How Secure Are Face ID and Touch ID?

learninmypc

TS Evangelist
Apple claims Face ID and Touch ID are secure, and for the most part that’s true. It’s extremely unlikely a random person could unlock your phone. But that’s not the only type of attack to worry about it. Let’s dig a little deeper.

Although they use different biometric authentication methods, Face ID and Touch ID are very similar under the hood. When you try to log in to your iPhone—either by looking at the camera on the front or putting your finger on the touch sensor—the phone compares the biometric data it detects with the data that’s saved in the Secure Enclave—a separate processor that’s entire purpose is to keep your phone secure. If the face or fingerprint matches, your iPhone unlocks. If not, you’re prompted to enter your passcode. While all this sounds good on paper, is it secure? FULL ARTICLE
 

jobeard

TS Ambassador
Good post/article. love the caveat:
No method of authentication will ever stand up to a sufficiently determined attacker. There are always flaws that can be used; it’s just a matter of how easy they are to take advantage of.
 
  • Like
Reactions: learninmypc

GaryMove

TS Enthusiast
It's secure for you in the case your phone will be stolen or lost.
But if you provide your fingertips and face recognition, then be sure you are not secured from Apple.
 

MaikuTech

TS Evangelist
I was just thinking how can it recognize you on Saturday's hangover morning when your eyes are twice smaller and the face is 5x bigger than usual XD
Nah I rather have touch ID, it would go by much more quickly and tell right away if you aren't the right person.
I think facial recognition could turn into a real issue over the next few years.
Especially with hacker morons running aloof everyday getting into things easily.
 

Netfox

TS Member
Nah I rather have touch ID, it would go by much more quickly and tell right away if you aren't the right person.
I think facial recognition could turn into a real issue over the next few years.
Especially with hacker morons running aloof everyday getting into things easily.
I also think it may lead to many problems. As lots of countries have ID cards which are based on bio-metric portraits. If someone will steal the data with faces using this function it will be a disaster.
 

jobeard

TS Ambassador
Both Face_ID & Touch_ID have the same problem: The user can not determine where the click will take them to.

A normal link will show the target URL in the status bar when the mouse hovers over the link; The *_ID technologies above can not do that.
 
Last edited:
  • Like
Reactions: learninmypc