Apple embraces facial recognition… but how much can it be trusted?
Forget about your passcode; leave your fingerprints aside. The hottest security tool at the moment is the selfie. Facial recognition is a new feature on the iPhone X and will be used to unlock the smartphone as well as to complete payments via your mobile wallet. But how safe is it to allow your smartphone to process payments by merely using your face?
Named by Apple as Face ID, the new facial recognition tool uses ‘a suite of sensors to map your face in 3D’, creating a ‘precise depth map’ of users’ faces, described the MIT Technology Review. On top of this, Apple has revealed that the iPhone’s machine learning algorithm keeps track of changes in someone’s facial appearance, permitting recognition even when users are wearing glasses, hats and make up, for example.
Some experts are positive about Apple’s move. ‘If a password is compromised, it can be changed. But a face cannot be changed’, said Vitaly Shmatikov, Computer Science professor at Cornell Tech to Scientific American magazine. Others go further, saying that the selfie is just the beginning, and soon phones will be able to perform iris scanning as well.
Despite the buzz, the new technology may be met with certain scepticism by security experts. It is worth remembering that when Samsung released Galaxy S8 and their facial recognition tool, hackers found a way to cheat the security settings and unlock the phone by simply showing a picture of the user. Chinese giant Alibaba also had its facial recognition system debunked by a Popular Science writer who used a video of himself to the test whether his purchase and payment would be authorised. They were.
Apple made it evident that these previous faults were addressed with the introduction of 3D face mapping. Yet researchers at the University of North Carolina showed in 2016 that it is possible to generate a 3D model of someone’s face using photos from Facebook users. Surprisingly, the 3D simulation had between a 55 and 85 percent success rate in deceiving facial recognition systems.
There is a clear need for multiple layers of security in smartphones for enabling mobile payments. It is crucial that tech companies – as well as merchants – understand this message and do not fall short of maximum data protection in the name of customer amusement and convenience.