Unless you were hiding under a rock this Tuesday, you probably heard Apple’s big announcement about the iPhone X. The most important part of that announcement for the security community was that Apple is getting rid of the Home button and its fingerprint ID in favor of a facial recognition system in the new iPhone X. Called FaceID, it uses several sensors, including the front-facing cameras and an IR sensor, to recognize its user’s face and unlock the phone when they look at it. Our CTO Corey Nachreiner was quoted in Dark Reading and Security Week about the security risks of this new technology.
Here’s an excerpt from the Dark Reading article about the importance of multi-factor authentication. Nachreiner says while he strongly believes in biometric authentication, “bad actors will continually find ways around different identity tokens, even biometric ones.” The key, he says, is layering multiple forms of authentication in a way that’s still convenient for users.
The good news is that Apple’s system seems quite secure. They claim that FaceID will recognize its owner with just 1 out of 1,000,000 false positives, even at night. Corey notes that “The combination of a camera and IR sensor make this system quite accurate and difficult to trick.” This is a huge improvement from early cell phone facial recognition systems, some of which could be fooled by putting a picture of the owner in front of the camera.
But a single secure token (even an extremely secure one) can eventually be overcome by a smart and determined threat actor. That’s why we advise everyone to use multi-factor authentication for their important logins. Another downside to FaceID is that the iPhone now has a 3D model of its user’s face. While Apple products are extremely hardened, this does introduce a new piece of user data that could be stolen or abused. Edward Snowden (who knows a thing or two about security and privacy) acknowledged on Twitter that Apple’s system looks robust, but he still believes normalizing facial scanning will lead to future abuse.
Read Corey’s full comments in Dark Reading and Security Week and learn more about biometric authentication and multifactor authentication here on Secplicity.
The downside of a single biometric factor in this case is the ability of a bad actor intent on getting your information without your consent to simply point the phone at your face while you are immobilized.
The same can be said for a fingerprint reader unless it is backed up by a PIN or Swipe.
I have always understood security to be at least two of the following:
Who you are – Username or equivalent
What you have – Physical Key or RSA Token, Authorization code by phone or email, etc.
What you know – PIN, Password, Pattern
Biometric Feature – Face / Iris Scan, Fingerprint
While one could make the case the securing of individual access is now superseded by the massive data hacks, it is still important to best control access to personal resources the best way possible with dual factor authentication and encryption.
After all, if there were a spate of burglaries in your neighborhood you would not be best disposed to leave your doors unlocked.