With Apple’s Touch ID and Face ID features, you can unlock any Touch ID- or Face ID-equipped device, such as an iPhone or iPad, using your biometric information, that is, information based on your body, such as your fingerprint or the look of your face. You can also use this biometric information to pay quickly and securely with Apple Pay. The beauty of Touch ID and Face ID is that they’re easier than typing your passcode, and way more secure. Nonetheless, some people are uncomfortable with Touch ID and Face ID due to misconceptions about how they work. Let’s set the record straight.
I don’t want my fingerprint or face scan stored in the cloud
A little-known fact is that the visual image of your fingerprint or face is retained on your device for less than a second, and it’s not uploaded anywhere during that time.
Consider Touch ID. When you register your fingerprint on the Touch ID sensor, a clever process ensures that its 88×88 pixel scan is encrypted such that only the Secure Enclave can work with it. The Secure Enclave is a security coprocessor found in A7 and newer chips, which means the iPhone 5s and later.
When the encrypted scan arrives at the Secure Enclave, the Secure Enclave converts it into a mathematical signature—a sequence of ones and zeros—using an Apple-patented process called “subdermal ridge flow angle mapping” that is based on the direction and width of the ridges in a fingerprint. The mathematical signature doesn’t record every tiny detail, so even if a hacker could access it, they couldn’t reverse-engineer an image of your fingerprint. The mathematical signature is saved, but the actual fingerprint is discarded.
On to Face ID. When you record your face on the iPhone X, its camera captures 30,000 separate points on your face to create a set of depth maps and 2D images. A special process randomizes and protects this data such that it can be read only by the Secure Enclave. Once the Secure Enclave receives the information, it converts it to a mathematical signature, much as happens with Touch ID.
The mathematical signature of your fingerprint or face never leaves the Secure Enclave. When you try to unlock your device with Touch ID or Face ID, iOS sends the data to the Secure Enclave securely, in the same manner as before. The Secure Enclave determines whether there is a match and reports back. What’s notable about this process is that no data ever leaves the Secure Enclave; it merely reports on whether the signature of the scanned fingerprint or face matches the stored data.
In particular, the contents of the Secure Enclave are never backed up to iTunes or iCloud. That would create a security risk, and it’s unnecessary since you can easily set up Touch ID or Face ID again if need be.
So, although it’s easy to imagine your device storing your fingerprint or face scan, that’s just not how it works.
I don’t want a bad app to steal my biometric data
Again, this cannot happen because the Touch ID and Face ID sensors are built into the device in such a way that they can send your biometric data only to the Secure Enclave—and in a locked-down format that only the Secure Enclave on that particular device can decrypt.
Also, as noted previously the Secure Enclave never outputs biometric data when it’s asked to match a fingerprint or face scan, which prevents any rogue app from stealing your data.
Biometric systems sometimes make mistakes
Indeed, these mathematical representations can yield a false positive—allowing someone who is not you to authenticate via Touch ID or Face ID. Apple says the false positive rate for Touch ID is about 1 in 50,000 and for Face ID it is 1 in 1,000,000 (though for identical twins and siblings who look similar, the failure rate can be higher). In other words, if 50,000 people at a football game all tried your iPhone via Touch ID, it’s likely that 1 of them would authenticate.
But to avoid these authentication methods because they aren’t perfect is to throw out the baby with the bathwater. Consider this: leaving your device with no passcode yields a 1 in 1 failure rate—anyone can get in, read your messages, pretend to be you in email, look around in your apps, steal your photos, and so on. (Really. Not having a passcode is a truly bad idea.)
With a 4-digit passcode, the chance that someone could guess your passcode randomly increases to 1 in 10,000, assuming you don’t use an obvious passcode like 1234 or 1111. Only with a 6-digit passcode—the default option—does a passcode become as secure Face ID, with a 1 in 1,000,000 chance of it being guessed. And while a 6-digit passcode may be secure, it’s more annoying to enter than using either Touch ID or Face ID.
Now that you know more about Touch ID and Face ID, we hope you’re more comfortable with using them—they really do provide the best and easiest security for your iPhone or iPad. And if you aren’t using them yet, take a trip to Settings > Touch/Face ID & Passcode today.