Apple’s iPhones are great smartphones, and they have been so for a fair few years now. No matter which side of the Android vs iOS debate you stand on, it’s hard not to recognize the iPhone as a piece of tech that everyone in the industry tries to compete against. Anything that Apple does with the iPhone, the smartphone industry mocks for the first year and then shamelessly copies the next year. On the flip side, Apple is very slow to jump on new tech, and Android OEMs usually have features years before the Cupertino-based giant decides to adopt them. One such situation is under-display fingerprint sensors, a tech that Android OEMs have adopted since 2018. If you were waiting for Apple to adopt an in-display fingerprint sensor, you’ll have to wait a few more years, even though Touch ID has plenty of its own issues.
Under-Display Touch ID delayed on iPhone
According to noted analyst Ming-Chi Kuo, iPhones releasing in 2023 and 2024 will not be adopting under-display Touch ID. Kuo had previously predicted that 2023 could be the year when Apple makes the jump to under-display tech on the iPhone. But this prediction is now being revised, indicating we will have to pass over 3 more generations of iPhones before we have a chance of seeing Touch ID back on them in the form of an under-display solution.
I previously predicted iPhones would support under-display fingerprint sensing/Touch ID in 2023 at the earliest. But the latest survey indicates new iPhones in 2023 & 2024 may not adopt under-display Touch ID. Face ID with a mask on iPhone is already a great biometrics solution.
— 郭明錤 (Ming-Chi Kuo) (@mingchikuo) March 30, 2022
Note that the prediction doesn’t explicitly mention that the iPhone in 2026 will adopt an under-display Touch ID. For one, that is too far out in the future to accurately predict at this stage. And Apple has presented nothing either to indicate that they are interested in bringing back Touch ID at all. This is where the problem arises.
PSA: Face ID on iPhones can evolve to be unlocked by your sibling
When Apple made the jump from Touch ID to Face ID with the iPhone X, a lot was claimed about its superiority. Compared to face unlock as it was present on Android smartphones, Face ID was and remains so much more secure — Android phones simply matched an optical likeness, while Apple does a far more precise 3D scan. The 3D facial scan is very accurate, and Apple claims there is only a 1 in 1,000,000 chance of another random person being able to unlock your iPhone with their face. Compared to the 1 in 50,000 error rate for Touch ID, Face ID does appear to be a far more secure solution.
These claims do come with fine print though, and ones that I feel are not publicized enough. While yes, you can’t trick Face ID by holding up a simple photo, you can beat it with a face that looks very similar to yours. As Apple itself notes in its documentation (emphasis added):
The probability that a random person in the population could look at your iPhone or iPad Pro and unlock it using Face ID is less than 1 in 1,000,000 with a single enrolled appearance whether or not you’re wearing a mask. As an additional protection, Face ID allows only five unsuccessful match attempts before a passcode is required. The statistical probability is higher — and further increased if using Face ID with a mask — for twins and siblings that look like you, and among children under the age of 13, because their distinct facial features may not have fully developed. If you’re concerned about this, we recommend using a passcode to authenticate. You can also use Face ID without enabling Face ID with a mask.
Apple does not quantify this statistical probability. And there’s no way to know if they also account for the fact that these strangers (twins and siblings) are far more likely to be in physical proximity to your iPhone than a random person with a similar fingerprint.
So when I found out that my brother can open my iPhone 13 Pro with just a casual look, I was really (and rightfully) shocked.
My brother can unlock my iPhone 13 Pro with FaceID. He is 6 years younger.
I want fingerprint unlock back (not as a home button though).
— Aamir Siddiqui (@aamirsidd94) March 22, 2022
My brother is 6 years younger than me, but we do look fairly similar — as siblings often do. We aren’t twins though, and the age difference between us, as well as our personal preferences on hair and facial hair ensures that we definitely don’t look like photocopies of each other at any point. I was under the impression that this would be enough to keep my iPhone locked to me. However, all that my brother needs to do to unlock my iPhone is just look at it. Since we live in the same house (meaning he has plenty of opportunities to physically access my iPhone), the net effect is that my iPhone can be very easily and frequently unlocked by someone who is not me — and that is just insane.
Before you jump angrily to the comments, let me clarify some things. One, my iPhone has only one appearance enrolled in it, and that is mine. There are no alternative appearances enrolled, neither of myself, nor of my brother. I did set up Face ID unlock with Mask, but my brother can unlock my phone with this option disabled too. I do have Apple Watch unlock set up as well, but my brother can again unlock my phone with this option disabled too. No, he does not have my passcode, and he doesn’t even really need it. [I would have presented video proof of this whole charade, but my sibling is not comfortable being recorded for use on the Internet, and so you have to take my word on this sibling-unlocking happening.]
The only explanation I have been able to find is that this is rather intentional in a way. As mentioned in Apple’s documentation, it is possible to train Face ID to work on faces that bear a close resemblance.
Face ID automatically adapts to changes in your appearance, such as wearing cosmetic makeup or growing facial hair. If there is a more significant change in your appearance, like shaving a full beard, Face ID confirms your identity by using your passcode before it updates your face data.
This data will be refined and updated as you use Face ID to improve your experience, including when you successfully authenticate. Face ID will also update this data when it detects a close match but a passcode is subsequently entered to unlock the device.
Essentially, if my sibling or any other close resemblance attempts a Face ID unlock unsuccessfully and then I enter the password to open the phone, Face ID will take this as a learning opportunity to update my appearance in its database, merging my stored appearance with this newer appearance. Every unsuccessful Face ID + successful password unlock will train the AI behind Face Unlock to perform better in the future. The caveat then is that this makes it entirely possible that eventually, your iPhone can be opened by your sibling, especially if they have frequent access to your phone, even if such unlock or training is not intentional. So don’t be surprised if one day your sibling can suddenly open your iPhone with their face.
Touch ID > Face ID
Within the context of what I have laid down, I’ve been forced to disable Face ID on my iPhone. I trust my brother to not indulge in my personal data, but I am still extremely uncomfortable with the very idea that he has unlimited access to every single piece of information on my iPhone, including my banking and investment apps.
In a world with Touch ID iPhones, I would have had to worry about a small probability of bumping into a person who has a fingerprint similar enough to mine, who has access to my iPhone and wants to get inside of it. In a world with AI-based Face ID iPhones, there’s an even smaller probability that I come across a stranger who bears my facial resemblance. But what do I do about the sibling who can already unlock my Face ID iPhone?
In my current reality, I wish I could go back to a Touch ID iPhone. There’s no way to disable Face ID from learning and evolving appearances. So even if I do reset my stored appearance, it is only a matter of days and weeks before it matches the two faces again. Apple’s eloquent solution here is to ask users to just disable Face ID completely, and that is what I have done for now. Since I was already used to not being able to easily unlock my iPhone over the past two years because I had a mask on (Apple took its sweet time to roll out Face mask-based unlocking), the inconvenience is rather familiar. A part of me still hoped that a future iPhone flagship could bring back Touch ID. But looks like I will have to wait for a while now.
Until then, I’ll be using my banking apps on my Samsung Galaxy S22 Ultra and my other Android devices.