iPhone and iPad Security

Buying an iPhone X? Face ID Might Make You Reconsider

Philip Bates 26-09-2017

While opponents will naturally pour scorn on the latest handset, fans of Apple products will consider the iPhone X Apple Announces iPhone X & iPhone 8: Everything You Need to Know What's so special about the iPhone X? Can you really justify the $999 price tag, or is the refined iPhone 8 a better buy? Read More the best thing since… well, since the iPhone 7 Plus iPhone 7 Plus Review This year's iPhone 7 models break with convention. For the first time ever Apple has opted for the same general design three years in a row, while introducing some divisive, but long-overdue features. Read More !


It boasts an edge-to-edge screen, no Home button, and faster charging. But perhaps its most notable feature — certainly its most concerning — is Face ID.

Based on this function, how secure is the iPhone X? Is it a privacy concern? And will Apple have access to a huge database of everyone’s faces?

What Is Face ID?

Without the Home button, the new iPhone needs a simple way of being unlocked: users have grown used to Touch ID, and can’t be bothered with passcodes Why Usernames & Passwords Are A Thing Of The Past, And How To Cope With This With every other hacked database and credit card scandal that occurs, it becomes more evident that we can't rely on passwords for much longer. But if not passwords, what else is there? Read More anymore. Realistically, biometrics are generally safer The History of Biometric Security, and How It's Being Used Today Biometric security devices were long held ideals in science fiction movies that seemed plausible enough to actually happen, but a little too far-fetched for real world application. Read More than passcodes anyway — certainly more so than anyone who unlocks their smartphone by typing in “1234.”

This is where Face ID comes in.

And it is a very smart system. First of all, it projects 30,000 invisible dots across your face, then an infrared light (so it doesn’t matter how much light there is available).


iphone x iphone 8 compared

These create an image of your face which can be assessed to check whether it’s the same as the image stored in the phone’s database. The original, on which subsequent unlocks will be based, uses the same process but requires the user to turn their head slightly to give a proper 3D scan. It’s reminiscent of the 3D imaging techniques used in CGI How CGI Is Ruining Your Favorite Movies However much we marvel at "these new-fangled special effects," sometimes they can get in the way of actually enjoying a film. Let's look at how CGI is ruining your favorite movies. Read More .

You won’t just use it to unlock your device either. It can be used to verify purchases through Apple Pay How To Use Apple Pay To Buy Things With Your iPhone Your iPhone may some day be the only device you need to purchase products and services, but first you need to start using Apple Pay. Read More and the App Store.

It makes gaining access to your phone very easy. But is it secure?


Can You Fool It?

Apple obviously says not. The chances of tricking it, the company reckons, is 1 in 1 million. It’s remote, but not impossible.

It won’t be fooled as easily as the Samsung Galaxy S8 The Greatest Smartphone You Shouldn't Buy: Samsung Galaxy S8 Review (and Giveaway!) The $800 Samsung Galaxy S8 is, without question, the best smartphone ever made. But you probably shouldn't buy one. Read More , which hit shelves earlier this year. Even before that release date, the facial recognition software had been fooled by a simple photo taken from social media. It took longer to unlock than usual, but the point remains that it did reveal its secrets. Samsung reaffirmed that the facial ID isn’t as secure as its PIN, fingerprint scanner, and iris scanner.

This won’t work with the iPhone X because it takes a 3D image of your face, rather than just a head-on template.


In an effort to prove how secure it is, Apple even got unnamed Hollywood studios to create face masks — and no, the iPhone X couldn’t be fooled that way.

Seemingly, this is a pretty secure method. But nothing’s impenetrable. Cloudflare’s Marc Rogers, who previously demonstrated how to trick Touch ID, is convinced he can trick Face ID:

“The moment someone can reproduce your face in a way that can be played back to the computer, you’ve got a problem. I’d love to start by 3D-printing my own head and seeing if I can use that to unlock it.”

