Apple has done plenty of good for security and privacy-conscious individuals. And with the new iPhone 8 and iPhone X, announced Tuesday at the tech giant’s new Steve Jobs Theater, there are some features in the soon-to-be-released devices that could help improve protections around customer data.
The biggest announcement on Tuesday for security folk, facial recognition, may be a double-edged sword. With no home button for Touch ID, Face ID will be the primary way to unlock iPhone X. On the one-hand, the face is a unique identifier and will allow for quick and secure access. On the other, as with fingerprints, past forms of facial biometrics have been exploited with simple tricks, such as holding up a clear picture of the real user.
But Apple appears to have invested seriously in the security of Face ID. During the launch event today, Apple senior vice president Phil Schiller said “Face ID learns your face” and can adapt to recognize changes in the user’s appearance. Schiller said the TrueDepth camera system of the iPhone X combines a lot of high-end tech – an infrared camera, proximity and ambient light sensors, as well as a flood illuminator and Apple’s own specialized hardware – all mapping the face with 30,000 invisible dots flashed on the visage. That information feeds the iPhone X’s neural network, which creates a mathematical model of the user’s face.
Schiller said Apple has even worked with Hollywood specialists to test mask attacks. The chance of a random person being able to unlock a device is one in a million, Schiller said, though a doppelgänger or a twin might trick it.
Facial recognition concerns
When it comes to law enforcement searches, Face ID could, in one respect, be a boon. It may be easier to force a user into opening their iPhone simply by holding it up to their face when compared to Touch ID, where police have repeatedly tried to force suspects to depress their fingerprint to unlock the phone. Cops have had limited success with Touch ID; they may have more with Face ID.
It’s also unclear how easy it would be to disable Face ID to prevent such attacks. With Touch ID, there are numerous ways to ensure a passcode is required, from just turning it off, to tapping on the home button five times, as introduced in the iOS 11 beta. There may be a similar mechanism in the iPhone X, but Apple hadn’t responded to a request for comment on Face ID at the time of publication.
“We don’t know much,” said Matthew Green, assistant professor at the Johns Hopkins Information Security Institute. “But for one thing it’s relatively hard to avoid using your face. With Touch ID you could at least give the wrong finger.
“I’m nervous about how well the tech will do at preventing impersonation with pictures. There are a few techniques that can stop this, like high-speed analysis to detect a pulse, or use of a 3D sensor. Apple hasn’t really explained the tech so we just don’t know how safe it is.”
And while Apple has included so-called “presence detection,” only opening the iPhone X when the user was looking directly at the device, there was no mention of “stress” or “duress detection” to stop unlocks if the person’s face shows signs of being in trouble, noted Pepijn Bruienne, senior research and development engineer for Duo Security. “The lack of their mention of stress/duress detection would be indicative that it isn’t there yet, but that level of detail around technical implementation remains to be seen,” Bruienne added.
But there’s some nuance here. There’s a saving grace with iOS 11 in a small but significant update with iOS 11 that should prevent quick searches. As noted by Russian digital forensics firm Elcomsoft, Apple has added an additional login layer in iOS 11 so that when connecting an iPhone to an unknown external PC, an extra passcode is required. When the government wants to get inside an iPhone quickly, and they already have control over the device, they attach the iPhone to a PC. But as they’ll now be presented with a ‘Trust this device?’ prompt and asked to enter a passcode, they’ll have another barrier to get through.
For feds then, even if they can unlock the phone, it doesn’t mean they can extract the data inside, quite the opposite thanks to iOS 11. “Yes, it’s easier to hold up the phone to the suspect to do a ‘search,’ but the search is actually limited to what can be seen on the phone and scrolled through. To actually do a forensic search iOS 11 requires the passcode, whether or not you have Touch ID or Face ID enabled,” said Nicholas Weaver, senior staff researcher focusing on computer security at the International Computer Science Institute at Berkeley.
Undoubtedly iOS remains one of the most secure operating systems available to the public, and that’s upset the government in the past, most notoriously in the San Bernardino terrorist saga. And even with Face ID, Apple doesn’t appear to be going back on its word to protect customer privacy over law enforcement encroachment.