PHOTO: APPLE

iPhone X Face ID May Risk User's Facial Data

The iPhone X releases today, and with it come more concerns about the privacy and security of its new Face ID feature.

  • By Jessica Davis
  • Nov 03, 2017

The iPhone X releases today, and with it come more concerns about the privacy and security of its new Face ID feature.  While Apple has stated since it announced Face ID that the user’s facial data is encrypted and stored securely on the iPhone X, application developers may be allowed to take certain facial data from user’s phones.

Apple’s Face ID allows users to unlock their phone by simply making direct eye contact with it. Face ID works by taking the user’s image and a dot pattern created by projecting more than 30,000 invisible dots onto their face to make a mathematical model.

Apple says this biometric data never leaves the device itself and is stored in an encrypted form on the phone’s secure enclave. The data then cannot be accessed by the operation system or any applications on the phone.

However, parts of Apple’s contract allow app developers to take a rough map of a user’s face and a stream of more than 50 kinds of facial expressions off the phone. As long as these developers agree to seek “clear and conspicuous consent” from users, they can remove facial data and store it on their own servers. The data must be used for legitimate app purposes and not marketing or advertisement and cannot sold to third parties that may use it for those purposes.

Questions remain as to how Apple will enforce these terms and their ability to control what app developers do with facial data once it’s taken from the device itself. These reports come shortly after security researchers at Trend Micro’s Pwn2Own contest in Tokyo found exploits in Apple’s newly released iOS 11.1.

About the Author

Jessica Davis is the Associate Content Editor for 1105 Media.

Featured

  • First, Do No Harm: Responsibly Applying Artificial Intelligence

    It was 2022 when early LLMs (Large Language Models) brought the term “AI” into mainstream public consciousness and since then, we’ve seen security corporations and integrators attempt to develop their solutions and sales pitches around the biggest tech boom of the 21st century. However, not all “artificial intelligence” is equally suitable for security applications, and it’s essential for end users to remain vigilant in understanding how their solutions are utilizing AI. Read Now

  • Improve Incident Response With Intelligent Cloud Video Surveillance

    Video surveillance is a vital part of business security, helping institutions protect against everyday threats for increased employee, customer, and student safety. However, many outdated surveillance solutions lack the ability to offer immediate insights into critical incidents. This slows down investigations and limits how effectively teams can respond to situations, creating greater risks for the organization. Read Now

  • Security Today Announces 2025 CyberSecured Award Winners

    Security Today is pleased to announce the 2025 CyberSecured Awards winners. Sixteen companies are being recognized this year for their network products and other cybersecurity initiatives that secure our world today. Read Now

  • Empowering and Securing a Mobile Workforce

    What happens when technology lets you work anywhere – but exposes you to security threats everywhere? This is the reality of modern work. No longer tethered to desks, work happens everywhere – in the office, from home, on the road, and in countless locations in between. Read Now

  • TSA Introduces New $45 Fee Option for Travelers Without REAL ID Starting February 1

    The Transportation Security Administration (TSA) announced today that it will refer all passengers who do not present an acceptable form of ID and still want to fly an option to pay a $45 fee to use a modernized alternative identity verification system, TSA Confirm.ID, to establish identity at security checkpoints beginning on February 1, 2026. Read Now

Most   Popular

New Products

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation.

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file.