1. gnirkatto's Avatar
    I've been wondering why not a lot of people seem to be concerned about the access of developers to certain parts of the stored FaceID data that Apple wants to grant (as reported by press & blogs in the last few days). I am very concerned. I understand not ALL data will be given to them, and each developer who wants to access will have to sign a complex legal document on data protection.

    I am not convinced. As soon as data goes out of the secured enclave on the iPhone, misuse will be possible. What does it help me, that Apple can sue someone for violation of a security agreement, but my biometric data were misused already?

    Also, making advertising even more individual by use of FaceID data, is something that I completely disagree with. Funny little men with my facial features are of absolutely no interest for me.

    Actually I'm so concerned that I am considering to cancel my preorder for the X. I think an unambiguous statement from Apple is needed. Has not yet happened, unless I overlooked anything?
    11-06-2017 08:12 AM
  2. BreakingKayfabe's Avatar
    Considering that your face is being recognized by nothing more than dots, I don’t think there’s any real concern. It doesn’t literally take a picture of your face.

    I could be missing something here as well so hopefully I’ll be corrected.
    11-06-2017 08:23 AM
  3. BreakingKayfabe's Avatar
    Also consider that whatever “image” of yourself is stored in the Secure Enclave of the device you’re using. As far as I know, nobody has gotten into it with iOS 11.
    11-06-2017 08:27 AM
  4. msm0511's Avatar

    Also, making advertising even more individual by use of FaceID data, is something that I completely disagree with.
    Using the data for advertising is one of the things that is mentioned specifically in the guidelines. Developers aren't allowed to do that. Not gonna say it can't happen, but if Apple finds out about it the app will be removed from the store. I personally think using that kind of data nefariously is something that should get a developer banned from the App Store altogether. I doubt that would happen though.
    11-06-2017 08:39 AM
  5. EagleFox007's Avatar
    This a quote from Apple’s responds to senator’s inquiry. I hope this helps.

    “Third-party apps can use system provided APIs to ask the user to authenticate using Face ID or a passcode, and apps that support Touch ID automatically support Face ID without any changes. When using Face ID, the app is notified only as to whether the authentication was successful; it cannot access Face ID or the data associated with the enrolled face,”

    “Face ID data, including mathematical representations of your face, is encrypted and only available to the Secure Enclave. This data never leaves the device. It is not sent to Apple, nor is it included in device backups. Face images captured during normal unlock operations aren’t saved, but are instead immediately discarded once the mathematical representation is calculated for comparison to the enrolled Face ID data.”
    11-06-2017 08:58 AM
  6. Alex Rodriguez Jr.'s Avatar
    This a quote from Apple’s responds to senator’s inquiry. I hope this helps.

    “Third-party apps can use system provided APIs to ask the user to authenticate using Face ID or a passcode, and apps that support Touch ID automatically support Face ID without any changes. When using Face ID, the app is notified only as to whether the authentication was successful; it cannot access Face ID or the data associated with the enrolled face,”

    “Face ID data, including mathematical representations of your face, is encrypted and only available to the Secure Enclave. This data never leaves the device. It is not sent to Apple, nor is it included in device backups. Face images captured during normal unlock operations aren’t saved, but are instead immediately discarded once the mathematical representation is calculated for comparison to the enrolled Face ID data.”
    If faces taken during the unlocking process are compared and discarded, how in the world does the system continuously learn? It has to keep some data from those faces to adapt.
    11-06-2017 09:02 AM
  7. msm0511's Avatar
    If faces taken during the unlocking process are compared and discarded, how in the world does the system continuously learn? It has to keep some data from those faces to adapt.
    I think that means the 3rd party app info. Apple keeps the info that it collects during unlocking the phone itself in the Secure Enclave. That's how it learns.
    11-06-2017 09:04 AM
  8. EagleFox007's Avatar
    If faces taken during the unlocking process are compared and discarded, how in the world does the system continuously learn? It has to keep some data from those faces to adapt.
    It says right there...immediately discarded once the mathematical representation is calculated for comparison to the enrolled Face ID data.

    Your Face is converted into mathematical representation and that’s what is being stored in the secure Enclave.
    11-06-2017 09:12 AM
  9. gnirkatto's Avatar
    Considering that your face is being recognized by nothing more than dots, I don’t think there’s any real concern. It doesn’t literally take a picture of your face.

    I could be missing something here as well so hopefully I’ll be corrected.
    Yeah but 30.000 dots - that makes quite an image of any face imho. At least it’s sufficient to serve as unlock data for the phone and many apps that require authentication....I don’t know.
    11-06-2017 04:17 PM
  10. gnirkatto's Avatar
    Also consider that whatever “image” of yourself is stored in the Secure Enclave of the device you’re using. As far as I know, nobody has gotten into it with iOS 11.
    No access to the enclave, but the press reports stated clearly that Apple is considering (or planning?) to give parts of the data away to selected developers....!?
    11-06-2017 04:19 PM
  11. gnirkatto's Avatar
    Using the data for advertising is one of the things that is mentioned specifically in the guidelines. Developers aren't allowed to do that. Not gonna say it can't happen, but if Apple finds out about it the app will be removed from the store. I personally think using that kind of data nefariously is something that should get a developer banned from the App Store altogether. I doubt that would happen though.
    I agree, but my point was/is that it doesn’t help ME, if the developer gets banned from the App Store, AFTER Apple found that they abused my data. Then the damage was done already.
    11-06-2017 04:22 PM
  12. gnirkatto's Avatar
    This a quote from Apple’s responds to senator’s inquiry. I hope this helps.

