Apple Inc. recently announced the new iPhone X, and one of the features that have taken the internet by storm is the replacement of iTouch with Face ID, a facial recognition system to unlock the phone.
While using facial recognition to unlock the phone can be convenient, it also raises many privacy and security concerns.
How Face ID works
Although facial recognition has been around for a while, Face ID takes a new approach known as feature-based recognition.
Face ID starts with a picture and uses the TrueDepth array to project 30,000 infrared dots onto your face. This image and dot pattern is then processed by artificial neural networks to create a 3-D facial scan. This process is repeated each time you look at your phone, which improves the 3-D map over time.
Face ID then converts this 3-D map into a mathematical representation of your face, which in turn is represented by a hash. Every user of Face ID will have a unique hash representing their facial map.
These data are stored in a chip called "Secure Enclave," and they are segmented from other data. At no time will facial recognition data be transferred to Apple or any central database of any kind.
Normalizing facial recognition
While facial recognition is nothing new or groundbreaking, Apple is exceptionally skilled at normalizing fringe technologies and changing customer expectations. If Apple is successful at integrating Face ID into iPhone users' everyday lives, consumers will be more open to accepting facial recognition in other devices.
As customers' expectations change, manufactures and software developers will begin to use facial recognition in their products. While Apple has strict security and data segmentation policies in regard to the facial recognition data, other companies may not utilize such robust security practices.
In the end, as facial recognition becomes more common, consumers will accept other implementations of facial recognition. Some of these implementations may place consumers' security and privacy at risk through questionable practices.
Data and software security
Apple protects biometric data by storing them the Secure Enclave, segmented from other data in the device. No facial recognition data are transmitted to Apple or any other database at any time.
While this is a seemingly secure environment, any IT professional will be quick to remind you that there is no such thing as a totally secure system. A system can only be secure enough, and it is inevitable that vulnerabilities in Secure Enclave will come to light sooner or later.
In fact, a hacker known as "Xerub" has recently claimed to have published the decryption key for the firmware of Apple's Secure Enclave Processor (SEP). Although this claim has not been substatiated, such a key would allow anyone to decrypt and look at the software that controls the SEP. While this particular hack would not place user information at risk, it does illustrate the fact that any software, including SEP, is vulnerable to attacks. It also potentially exposes the Secure Enclave to both attackers and researchers, who can now examine the code for vulnerabilities.
Third-party applications do not have access to face scans stored in the Secure Enclave; however, Apple has opened up the functions of Face ID to other applications. Developers will undoubtedly come up with new, creative uses for Face ID's functionalities, some of which apps may have shaky privacy policies.
For example, Carnegie Melon researchers have shown that facial recognition software could be paired with social media and social networking to identify people and their interests in public. Software that applies facial recognition in this way could be used for government surveillance, advertising, and even personal surveillance.
Your face is your most exposed set of biometrics, and the ability to identify instantly not only people but their interests and habits provides potential for all sorts of questionable surveillance and advertising techniques.
Law enforcement access and constitutional protections
First and foremost, in order to gain access to your device by any means, law enforcement officers must obtain a warrant.
Passwords and pin codes used to protect a device are considered "testimony" and are thus protected by the Fifth Amendment's right against self-incriminating testimony.
A 2014 court case in Virginia, on the other hand, declared that providing a fingerprint to unlock a device was not testimony and was therefore not protected by the Fifth Amendment. As fingerprints and facial recognition utilize biometric data, it follows that facial recognition is also non-testimonial and thus not protected by the Fifth Amendment.
While police and other law enforcement organizations cannot force you to provide a password or pin number to gain access to your device, they could theoretically force you to provide biometric data such as fingerprints or face-prints.
Laws concerning biometric data and the Fifth Amendment are still relatively new and far from cut and dried. Some legal opinions still hold that Fifth Amendment rights apply no matter the method used to protect the device while others, such as the judge in the case in Virginia, claim that only passwords or pin codes are protected.
Only time will tell how Fifth Amendment protections will apply to biometric data. As it stands, however, passwords and pin codes appear to be protected under the Fifth Amendment while biometric data are not.
In order for Face ID to wake up the phone, some of the sensors powering Face ID must be always on.
Apple has yet to release information on what data will be constantly collected and how the information will be treated and stored. Currently, we have no idea what data these sensors log or even whether or not they store face data for people who are not users of the phone.
Whether or not third-party applications are allowed to access these always-on sensors is unclear as well. Will Facebook and Google be able to gather data from the iPhone X's camera and sensor array? The thought of companies that rely on advertising revenue may have access to cameras or visual sensors that never turn off on a device that almost never leaves your person is unsettling to say the least.
Many of these questions remain unanswered, and, hopefully, as we get closer to October 27th, the release date for the iPhone X, Apple will provide more information and address privacy and security issues about Face ID. Until these concerns have been addressed, however, I personally will continue to use a password to protect my device.