iPhone keeps wanting me to configure Face ID.
Are there any known issues with this security feature? I am hesitant. Currently I just use a long pass-code to unlock the phone.
Update based on responses:
Summary of what I think I have heard:
Positive for use of Apple Face ID:
-Protects your phone by reducing the risk of someone looking over your shoulder (or cameras) and seeing your passcode.
-There is no problem using Face ID If your Risk Profile is low
Negative side:
-You can be forced to use your face to unlock the phone, either by Authorities or bad guys.
I wonder if simply by the use of Face ID, a person is tacitly agreeing to bio-metrics and authorizing Apple to use/share with third parties?
According to Frontpage-Terms of Service, Apple gets low marks (D grade) by having us agree to:
-Content you post may be edited by the service for any reason
-The service can delete specific content without reason and may do it without prior notice
-This service may collect, use, and share location data
-Terms may be changed any time at their discretion, without notice to the user
-Many different types of personal data are collected
(source: https://tosdr.org/en/frontpage#ratings)
I already imagined several times the situation of a cop grabbing a âsuspectâsâ phone and pointing into the offender face and the phone unlocking. In some countries I bet this could be legal.
In the other hand, forcing or coercing brutally someone to input a password may be less acceptable.
By any means Iâm advocating against Face ID but the thought crossed my mind a couple of times about this situation in specific.
One thing is that face ID on iOS might not work very well against a dead body like Touch ID does. But youâre dead anyway if that happens so it doesnât really matter much.
Opinion: biometrics should always be recommended against as a sole form of authentication. It could be somewhat helpful as a form of 2FA, but it will always be worse than a good password
FaceID has an option to be attention-aware, i.e. you have to look at the phone with open eyes. They canât easily force your eyes open without their hands being in the way either - also this would amount to physical violence/the $5 wrench method and might be illegal even for cops in most jurisdictions.
Itâs not always worse than a password. Incidents of thieves watching you input your password and then stealing your phone are common. Biometrics are the best defense against it since they canât get in without you there.
The fifth amendment protects against self incrimination. This means you canât be forced to give up your passwords (also, what if you âforgetâ the password).
However, the same legal protections donât apply to biometric data. Meaning a judge can order you to unlock the phone with FaceID. You could refuse, but you would be held in contempt of court and jailed until you unlock it.
Yes for certain threat models itâs not ideal. But getting arrested by the cops isnât everyoneâs threat model. And anyway if you turn your phone off or hold the power button and volume button for a few seconds it disables Face ID.
True. Especially in America police are targeting minorities using privacy invasive tactics. They used to have âstop and friskâ to target âhigh crime areasâ. This practice was ruled unconstitutional, but now police use âdigital stop and friskâ tactics.
Minorities have faced wrongful arrest and prosecution in America for a long time, but now its gotten higher tech using warrant-less searches, facial recognition, etc.
Iâm glad you donât face this threat, but many do daily (including phone searches).
Update based on responses:
Summary of what I think I have heard:
Positive for use of Apple Face ID:
-Protects your phone by reducing the risk of someone looking over your shoulder (or cameras) and seeing your passcode.
-There is no problem using Face ID If your Risk Profile is low
Negative side:
-You can be forced to use your face to unlock the phone, either by Authorities or bad guys.
I wonder if simply by the use of Face ID, a person is tacitly agreeing to bio-metrics and authorizing Apple to use/share with third parties?
According to Frontpage-Terms of Service, Apple gets low marks (D grade) by having us agree to:
-Content you post may be edited by the service for any reason
-The service can delete specific content without reason and may do it without prior notice
-This service may collect, use, and share location data
-Terms may be changed any time at their discretion, without notice to the user
-Many different types of personal data are collected
(source: https://tosdr.org/en/frontpage#ratings)
Face ID dataâincluding mathematical representations of your faceâis encrypted and protected by the Secure Enclave. [âŚ] Face ID data doesnât leave your device and is never backed up to iCloud or anywhere else.
Within supported apps, you can enable Face ID for authentication. Apps are notified only as to whether the authentication is successful. Apps canât access Face ID data associated with the enrolled face.