This exactly. To have a more secure device this is one of the trade offs. Can you imagine the articles if you could swap out faceID systems to unlock an encrypted iphone?
AFAIK face ID generates a key used to decrypt the data. Swapping the system wouldn't let you unlock it, unless it was performing a MitM against the user of the phone. Honestly most of the TPM and trusted enclave stuff Apple does is mostly to prevent that kind of MitM situation. For most users, I don't see it as a threat to worry about.
It’s even more impressive than that — the infrared dot pattern of every Face ID sensor is also physically unique. You can’t swap out Face ID sensors and keep the same enrolment data as a result because the replacement sensor will produce a slightly different pattern.
> Can you imagine the articles if you could swap out faceID systems to unlock an encrypted iphone?
Yes, the articles would go something like this: "WTF is wrong with Apple, did they intentionally implement 'security' in the worst possible way, by leaving the phone unencrypted and just using faceID as a lock screen?!"
That is what they'd have to do for your statement to make any sense, they'd have to leave the data unencrypted and just use a removable component as a pass or fail doorman. So the system would have always been unsecure, it would just be more obvious in this scenario.
I mean.. they could just show a pop-up after required passcode unlock: ‘your iPhone recently had its FaceID/brightness/battery/whatever swapped - do you wish to fully enable the replacement part for this iPhone?’