Apple’s Face ID is a facial recognition system designed mainly for the iPhone. You simply glance at your phone, and, if you match the face stored in your phone, the phone will unlock. Face ID may also be used to authorise payments from the App Store, or Apple Pay. It was originally introduced in the iPhone X replacing Touch ID, and has since been available for all iPhones succeeding it.

How does it work?

Face ID uses technology rooted in a company Apple bought called PrimeSense (2013), who were the main designers for the low-cost infrared depth perception used for the Kinect on Xbox. PrimeSense’s sensors were shrunk down to build the FaceID technology found in iPhones. The front-facing camera is accompanied by an infrared camera and dot projector. The dot projector projected up to 28,000 dots onto the user’s face and the infrared camera reads the data. From this data, a mathematical value is calculated, depending on the features of the user’s face, such as the eyes, mouth and nose. For the initial data to be created during setup, the dot projector and infrared camera takes a 3D scan of the user from all angles to create a complete reference map. The infrared module used by FaceID is able to work with features such as hats, scarves, beards, glasses, and “all but the darkest sunglasses”. Another notable feature is the flood illuminator, which enables Face ID to work in the dark by illuminating the user’s face “invisibly” so that the dot map and the infrared camera can do their jobs.

A drawback of the technology is that it is not able to recognise users if they are wearing a mask. Apple stated “Face ID is designed to work with your eyes, nose and mouth visible”. As a result, with the release of iOS 13.5, if Face ID recognised a mask was being worn by the user, it automatically brought up the passcode screen, instead of having to stare at a blank-screen for 1 to 2 seconds while Face ID tried and failed to recognise the user’s face. Along with this, in 2021, users can enable a setting that makes Face ID work even if a mask is worn, but only if the mask is accompanied by an unlocked Apple Watch. 

Is it safe?

One of the quickest possible criticisms for the technology was whether having a photo of someone meant that you could unlock their phone. This is not possible because the initial scan is a 3D reference map, a photo is a 2D representation of a face. The phone will also only unlock if the user is looking towards the iPhone X, so the phone will never “accidentally” open. 

Apple says the facial scan is so accurate there’s only a 1 in 1,000,000 chance of another random person’s face being able to unlock the phone. This is much better than the 1 in 50,000 error rate for Touch ID. 

This does not take into account identical twins, however, where the results have been mixed in terms of bypassing Face ID. In some cases, such as Greg and Brian Fieber, both 36, Face ID could pick apart the details between the two brothers. This is not always the case, as seen with MJ and Marc Franklin, whose Face ID could not differentiate between the two.

In terms of privacy, Apple has made it clear that, while some third-party apps may access basic facial expression for use with features such as Snapchat’s selfie filters or in games, those features are “not sufficient to unlock a device or even identify a user”. Furthermore, Apple prohibits developers from selling the data.

All in all, Apple seems to be taking the privacy and security of its Face ID technology fairly seriously, with some caveats such as inconsistent results with identical twins, the policy around third-party apps’ access seems to be pretty rigid. 

“The bottom line is, Apple is trying to make this a user experience addition to the iPhone X, and not an advertising addition”

Clare Garvie, an associate with the Center on Privacy & Technology at Georgetown University Law Center in Washington.