Thursday, September 21, 2017 by Russel Davis
The iPhone X’s brand new Face ID recognition software has come under scrutiny as experts cautioned that the system might be used to compromise the user’s safety and privacy.
The new feature enables users to open their phone by scanning their face. According to technology experts, the new software can be exploited by thieves by forcing users to unlock their phones in order to steal information and wipe them to sell.
Likewise, the experts noted that abusive partners may actually use the software to check on their spouse’s phone and sift through the messages. In addition, the tech experts cautioned that police may potentially use the software to unlock phones of suspects to search for incriminating evidence without the need to ask a court to try and force the suspects to give their passcode.
“Exacerbating this is the question of whether we have any expectation of privacy to our face. Some courts have been willing to permit law enforcement to compel a fingerprint unlock of a phone; they will be all the more likely to permit compelling a face unlock. And unlike TouchID, which allows us to enroll just one of our 10 prints, we only have one face,” Georgetown University Law Center on Privacy & Technology Associate Clare Garvie said in a Daily Mail article.
Garvie also warned that the feature may normalize face recognition and may soon be used in routine police surveillance and customer monitoring by retail outlets.
Apple hopes to address the privacy and security concerns surrounding the phone’s Face ID software and its fingerprint technology through the most recent operating system update for its new model.
An emergency feature called Emergency SOS will enable iPhone users to temporarily disable the phone’s TouchID and Face ID features by rapidly pressing the power button for up to five times.
Fingerprint sensors have also become a prime target of criticism among tech experts and enthusiasts as the features might not be as safe as they are supposed to be.
“A number of consumer electronic devices, such as smartphones, are beginning to incorporate fingerprint sensors for user authentication. The sensors embedded in these devices are generally small and the resulting images are, therefore, limited in size. To compensate for the limited size, these devices often acquire multiple partial impressions of a single finger during enrolment to ensure that at least one of them will successfully match with the image obtained from the user during authentication,” researchers told Daily Mail online
According to experts at New York University and Michigan State University, smartphones can be easily unlocked and manipulated using fake fingerprints designed to resemble an authentic human fingerprint. (Related: “Master” fingerprints can unlock almost any phone, bypassing fingerprint security in seconds.)
In order to test this, the researchers developed a set of digitally-produced, artificial MasterPrints that contained various features found in a typical fingerprint such as loop, arc, and whorl patterns. The results showed that the artificial prints were able to unlock any phone model 65 percent of the time.
Nasir Memon, a professor of computer science and engineering at New York University, warned that if someone was able to create a glove containing a MasterPrint in each finger, the suspect could very well gain access to 40 to 50 percent of iPhones within the allowable five tries before the device requires a personal identification number.
“It’s almost certainly not as worrisome as presented, but it’s almost certainly pretty darn bad. If all I want to do is take your phone and use your Apple Pay to buy stuff, if I can get into one in 10 phones, that’s not bad odds,” said Andy Adler, a professor of systems and computer engineering at Carleton University in Canada.