Hacker News new | ask | show | jobs
by kevinavery 3207 days ago
They say that Face ID falsely recognizes 1 in 1,000,000 people (1 in 50,000 for Touch ID), but it's a lot easier to find the people who look like a given target to unlock their phone. Could be an issue if a mutual friend knows someone who looks enough like you to unlock your phone.
2 comments
pavel_lishin 3207 days ago
Just because someone "looks like" your target to you doesn't mean they're similar enough to fool whatever algorithms the iPhone is using.
link
infogulch 3207 days ago
Yes. So how much do look-alikes change that number?

It's 1/1M for strangers. Is it 1/10k for family members? 1/100 for close look-alikes?

The difference between FaceID and TouchID is that you don't have pictures of millions of people's fingerprints available publicly online...

link
kevinavery 3207 days ago
Exactly. Someone mining Facebook could build a directory of doppelgängers near each person. A little social engineering could get a bystander to unlock the target's phone without them even realizing they are facilitating a crime.
link
IshKebab 3206 days ago
Ah, HN-level paranoia.
link
pavel_lishin 3206 days ago
That's what they used to say about Stallman.
link
dogma1138 3207 days ago
Ironically people who look like you to humans tend to be a further away to biometrics.

I've worked on a few facial biometric systems in the past and the false positives were really shocking about 65% of them were cross sex and virtually none of them looked alike.

People tend to look at different flesh centric facial features and things like hair style, eye color and overall superficial appearance is what we see. Biometrics see distance between various points like eyes, nose bridge cheek bones etc we tend to actually overlook those fine features when it comes to doppelgängers.

From friends that still work in the field gate analysis seems to have the lowest rate of false positives yet so maybe IPhone X2 will require you to dance to unlock.

link
pavel_lishin 3207 days ago
> From friends that still work in the field gate analysis seems to have the lowest rate of false positives yet so maybe IPhone X2 will require you to dance to unlock.

Please sneeze to unlock phone

link
dogma1138 3206 days ago
Fast DNA analysis can be even worse like 1 in 10,000.
link
bluetomcat 3207 days ago
It's not clear whether the false positives would mainly be among "similar faces", or it probably could happen due to signature collisions on entirely different faces? Like, a weakness in the algorithm which causes two entirely different faces to hash to a very similar signature.
link