Apple has already said the iPhone X's facial-recognition system, Face ID, could be a problem for people with an evil twin. They'll have to use a passcode to keep their data secure. Or get an iPhone 8 with Touch ID, since twins don't have matching fingerprints.
But just as people want to keep others out of their iPhone, how does Face ID ensure owners aren't locked out because they've got more wrinkles, makeup, or a different hairdo than a month ago?
Apple explains this issue and more in a new paper called Face ID Security, as well as on a new Face ID support page.
As it's said before, there's a one in a million chance someone else could look at your iPhone X and unlock it. That's 20 times less likely than for Touch ID.
Apple says the probability of a false match is different for twins, and for kids under 13 years old, whose distinctive facial features aren't fully developed.
The Face ID enrollment relies on an image of the person's face at a single point in time, which, like Touch ID's fingerprint capture, is stored as a mathematical representation in the device's secure enclave. However, Face ID also relies on a neural network to build on this representation of the owner's face using facial data from some login attempts.
Besides data captured at enrollment, the secure enclave also stores "mathematical representations of your face calculated during some unlock attempts if Face ID deems them useful to augment future matching".
Face ID does capture actual face images on every unlock, but they're discarded as soon it's calculated the representation.
To cater for "dramatic" changes to your looks, such as new facial hair or make-up, Face ID can use a temporary representation of your face if it was a good enough match to unlock the device.
This can be used for a limited number of unlocks. Face ID also captures another facial image when it fails to recognize the owner but the match still reaches a "certain threshold" and they immediately type the correct passcode.
"To improve unlock performance and keep pace with the natural changes of your face and look, Face ID augments its stored mathematical representation over time. Upon successful unlock, Face ID may use the newly calculated mathematical representation -- if its quality is sufficient -- for a finite number of additional unlocks before that data is discarded," Apple explains in the paper.
"Conversely, if Face ID fails to recognize you, but the match quality is higher than a certain threshold and you immediately follow the failure by entering your passcode, Face ID takes another capture and augments its enrolled Face ID data with the newly calculated mathematical representation.
"This new Face ID data is discarded after a finite number of unlocks and if you stop matching against it. These augmentation processes allow Face ID to keep up with dramatic changes in your facial hair or makeup use, while minimizing false acceptance."
Face, fingerprint, passwords, or PIN: What's the best way to keep your smartphone secure?
Apple's Face ID has caused a stir -- but are biometrics really the best way to boost mobile security?
iPhone X: The hardware behind Face ID
Unlocking the iPhone 8 might be as simple as looking at it, but there's a lot of high-tech hardware powering it behind the scenes.