Let’s put it this way: it’s very likely that Face ID will be cracked in the same way that Touch ID was, but spoofing won’t considerably affect the general public.

What About Twins?

In the relatively slight chances of you having an identical twin, that could cause a problem. At the time of writing, we don’t know whether Apple has tested its product on two people who look exactly alike. If the firm had, it would surely have announced the results… unless they were negative.


two women facing each other
Image Credit: chintermeyer via Flickr

Interestingly, Windows Hello uses facial recognition How to Log Into Windows 10 With Finger Scans & Facial Recognition Instead of using a password or PIN, you might be better off using fingerprint scans or facial recognition! But there are a few risks associated with them. Here's what you need to know. Read More on Windows 10 that can tell the difference between twins, at least according to a recent study. In addition to comparisons with image sets, it combines depth and heat readings to check if the correct twin is signing in.

Though the 3D imaging allows some study of depth, the iPhone X cannot detect heat.

We don’t genuinely know yet how the smartphone could determine differences of people who look incredibly similar. But to be on the safe side, identical twins probably shouldn’t trust Face ID.

Where Are Images Stored?

You might be troubled by the idea that Apple will have a database of all its customers with an iPhone X.

But worry not. Details used for facial verification will be stored in a “secure enclave” Error 53: Is Apple Really Bricking iPhones? Does Apple have it in for customers who get their iPhones repaired by a third party, or is something more going on? Read More , which is also where mathematical representations of your fingerprint, used for Touch ID, are located. It’s stored solely on your phone, essentially, so Apple won’t get to enjoy your eyes, mouth, and nose.

That doesn’t reassure Senator Al Franken, however. He’s so concerned that he wrote a letter to Apple CEO Tim Cook. In this, he asked the circumstances which could cause the company to store images elsewhere, and further:

“Can Apple assure its users that it will never share faceprint data, along with the tools or other information necessary to extract the data, with any commercial third party?”

If Apple Pay can already access Face ID, could other apps? Right now, we don’t know the answer to that, but the possibility of tracking how users respond to an advertisement or page is surely a tempting one. The recognition software can track where your eye is, so third-parties could, in theory, see which elements in an article or ad particularly take your attention.

iphone x sensors and specs

Right now, that’s a minor issue on the distant horizon. But while you’re here, it’s worth noting that there is a database of your face — and many people use it every single day.

It is, of course, Facebook What Does Facebook Know About You? Why You Should Delete Facebook What does Facebook really know about you? One thing's for sure: if you want online privacy, Facebook is best avoided. Read More . Its Deep Face project can detect and recognize a face, even from different angles. That’s why you can tag people in a photo. Worrying, eh? Maybe you should take a look over your privacy settings Facebook Photo Privacy Settings You Need To Know About As with everything regarding privacy on Facebook, managing your photos' privacy settings isn't always easy. Read More , and untag yourself in some images. If you’re taking iPhone privacy seriously, the same should go for social networking.

Who Else Can Access It?

Now we come to the really worrying aspect of Face ID: you can unlock your smartphone using your face. So can muggers and the police.

The immediate issue is if a thief steals your device and threatens you to access it. With other methods, the coercion is exactly that. With facial recognition, however, it’s much easier for a criminal to get you to unlock it. After all, all they need is your face.

face id with iphone x

Right now, law enforcement agencies, including the police and border controls, can’t make you unlock your iPhone using a passcode or Touch ID without a warrant. This is due to the Fifth Amendment, protecting you from self-incrimination.

Remember back in 2016, Apple refused to unlock Apple Refuses to Help the FBI, Popcorn Time Returns... [Tech News Digest] Apple stands up for personal privacy, the original Popcorn Time gets resurrected, Kanye West learns the price of piracy, Sega gives games away on Steam, and play Pong on your Apple Watch. Read More the encrypted iPhone 5C of San Bernardino shooter, Syed Rizwan Farook? They trod a fine line: from one perspective, they refused to help the FBI investigate this act of terrorism; from another, it would’ve been a clear precedent — an admission that Apple can get into any devices used by their customers.

