Is Face ID Safe?
Laura Martisiute
Reading time: 9 minutes
Table of Contents
If you use or plan to use Face ID, you need to know: Is Face ID safe?
Below, we explain whether Face ID is:
- Safe to use.
- Good for privacy.
We also look at some steps you can take to improve both your safety and privacy when using this online service.
What Is Face ID?
Face ID is a facial recognition technology developed by Apple Inc. It is used primarily as a biometric authentication system for iPhone and iPad devices. Introduced with the iPhone X in 2017, Face ID replaced the Touch ID fingerprint recognition system.
Face ID uses a TrueDepth camera system, which includes an infrared camera, flood illuminator, and dot projector to create a detailed depth map of the user’s face.
When the user wants to unlock their device or authenticate for certain actions (such as making purchases), Face ID captures a 3D map of their face by projecting and analyzing over 30,000 invisible dots. This creates a mathematical representation of the user’s face.
The device then compares the captured facial data with the data securely stored in the device’s Secure Enclave. If there is a match and other conditions (like eyes being open) are met, the device unlocks or grants access.
Is Face ID Safe?
Face ID is generally considered to be a secure biometric authentication method.
Face ID uses a sophisticated TrueDepth camera system with infrared and depth-sensing capabilities. This allows it to create a detailed 3D map of the user’s face, which enhances security by making it difficult for unauthorized users to bypass.
The facial data captured by Face ID is stored locally on the device’s Secure Enclave, a dedicated area of the processor chip. This data is encrypted and cannot be accessed by other apps or transferred off the device, enhancing the security of biometric data.
Face ID incorporates attention detection, requiring the user’s eyes to be open and looking at the device for authentication to succeed. This helps prevent spoofing attempts using photos or masks. The system also employs liveness detection to ensure that the face being scanned is a live face, not a static image or mask.
That said, it’s not impossible for someone to unlock your iPhone with Face ID.
In 2017, The Verge published an article about a 10-year-old who was able to unlock his mother’s phone with his face.
Also in 2017, the Vietnamese security company Bkav claimed in a blog post that it had developed a mask costing $150 that could unlock Face ID. However, according to WIRED, the technique necessitated precise measurements or a digital scan of the iPhone owner’s face, so it was more of a “proof-of-concept” and a reasonable risk only to high-profile targets.
In a whitepaper titled “Face ID Security” (published in 2017), Apple said that the “probability that a random person in the population could look at your iPhone X and unlock it using Face ID is approximately 1 in 1,000,000 (versus 1 in 50,000 for Touch ID). […] The probability of a false match is different for twins and siblings that look like you as well as among children under the age of 13, because their distinct facial features may not have fully developed.”
As an added security measure, Face ID only allows five match attempts before it asks for your passcode.
Face ID adapts to changes in the user’s appearance over time, such as growing a beard, wearing glasses, or changes in hairstyle. This ensures that authentication remains reliable without compromising security.
There are no reports of data breaches associated with Face ID as of this writing.
Is Face ID safe for the eyes?
Yes, according to Apple, Face ID is safe for the eyes.
Apple’s Face ID uses advanced technologies, including infrared light and the TrueDepth camera system, to capture accurate facial data.
On its website, Apple says that its TrueDepth camera system has been tested and meets international safety standards. Due to its low output, it will not, according to Apple, harm the eyes.
If your Apple device malfunctions or is damaged, you need to get a trained technician who uses genuine Apple parts to fix it. Improper repair or modification might prevent the safety mechanisms from working properly and could lead to hazardous exposure and eye injury.
Is Face ID safe, according to Reddit?
On Reddit, the safety of Face ID is generally well-regarded, though opinions vary based on individual concerns and experiences.
Many Redditors consider Face ID secure enough for everyday use. They highlight that it’s difficult to steal someone’s face compared to a PIN that can be observed or “shoulder-surfed.”
However, some users note that in the US, law enforcement might be able to compel someone to unlock their phone using Face ID (in contrast, they would not usually be legally able to force someone to reveal a passcode).
There are also discussions about the potential privacy risks associated with facial recognition technology in general, but no specific vulnerabilities of Face ID have been pointed out.
