A day after Apple introduced its new depth-sensing Face ID biometric solution in iPhone X, the US Senator Al Franken (D-Minn.) wrote a letter to CEO Tim Cook to asking several questions over the technology's potential impact on consumer privacy.
Apple Vice President for Public Policy Cynthia Hogan has addressed Senator’s concerns in a letter, explaining that Face ID confirms the presence of an attentive face (via gaze detection), projects and reads a depth map of a user's face and sends that information to the Secure Enclave for processing.
Face ID data, which includes a mathematical representation of a user's face, is encrypted and never leaves the device. It is not sent to Apple, and nor it is included in the device backups. Hogan further said that Face images captured during normal unlock operations are not saved and are immediately discarded once the mathematical representation is calculated for comparison to the unrolled Face ID data.
Face ID utilises matching neural networks that we developed using over a billion images, including IR and depth images from studies which were conducted with participant’s consent. We worked with a group of people from around the world accounting for gender, age, ethnicity and then augmented those studies to provide higher degree of accuracy for a diverse range of users, Apple said in the letter.
Franken also issued a statement regarding Apple's response saying, "I appreciate Apple's willingness to engage with my office on these issues, and I'm glad to see the steps that the company has taken to address consumer privacy and security concerns”.
Face ID uses TrueDepth camera system made up of a dot projector, infrared camera and flood illuminator, and is powered by A11 Bionic to accurately map and recognise a face and projects more than 30,000 invisible IR dots. The IR image and dot pattern are pushed through neural networks to create a mathematical model of your face and send the data to the secure enclave to confirm a match, while adapting to physical changes in appearance over time.
All saved facial information is protected by the secure enclave to keep data extremely secure, while all of the processing is done on-device and not in the cloud to protect user privacy. Face ID only unlocks iPhone X when customers look at it and is designed to prevent spoofing by photos or masks.
The probability of a random person to see on your iPhone X and unlock it using Face ID is one in a million.