident that no one can access their personal data.

The only time your images can leave the phone is when you call Apple's support service, AppleCare. This went against earlier rumors that suggested that Apple would be trying to implement an under screen fingerprint sensor, but instead it seems like Apple chose to do away with Touch ID completely.