The iPhone X is already here and there are many new features it brings. One of the most talked about addition to the iPhone X, however is its new biometric verification process that maps the face of the user and uses it as the secure password to unlock the phone, or Face ID as we call it.
While it has been doing the rounds in social media and we have been finding this a cool gimmick there is so much that happens underneath the hood with the Face ID that makes it one of the most robust authentication processes included on a smartphone. Very often it has been compared with the Face unlock feature found on many smartphones. But Face ID is a lot different from them all. And it is the first of its kind to use TrueDepth camera to create a map of the face to identify the user’s face without errors. According to Apple, Face ID is nearly twice as secure as the TouchID which is found in the predecessors. The chances of errors and false identifications in Touch ID is 1 in 50,000 but that in Face ID is said to be 1 in 1,000,000.
The Face ID comes not as an iOS feature but as an iPhone X feature as this is currently the only phone with the hardware that supports this authentication. And the best part about Face ID is that it still works even in poor lighting conditions. This has been trained so as to accurately compare the captured data with the data used for training and rule out any chances of physical spoofing. The Face ID also works only if the eyes are looking at the phone. So if the phone is held in front of the user when he is sleeping or when the user is not directly focusing his attention on the phone the unlock doesn’t happen.
What happens when you configure Face ID?
Much like setting the passcode you would have to first set the Face ID feature on. You would have to train the iPhone to read your face much like you configure the Touch ID for the first time. You would be redirected to a screen where your face would appear in the center of a green circle and you would be asked to move your face around in circles so that the iPhone can continuously capture more than 30,000 points on your face to create a depth map.
The facial features are all mapped by capturing a 2D IR image of the face and the depth map and this data is then converted into a mathematical representation and stored in the phone. This data is secure. And unlike the most common misconception Apple doesn’t gather this data. This data is not uploaded to the cloud and cannot be accessed by any of the apps that have access to use the Face ID feature, like those apps where the Face ID can be used for authentication of the payment and purchase. The data is continuously updated to keep it more relevant. In those cases where minor changes are observed in the facial features like the presence or absence of a beard or a new haricut etc, the new data points are fed to the recorded data. If the change is observed to be long term then the old data points are replaced to accommodate the changes and this is how the system learns to recognize the face even with some minor changes. If there are changes that are temporary, like the presence of glasses, the recorded data for that unlock would be discarded. In general, during the unlock, as long as there is not much of a change the captured data would be immediately discarded.
How does Face ID work?
The sophisticated pattern recognition algorithm compares the data with the utmost precision. The Secure Enclave in the A11 Bionic chip’s neural engine works in mapping the captured image of the face to generate a dataset which would then be compared with the one that is already present, registered as the authenticated user. Face ID adds an additional layer of protection. Even if the Face ID is enabled, some situations still trigger the use of a passcode like:
- 5 continuous failed attempts of identifying a registered face
- After restarting the phone
- The device has stayed idle for more than 2 days.
There are few other such scenarios as well. So the passcode authentication would still be retained when the Face ID is enabled and it would simply be wrapped over the existing authentication process to make it more convenient for the user and more secure. So during the app store purchases and while making payments Face ID can reduce the overall time taken to complete the process.
