Apple has released a technical white paper that offers a breakdown on the security behind Face ID, its new facial recognition tech.
For now, the iPhone X will be Apple’s only device using Face ID, but the authentication tool has already raised concerns on multiple fronts. On Sept. 14, Senator Al Franken, a Democrat from Minnesota, wrote a letter to Apple CEO Tim Cook with questions like how the data is stored on Face ID and if it could be accessed by a third-party app. There had also been concerns with how the biometric tech, which uses multiple scanners for facial recognition, will apply in the courts and with police.
Apple’s white paper on Wednesday answered questions on Face ID’s security, like how much of your face’s image it actually stores, how long it saves it for, what apps can use Face ID, and a few other ones.
The white paper did not directly comment on how robust Face ID’s privacy is when it comes to law enforcement. Here’s what Apple did answer in its document:
How much of my face’s data would be stored through Face ID?
Not much, unless you count a mathematical equation and infrared dot plots as your image.
Face ID doesn’t capture your entire image, Apple said in its paper. It takes on the infrared images, which is represented by 30,000 dots, and creates an map of what your face would look like. It also keeps the “mathematical representation” of your face, rather than the image itself.
The background of your unlocking selfie also isn’t stored. The enrollment image — the first picture you take so Face ID can recognize you — is cropped to your face only. Every time you unlock your phone using Face ID, the images are “immediately discarded once the mathematical representation is calculated” and compared to the enrolled data.
Where is the data being stored? Could hackers extract my image online?
The data is stored on the device’s Secure Enclave chip, and only available there. It’s encrypted, and the data “never leaves the device,” according to Apple. Even Apple doesn’t receive the data, and it’s not stored when your phone backs up, either.
“Face ID data doesn’t leave your device, and is never backed up to iCloud or anywhere else,” Apple writes.
It’s the same as how Touch ID data, Apple’s fingerprint reader, is stored. Because it’s stored on your device and not on a server or a cloud, someone would have to have physical access to the device to be able to steal the data. And even that would be difficult, considering that the Face ID data is encrypted.
The only time your Face ID data would be sent anywhere is if you agree to transfer it for AppleCare, and that would only be diagnostics data. People will be allowed to review and approve what data gets sent, including your face’s image. It automatically is deleted after 90 days.
Will third-party apps be able to use Face ID?
Yes. Third-party apps will be able to use Face ID for authentication. Any apps that you’ve used that allow for Touch ID to do that will automatically be able to support Face ID without any changes, Apple said.
But that doesn’t mean that they are getting your face’s data. Face ID only tells the third-party apps whether or not the authentication went through — it doesn’t send your face’s data with it.
Think using Face ID to approve purchases from iTunes or the App Store. You’ll be able to do that with any app where developers allow for Face ID.
How did Apple account for diversity with Face ID?
Apple said it used more than a billion pictures to train Face ID to recognize people. Sen. Franken asked where they got those billion images, which Apple did not answer. The company said they worked with a diverse group of people to account for different genders, ages, ethnicities and “other factors.”
Does Face ID replace my password?
No. Face ID requires a password to be enabled. Apple said Face ID should actually make having a “longer, more complex passcode far more practical,” since you won’t need to enter it as often.
“Face ID doesn’t replace your passcode, but provides easy access to iPhone X within thoughtful boundaries and time constraints,” Apple writes. Also, there’s a few circumstances where you will need to enter your password to get in the phone:
When it’s just been turned on
When it hasn’t been unlocked for more than 48 hours
When it received a remote lock command
Five unsuccessful attempts to unlock using Face ID
When Emergency SOS is activated (holding the volume and side buttons for two seconds)