The fact they refused told the world that Apple values security What Is The Most Secure Mobile Operating System? Battling for the title of Most Secure Mobile OS, we have: Android, BlackBerry, Ubuntu, Windows Phone, and iOS. Which operating system is the best at holding its own against online attacks? Read More and privacy.

Face ID does the opposite. The exact legalities of how the Fifth Amendment applies to facial verification are yet to be determined. They probably won’t be until a case goes to court anyway.

This gray area is certainly one we’re concerned about. And you definitely should be too.

What Can You Do About It?

One caveat of Face ID is that, for a face to be recognized, your eyes have to be open. You have to actually be facing the screen too. If you were mugged, you could try to close your eyes or perhaps turn away. That may work if the criminal had hoped for a snatch and grab So Your iPhone Was Lost or Stolen? Here's What to Do If your iPhone was lost or stolen, here's how to locate, recover, and block your iPhone to protect your data. Read More — less so if you’re under duress.

The latest operating system, iOS 11 iOS 11 Out Now: How to Download & Install it on iPhone & iPad iOs 11 adds new features, security fixes, and forwards-compatibility with future apps — so what are you waiting for? Read More , will come automatically installed on the iPhone X, and that does at least have Emergency SOS in Settings. You can set it up so that, when you click the power button five times in a row, it’ll disable Face ID and Touch ID. You have to enter a passcode to gain access.

This feature can also be activated to automatically call an emergency contact or service.

That’s really the key to all this. If you’re too worried about using Face ID, you don’t have to.

You can resort to a Touch ID or a passcode Should You Use a Fingerprint or a PIN to Lock Your Phone? Should you protect your phone with a fingerprint or a PIN? Which one is actually more secure? Read More . But make sure you do use some method of encryption to secure your smartphone.

Of course, you don’t have to buy an iPhone X. You might love Apple and need an upgrade, in which case opt for the Face ID-free iPhone 8 Why You Might Want to Skip the iPhone 7 & Wait for the iPhone 8 2017 marks ten years of iPhones, and rumor has it that Apple has something very special planned. Read More . It also has the much-loved Home button, charges faster compared to previous models, and is cheaper. That last part tempted you, didn’t it?

Facing Facts

When the Touch ID was announced, security and privacy concerns Does the iPhone 5S Fingerprint Scanner Increase The Chance of Theft? The iPhone's new fingerprint sensor seems like a great way to use biometrics to keep the device secure and personal, but could the feature be used against the owner to circumvent existing protections? Read More consumed the internet… and in the end, it turned out to be just fine. Face ID will likely be the same.

There will be issues, and it’s certainly not for everyone 6 Reasons Why Biometrics Are NOT the Way of the Future Biometrics have often been seen as the "future" of personal identification, but there are many reasons why that may never actually come to pass. Read More . But it’s your choice as to whether you buy the device or not, and if you use Face ID.

What will you be doing? Are you keen to try out the iPhone X? Are you an early adopter? Or do you prefer to wait until the kinks have been ironed out? And will you use Face ID?

Related topics: Face Recognition, iPhone X, Smartphone Security.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. jeff
    December 15, 2018 at 4:21 am

    ok but anyone can kill you then use tour face to open your phone with your dead face. not really comforting if that opens your apple wallet.

  2. dragonmouth
    September 27, 2017 at 12:35 pm

    "The fact they refused told the world that Apple values security and privacy."
    Yes. Their own security and their own privacy. Apple did not want it to become known that they CAN bypass any security set up by the user. It would not be good for business for that to be common knowledge.

  3. MDouglas
    September 27, 2017 at 7:12 am

    All of these issues seem irrelevant to the vast majority of iPhone users. By the way, how many Angels DO fit on the head of a pin?

  4. Troy Guffey
    September 27, 2017 at 6:10 am

    The cops have ALREADY got permission to unlock phones by forcing you to use your fingerprint. Faceprinting will be even easier to force. And covered by that same precedent.