Much is being discovered and written about Apple's FaceID. There is talk about ability of iPhone X to distinguish between your photograph, clever 3D models of your face and your actual face. There is even talk about why what you "know" is a better security
measure than what you "are" (Forbes article). For example, the article says you can invoke the fifth amendment in US constitution
and remain silent when cops ask you to provide your phone's passcode. You can't do that if your phone has faceID enabled at that moment.
What intrigues me is the meteoric rise in the expectations that people have on digital technologies. When we were in the world of passwords and PIN's, no one asked if the person typing the password or PIN is alive or not. With legal jargon such as "You are
not allowed to share your password or PIN with anyone else" in place, the person typing the PIN or password was deemed to be the owner.
But with the use of biometrics (fingerprints, facial scans, etc.), such questions are becoming topical. Fingerprint recognition vendors are providing ability to sense skin temperature, finger pressure, and sweat level to detect whether the ID being presented
is from a live person or not (See this article). Anti spoofing in facial detection is the subject of much research with advances such as pupil direction tracking
algorithms (pupil tracking). Vendors also offer features such as tracking of eye movement or blinking (facial
facial recognition 2).
While digital technologies are advancing rapidly, users' expectations on them are advancing much faster. No method is 100% secure. Hackers will always try to keep up with new identification methods. We should try to balance between safety and convenience.
A phone that recognizes my face and unlocks automatically is convenient 9 out of 10 times. There is always the remote possibility that a clever photo or 3D model of my face could be used to unlock my phone.
The Forbes article referenced above reports that security researchers are already trying to print 3D head models that can beat iPhone X's faceID. Whether we have passcodes or biometrics in digital devices, there is always the possibility that someone can
make the owner open their device by putting a gun to their head.
We should design devices that are convenient most of the time but can also weigh the risks and employ multi-modal authentications (camera tracking movements, simultaneous facial recognition in device's front and finger print recognition at device's back,
combining biometrics with passcodes, etc.) when necessary.
Let us not stop innovation, convenience, and simplified experience from flowing to consumers of digital technologies to enrich their lives.
Thanks to http://teleuniversotv.com/ for the picture.