Apple’s facial recognition aka FaceID has spurred a number of discussions about the privacy trade-offs in the iPhone X.
Experts Weigh Pros, Cons of FaceID Authentication in iPhone X | Dark Reading – One concern about FaceID is in its current implementation, only one face can be used per device, says Pepijn Bruienne, senior R&D engineer at Duo Security. TouchID lets users register up to five fingerprints. If a third party obtains a user’s fingerprint and reproduces it, and the user is aware, they could register a different unique fingerprint.
Can Cops Force You to Unlock Your Phone With Your Face? | The Atlantic – Even if Face ID is advanced enough to keep pranksters out, many wondered Tuesday if it would actually make it easier for police to get in. Could officers force someone they’ve arrested to look into their phone to unlock it?
How Secure Is The iPhone X’s FaceID? Here’s What We Know | Wired – Marc Rogers, a security researcher at Cloudflare who was one of the first to demonstrate spoofing a fake fingerprint to defeat TouchID. Rogers says he has no doubt that he—or at least someone—will crack FaceID. In an interview ahead of Apple’s FaceID announcement, Rogers suggested that 3-D printing a target victim’s head and showing it to their phone might be all it takes. “The moment someone can reproduce your face in a way that can be played back to the computer, you’ve got a problem,” Roger says. “I’d love to start by 3-D-printing my own head and seeing if I can use that to unlock it.”
Secondly, it will only be a matter of time before criminals either work out how to do it themselves, or co-opt mobile carrier staff. Two factor authentication that depends on SMS is already compromised. This allows it to be compromised and undetectable.
The Apple Watch 3 may have royally screwed us all.