Tuesday, Apple debuted an advanced facial-recognition phone unlocking feature for its new iPhone X, known as “Face ID.” It will allow users to unlock their phones using their faces, replacing its fingerprint unlocking. Apple touted the feature as a glorious innovation, a step toward ever-increasing convenience, high technology making daily life even more frictionless. But dare I ask: What was wrong with the passcode? And who really benefits from widespread use of facial-recognition unlocking?
If facial-recognition unlocking corrected an inconvenience plaguing iPhone users, its value would be evident. But this is not technology that fixes a problem. It’s not hard to enter a passcode. At most, it’s a three-second hassle. Novelty is often treated as an ipso facto virtue in Silicon Valley—shiny for shiny’s sake. This is the first time that Apple will offer a facial-recognition-unlocking feature, so the company is promoting it as a thrilling breakthrough. However, it’s only a “breakthrough” in the irksome Apple sense of the term (the company adding its own flourish to existing technology and passing it off as new). Nokia offered a facial-recognition unlocking app way back in 2010, and various Android handsets have also offered similar features for years.
That doesn’t mean facial-recognition unlocking doesn’t have to be more convenient or entirely new to be useful. If it was demonstrably more secure than a passcode, it would be worthwhile. Other companies’ track records for the tech is mixed. Earlier this year, Samsung’s Galaxy Note 8 debuted a revamped facial-recognition phone unlocking feature called Face Unlock. It comes with a caveat: “Face recognition is less secure than pattern, PIN, or password,” Samsung notes on its website. This weakness was highlighted by a reviewer who unlocked the phone using a photograph. Microsoft, meanwhile, has fared better with its own facial-recognition unlock on its Windows 10 computers. The company claims that its false-positive rate is just 0.001 percent.
Presenting the new feature, Apple exec Craig Federighi claimed that the company collaborated with top Hollywood mask makers to ensure that people can’t trick Face ID, and that people who use the feature will have a 1 in a million chance of a false positive (or 0.0001 percent). But he also noted that people with family members who look similar might have a higher chance of a false positive. Federighi warned audience members to use a passcode if they had a twin.
The twin comment belies something crucial: even if it far surpasses competitors’ accuracy, Apple’s Face ID unlock will still be less secure than a passcode. Imagine you get mugged. What’s easier for the mugger: holding the phone up to your face for a few seconds to unlock it, or convincing you to give up your passcode?
“If consumers do passcodes correctly, they can be very, very secure,”
Electronic Frontier Foundation senior staff attorney Adam Schwartz told me over the phone. “We think that a strong password is a safer way to secure your information compared to a biometric.” Often, the passcodes people choose are weak—“1234” or “password” or their own birthday. But choosing a random six-digit passcode does offer ample security, especially since phones allow only a fixed number of guesses for would-be intruders.
Schwartz noted that there have already been cases in which researchers developed ways to record and then mimic thumbprints to thwart Touch ID, allowing them to trick the feature into unlocking the phone without the owner. While he hasn’t heard of this sort of loophole for facial-unlocking features, he sees it as likely. “If past is prologue, someone is going to start working on that, if they aren’t already,” he said.
What’s more, biometric unlocking devices in general pose a unique threat to people who find themselves in trouble with law enforcement. Even if you are not suspected of a crime, law enforcement officials can ask for the passcode to your phone. It is within your Fifth Amendment rights to refuse to give up your passcode to prevent self-incrimination. (There is legal precedent that argues that passcodes are not protected, however.) Many legal experts have laid out the case for fingerprint unlocking to count as speech, but judges have not always interpreted the law in the same way. While citizens have been compelled by warrant to unlock phones with their fingers, Apple prides itself on offering consumers protections against government and law enforcement surveillance. When the FBI attempted to force the company to create a software workaround to access the contents of the iPhone belonging to one of the San Bernardino shooters in 2016, the company famously refused. And iOS 11 is expected to come with enhanced security features, making it harder for people—whether they are cops or thieves—to extract data without the phone’s passcode. And yet, despite Apple’s public devotion to privacy protection, facial unlocking will be a liability compared to a passcode. Unless, of course, you’re a police officer looking to search a phone without getting a warrant, as pointing it briefly at a suspect’s face will do the trick.
Federighi emphasized that the detailed biometric data points that Face ID will use to identify individuals will stay local, stored on the phone and not remotely. That’s good news for people who decide to use the feature, as it will create an intricately detailed blueprint of their face—not exactly the type of thing you’d want vulnerable to hackers. But the presentation left lingering concerns over how the data will be safeguarded. Federighi also said that Face ID will work with third-party apps, but didn’t elaborate on how much access these apps will have to the biometric data.
The idea that a perfectly functional feature needs to be improved and updated is propelled purely by the desire to appear creative, for a hook to convince consumers that the new thing is the necessary thing, and nothing more. As a complement to an effective passcode, Face ID could possibly be a small improvement, assuming that Apple locks down the biometric information securely. “What we really like is two-factor authentication. So if there’s a way to have it be your password and your thumbprint or your face, two is better than one,” Schwartz said. In other words, the most effective possible use-case for facial unlocking is an added layer of security. The most important takeaway remains: The tried-and-true passcode is still your most secure option.