Is Face ID safer than a password?
Both methods have their pros and cons.
Face ID relies on unique facial features, making it difficult for someone else to replicate. Advanced facial recognition systems use depth-sensing cameras and machine learning to detect attempts to spoof the system using photos or masks.
However, storing biometric data also has privacy implications, and while companies like Apple ensure this data is stored securely on the device, concerns remain.
Concerns are also raised about scenarios where someone could be coerced into unlocking their device with their face. Face ID can be used involuntarily by pointing the device at the user’s face, while extracting a passcode typically requires more effort and compliance from the person. Some people prefer passwords because they provide a higher degree of control in such situations.
That said, passwords can be guessed, stolen, or phished. Many people use weak passwords or reuse them across multiple sites, increasing vulnerability.
Is Samsung Face ID safe?
There seems to be a general consensus online that Samsung’s Face ID is less secure than Apple’s.
Many users report that Samsung’s facial recognition can be fooled by photos and lacks the advanced 3D sensing capabilities found in Apple’s system. As a result, users often recommend using Samsung’s fingerprint scanner for better security.
Is Face ID infrared safe?
According to Apple, the infrared output is low enough to be safe for the eyes and skin, adhering to international safety standards.
If your Apple device malfunctions or sustains damage, it’s important to have it repaired by a trained technician using genuine Apple parts. Incorrect repairs or modifications can compromise the device’s safety mechanisms, potentially leading to hazardous exposure and eye injuries.
Is Face ID Private?
Depends on who you ask.
According to Apple, privacy is incredibly important to them. Facial recognition scans are processed locally on the device without being sent to Apple servers or stored in the cloud, reducing potential risks associated with data breaches or unauthorized access.
Since your biometric data never leaves your local device, Face ID is considered to have strong privacy measures. Apps that utilize Face ID do not have access to your biometric data; instead, they are only notified when you successfully pass an ID check.
However, one potential privacy issue with Face ID is that law enforcement might be able to access an individual’s phone by pointing it at the user’s face.
An article in The Verge highlighted that passcodes provide better legal protection than Face ID because they are seen as “testimonial” evidence based on a person’s thoughts, while fingerprints are classified as physical evidence. In 2018, the FBI forced a suspect to unlock their iPhone with Face ID.
Apple’s privacy policy does not specifically refer to users who enable Face ID. However, it does outline data collection practices for Apple users in general, which applies to Face ID users.
Apple’s privacy policy gets a “Grade D” from Terms of Service; Didn’t Read (ToS;DR), a project that rates internet services’ terms of service and privacy policies.
Some of the potential issues flagged include the service potentially collecting, using and sharing location data, collecting many different types of information, and potentially using your information for marketing purposes.
How to Improve Your Safety and Privacy On Face ID
For a safer and more private experience on Face ID, follow these steps:
- Deactivate Face ID for specific functions. You can turn off Face ID for certain functionalities like unlocking your device or making purchases. This gives you control over when Face ID is used.
- Limit data sharing. Although Apple doesn’t share Face ID data with third parties, you can further restrict general data sharing by adjusting privacy settings in your device’s settings.
- Turn off attention awareness. Turn off the “Attention Awareness” feature in Face ID settings if you prefer not to require your eyes to be open for authentication. This can limit some of the biometric data stored.
- Regular software updates. Keep your Apple device’s operating system up to date to benefit from the latest security enhancements and fixes.
- Secure physical access. Ensure your device is physically secure by using a reliable case and being cautious where you leave it unattended.
- Educate yourself. Stay informed about Face ID’s functionality and privacy features to make informed decisions.
Our privacy advisors:
- Continuously find and remove your sensitive data online
- Stop companies from selling your data – all year long
- Have removed 35M+ records
of personal data from the web
Save 10% on any individual and
family privacy plan
with code: BLOG10
news?
Don’t have the time?
DeleteMe is our premium privacy service that removes you from more than 750 data brokers like Whitepages, Spokeo, BeenVerified, plus many more.
Save 10% on DeleteMe when you use the code BLOG10.