    “Third-party apps can use system provided APIs to ask the user to authenticate using Face ID or a passcode, and apps that support Touch ID automatically support Face ID without any changes. When using Face ID, the app is notified only as to whether the authentication was successful; it cannot access Face ID or the data associated with the enrolled face,”

    “Face ID data, including mathematical representations of your face, is encrypted and only available to the Secure Enclave. This data never leaves the device. It is not sent to Apple, nor is it included in device backups. Face images captured during normal unlock operations aren’t saved, but are instead immediately discarded once the mathematical representation is calculated for comparison to the enrolled Face ID data.”
    I think that questioning took place before the information was released by the press that Apple plans to give parts of the data away to selected developers....otherwise the senator wouldn’t have stopped asking questions. At least I would have continued to ask, as this press information contradicts these statements.
    11-06-2017 04:27 PM
  13. Alex Rodriguez Jr.'s Avatar
    I personally don’t think the statements made by Apple are clear. They’re broad and leave a lot to interpretation. As mentioned above, some are also contradictory. Listen, I don’t care. I have four Echos, two Kinect cameras, Arlo, Nest, Hue, and my Apple products. If someone wants to see me butt naked on my sofa watching movies, I’m okay with it. But, I do think they should be clear to avoid any future problems. Either way, I love the feature.
    11-06-2017 05:08 PM
  14. robertk328's Avatar
    Much ado about nothing, IMO. We had no problem doing finger prints with Touch ID, I'm sure the security is just as strong for Face ID.
    11-06-2017 05:13 PM
  15. EagleFox007's Avatar
    No matter what the case is, I don’t care. Big companies such as Google and Facebook has been capturing our personal information for many many years now and sharing it to 3rd party in exchange of free service using their product so they can make money. Apple has been very good so far of not sharing our personal information. They’ve mentioned this several times on their keynotes but if they decided otherwise, I don’t care.
    11-06-2017 05:20 PM
  16. robertk328's Avatar
    No matter what the case is, I don’t care. Big companies such as Google and Facebook has been capturing our personal information for many many years now and sharing it to 3rd party in exchange of free service using their product so they can make money. Apple has been very good so far of not sharing our personal information. They’ve mentioned this several times on their keynotes but if they decided otherwise, I don’t care.
    Yeah try searching something on amazon and then have it show up in your Facebook feed. Been happening forever
    luvesuga likes this.
    11-06-2017 05:33 PM
  17. EagleFox007's Avatar
    Yeah try searching something on amazon and then have it show up in your Facebook feed. Been happening forever
    That is so true!
    11-06-2017 05:35 PM
  18. Alex Rodriguez Jr.'s Avatar
    Damn, the temptation to make a dirty joke is too strong!
    11-06-2017 05:39 PM
  19. gnirkatto's Avatar
    Much ado about nothing, IMO. We had no problem doing finger prints with Touch ID, I'm sure the security is just as strong for Face ID.
    So when did Apple give TouchID data away and whom to? This never happened, afaik. Now they want to give FacEID data away, or at least are considering it.

    I was very skeptical in the beginning about TouchID (I can easily change a password, but never my fingerprint), and only after the enclave technology was discussed in more detail, I felt that it’s safe for me to use.

    Giving FacEID data away, even if it’s only part of it, and even if it’s ‘protected’ by legal documents, is a huge step backwards in keeping biometrical data safe. Unless someone from Apple does explain in more detail why this will NOT be an issue.
    11-07-2017 05:40 AM
  20. gnirkatto's Avatar
    No matter what the case is, I don’t care. Big companies such as Google and Facebook has been capturing our personal information for many many years now and sharing it to 3rd party in exchange of free service using their product so they can make money. Apple has been very good so far of not sharing our personal information. They’ve mentioned this several times on their keynotes but if they decided otherwise, I don’t care.
    Bad enough, the (ab)use of personal data.
    However, (ab)use of biometrical data is a totally new quality, and even worse than (ab)using ‘just’ personal data, imho.
    11-07-2017 05:47 AM
  21. gnirkatto's Avatar
    So, even Snowden is concerned and warns. But nobody in the Apple community?
    11-24-2017 05:16 AM

Similar Threads

  1. Demetrios - The BIG Cynical Adventure (by COWCAT)
    By COWCATGames in forum iPhone Apps & Games
    Replies: 4
    Last Post: 11-06-2017, 12:39 PM
  2. I see too many questions about FaceID in the dark.
    By metllicamilitia in forum iPhone X
    Replies: 9
    Last Post: 11-06-2017, 07:53 AM
  3. FaceID Deactivated error message
    By tdosthp in forum iPhone X
    Replies: 2
    Last Post: 11-04-2017, 11:06 PM
LINK TO POST COPIED TO CLIPBOARD