Apple to Hill: Face ID Is Secure

Company tells Franken data is secure, stays on phone

Apple's Face ID, the facial recognition software it's using to unlock the new iPhone X, is encrypted, never leaves the phone, and is not included in device backups, the company said.

The company was responding to a request for information about the software from Sen. Al Franken (D-Minn.), who in a Sept. 13 letter to Apple CEO Tim Cook said he would like some answers to a variety of questions about the privacy and security of the system, including whether it was possible to unlock the device with a photo or mask.

Cynthia Hogan, Apple vice president for public policy, Americas, who wrote Franken in response, said that a neural network trained to spot spoofing defends against masked phone intruders and photos.

She said a white paper on Apple's website explains how the company protects customers' privacy and data security, and that the company is also communicating directly with customers. She also said Apple would be happy to brief Franken anytime if he needed more information.

“I appreciate Apple’s willingness to engage with my office on these issues," Franken said, "and I’m glad to see the steps that the company has taken to address consumer privacy and security concerns. I plan to follow up with Apple to find out more about how it plans to protect the data of customers who decide to use the latest generation of iPhone’s facial recognition technology.”