FaceID: Can Apple safely replace the fingerprint sensor?
Apple's new technology is capable of recognising a user's face and unlock their iPhone as well as confirm payments.
Apple has always been known for taking brave decisions with its devices, whether it is bringing new technology to the table or eliminating features that every smartphone user is used to. The company continued the trend with the advent of its super flagship, the iPhone X, where Apple choose to omit the signature circular Home button and the TouchID. The feature has now been replaced by a facial recognition feature called FaceID.
The new feature has already raised concerns over the phone's security. But before we head there, let's know more about the FaceID first. Apple's new technology is capable of recognising a user's face and unlock their iPhone as well as confirm payments by comparing the face and a picture saved in the memory of the phone. Apple has incorporated a special True Depth camera for this operation. Besides, there is the usual front snapper, an infrared camera, flood illuminator, and dot projector, which maps a user's face and take 3D images that are further used for authentication. Apple has also tucked in a special compressor that support machine learning allowing the system to adapt with the user.
Now that we are aware how the FaceID works, let's see how it is different from other conventional facial recognition techniques. Most importantly, the FaceID doesn't get fooled by photos unlike what we saw on Samsung's Galaxy S8 or LG's G6. The reason FaceID doesn't unlock is because the pictures don't have a 3D map of infrared dots on them. Apple also claims to have tested FaceID with identical masks but the technology still managed to pick the difference. Apple's Phil Schiller claims that the odds of unlocking the FaceID from someone else' face is one-in-a-million.
It is known that the True Depth camera doesn't have an iris scanner which means it relies on some data about the user's eyes and hence cannot be fooled by lifelike masks of the user. Apple also made sure that no one can steal your face data. The images taken by the FaceID are saved in encrypted memory of Apple's co-processor called the Secure Enclave. The data stored in the Secure Enclave is never sent online or to Apple's servers. Also no apps get access to the co-processor assuring the safety of user's authentication.
However, a researcher found a vulnerability in Apple's Secure Enclave where a decryption key was able to unlock Apple iOS’ Secure Enclave Processor (SEP) firmware. Apple confirmed the key as legitimate and said that it wouldn't affect the user data. No matter how efficient Apple has made its FaceID, it's certain that we might see more of these security issues coming into light. Fortunately Apple didn't eliminate the traditional six-digit pin. Although it might not sound futuristic but at least it doesn't leak your biometric data to hackers.