Apple releases Face ID security guide

A few bits from Apple’s Face ID Security white paper:

When Face ID detects and matches your face, iPhone X unlocks without asking for the device passcode. Face ID makes using a longer, more complex passcode far more practical because you don’t need to enter it as frequently.

If Face ID was able to eliminate the passcode completely, users could use long, impossible to memorize strings, just as they would with strong passwords combined with a password manager. But the fact that you have to memorize the passcode (you won’t have to use it much, but you’ll still encounter situations where you’ll need it) limits the complexity. Not a complaint, just an observation.

Here’s when a passcode is still required:

  • You can always use your passcode instead of Face ID, and it’s still required under the following circumstances:
  • The device has just been turned on or restarted.
  • The device hasn’t been unlocked for more than 48 hours.
  • The passcode hasn’t been used to unlock the device in the last 156 hours (six and a half days) and Face ID has not unlocked the device in the last 4 hours.
  • The device has received a remote lock command.
  • After five unsuccessful attempts to match a face.
  • After initiating power off/Emergency SOS by pressing and holding either volume button and the side button simultaneously for 2 seconds.

And:

The TrueDepth camera automatically looks for your face when you wake iPhone X by raising it or tapping the screen, as well as when iPhone X attempts to authenticate you to display an incoming notification or when a supported app requests Face ID authentication. When a face is detected, Face ID confirms attention and intent to unlock by detecting that your eyes are open and directed at your device; for accessibility, this is disabled when VoiceOver is activated or can be disabled separately, if required.

This is what’s encrypted and saved in the iPhone X Secure Enclave:

  • The infrared images of your face captured during enrollment.
  • The mathematical representations of your face calculated during enrollment.
  • The mathematical representations of your face calculated during some unlock attempts if Face ID deems them useful to augment future matching.

There’s a lot more in the white paper, including some detail on Apple Pay, and third party access to Face ID.



  • I would agree. Having to enter a passcode/password at least once per week definitely limits the complexity that I will assign to it.

  • DanielSw

    Can’t wait to try it! iPhone X is my next phone when my current iPhone 7+ AT&T NEXT plan lets me.

  • Deep Dive Guides

    I’m not worried about the security of FaceID. I’m sure it’s as secure as TouchID, or even more secure than TouchID.

    However… What I AM worried about is the convenience/usability of FaceID. From everything I’ve read and seen demonstrated on stage, FaceID is nowhere near as convenient and usable as TouchID.

    For a great example, read the section on Apple Pay in this security white paper. What was one simple fluid action with TouchID is now a clunky series of 3 steps with FaceID (showing intent is separate from authenticating/unlocking which is separate from tapping the Pay terminal)

    I’ll wait for the next phone, in which Apple will add back TouchID under the screen.

    • i dont see Apple Pay being any more clunky. You are ready to checkout at the store. You:

      • take out phone

      • confirm intent to pay: double-click side button while looking at it in your hand in one motion.

      • waive at NFC terminal (hoping it’s turned on and working)

      Vs with Touch ID:

      • take out phone

      • confirm intent to pay: place finger

      • waive at NFC terminal (hoping it’s turned on and working)

      …the side button double-click and face authentication are simultaneous so it’s likely insignificant IRL. Just as with the Watch, double-clicking the side button is no big deal, an action that effectively costs nothing.

      • Person McPersonson

        Paying with TouchID is pretty easy. Take phone out and with thumb on home button, hold it against the NFC terminal and wait for the beep and checkmark – one single fluid motion.

        FaceID requires an explicit double-click and hold to your face, wait for confirmation, hold to NFC terminal and wait for checkmark/beep.

        We’ll have to wait and see how clunky it really is.

  • Meaux

    “The passcode hasn’t been used to unlock the device in the last 156 hours (six and a half days) and Face ID has not unlocked the device in the last 4 hours.”

    I never understood this rule. Why not make it 8 so that it isn’t required after a night’s sleep.

    • Person McPersonson

      Pay attention to the “and” in that sentence. You can get several nights sleep. So if you used your passcode yesterday, or even 6 days ago, it won’t require it after a night’s sleep.

      After the 7th night, if you haven’t used your passcode all week, it’ll ask for it.

      The reason is so you don’t forget your passcode.