WhatsApp for iPhone Now Lets You Lock App With Face ID or Touch ID

WhatsApp has enabled a new Face ID authentication option for iPhones that support the feature, in the latest update to the messenger app (via WABetaInfo).

The Facebook-owned platform has been testing the feature for iPhone X and newer devices in its TestFlight beta releases for some weeks now, but version 2.19.20 of WhatsApp, now on the App Store, makes Face ID available for all users with supporting iPhones.

When enabled, users need to use Face ID to unlock the WhatsApp app, but they can still reply to messages from notifications and answer calls when the app is locked.

To require Face ID to unlock WhatsApp, tap Settings -> Account -> Privacy -> Screen Lock and toggle on the Require Face ID switch. Users with a fingerprint sensing Home button on their iPhones will see an option to Require Touch ID instead.


With the Face ID/Touch ID toggle enabled, users will see some additional options appear below that allow them to activate the authentication requirement immediately, after one minute, after 15 minutes, or after one hour.

When the app is locked, if the iPhone fails to recognize a face or fingerprint, users can alternatively choose to enter their iPhone Passcode to open WhatsApp.

Elsewhere in this update, a smaller change means users can now download individual stickers in a sticker pack from the in-app sticker store, rather than having to download the whole pack. Just select a stickers pack, tap and hold the desired sticker, then tap Add to Favorites in the pop-up pane.

WhatsApp is a free download for iPhone available on the iOS App Store. [Direct Link]


This article, "WhatsApp for iPhone Now Lets You Lock App With Face ID or Touch ID" first appeared on MacRumors.com

Discuss this article in our forums

Google Developing More Secure Face ID-Style Facial Recognition System for Android Devices

Google appears to be working on a facial recognition system that would offer similar security to Face ID, based on code for the next-generation version of Android that was highlighted by XDA Developers.

Code in Android Q, set to be shown off at Google's developer conference in May, points towards an advanced facial recognition system that would be secure enough to be used for authorizing purchases and signing into apps, in addition to unlocking a smartphone.


Furthermore, the code references a built-in hardware based sensor through error messages that are highlighted when the sensor is unable to properly detect a face.

Combined, these two factors suggest that Google is expecting future smartphones to feature an advanced facial recognition system that could perhaps be as secure as Face ID.

Android Q code referencing a secure face unlock system. Click to enlarge.

Right now, there are Android devices that are using 2D facial recognition techniques to replace a passcode, but none of those systems are based on 3D face scans like Face ID. Facial recognition used by Android right now is more rudimentary and easily fooled, which is why Android devices continue to use fingerprint sensors for operations that need more security like payments.

The Android Q code indicates Google is building a native secure facial recognition option into the next version of Android, which would allow smartphone manufacturers to create systems that rival Face ID.

Android Q code referencing a secure face unlock system. Click to enlarge.

Face ID was first introduced in 2017 in the iPhone X, and has since expanded to the iPhone XR, XS, XS Max, and the 2018 iPad Pro models. At the time Face ID was introduced, respected Apple analyst Ming-Chi Kuo suggested the sophistication of the 3D camera system Apple uses would be unable to be matched by Android smartphone makers for 2.5 years.

One and a half years later, there are still no Android smartphone manufacturers that have created a front-facing camera system similar to the TrueDepth camera system able to be used for all secure system functions like payments.

Google's work on adding secure facial recognition code to Android does, however, suggest that Android devices with Face ID-like systems are in the works and coming soon.


This article, "Google Developing More Secure Face ID-Style Facial Recognition System for Android Devices" first appeared on MacRumors.com

Discuss this article in our forums

Police Can’t Force You to Unlock an iPhone Using Face ID or Touch ID, California Judge Rules

Law enforcement officials can't force smartphone users to unlock their devices using fingerprints or other biometric features such as facial recognition, according to a Northern California court ruling from last week.

The ruling, which was shared this morning by Forbes, was the result of an Oakland investigation into possible extortion. Police officers asked the court for permission to seize multiple devices and then compel the suspects to unlock the devices using biometric authentication.


The court said that there was indeed probable cause to grant a search warrant, but that it was denied because the request to force the suspects to unlock their devices using biometric authentication "funs afoul of the Fourth and Fifth Amendments." From the ruling:
The Government, however, also seeks the authority to compel any individual present at the time of the search to press a finger (including a thumb) or utilize other biometric features, such as facial or iris recognition, for the purposes of unlocking the digital devices found in order to permit a search of the contents as authorized by the search warrant.

For the reasons set forth below, the Court finds that the Government's request funs afoul of the Fourth and Fifth Amendments and the search warrant application must be DENIED.
In further analysis, the court equated biometric authentication to a passcode rather than something like submitting to a DNA swab. It has been previously established that under the Fifth Amendment, a suspect cannot be compelled to provide the passcode of a device.

Biometric features like Touch ID and Face ID, said the court, serve the same purpose as a passcode, securing the owner's content, "pragmatically rendering them functionally equivalent."

The ruling also made an interesting point about the urgency with which law enforcement officials attempt to get a suspect to unlock a device biometrically, because after a device is passcode locked (iPhones will passcode lock after a short period without a biometric unlock), the government can't compel a person to enter the passcode. This urgency essentially confirms that a passcode and a biometric lock are one and the same.
This urgency appears to be rooted in the Government's inability to compel the production of the passcode under the current jurisprudence. It follows, however, that if a person cannot be compelled to provide a passcode because it is a testimonial communication, a person cannot be compelled to provide one's finger, thumb, iris, face, or other biometric feature to unlock that same device.
Biometric authentication measures have been a hotly debated topic, and previous rulings have suggested that Touch ID and Face ID are not equivalent to a passcode, though most rulings have pertained to Touch ID as Face ID is newer.

This has allowed law enforcement to force suspects to unlock their iPhones and other devices using biometric authentication. In October, for example, the FBI was able to force a man accused of child abuse to unlock his iPhone using Face ID.

The California court's most recent ruling could potentially have an impact on future court cases of this type, perhaps putting an end to the practice of forced biometric smartphone unlocking and the belief that a passcode is not equivalent to a biometric lock.

For now, though, Apple has implemented a method to quickly and temporarily disable Touch ID and Face ID by pressing on the side button of recent iPhones five times in quick succession.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.


This article, "Police Can't Force You to Unlock an iPhone Using Face ID or Touch ID, California Judge Rules" first appeared on MacRumors.com

Discuss this article in our forums

Security Researcher Cancels Public Talk on Hacking Face ID After Employer Calls it ‘Misleading’

Chinese security researcher Wish Wu was set to give a talk on hacking Face ID at the Black Hat Asia hacking conference in Singapore in March 2019, but at the request of his employer, he's canceled the talk, reports Reuters.

His presentation, called "Bypass Strong Face ID: Everyone Can Deceive Depth and IR Camera and Algorithms," supposedly offered details on a way to get past Face ID on the iPhone X "under certain conditions."


Curiously, the Wu says that his hack did not work on the iPhone XS and XS Max. Given that the three smartphones use the same Face ID system, it's not entirely clear why a bypass method that works on the iPhone X wouldn't also work on Apple's newer devices.

According to an abstract of the talk, Face ID was able to be hacked on the iPhone X with an image printed on a black and white printer and some tape.

Wu was asked by his employer, Ant Financial, to withdraw from the talk. Ant Financial is known for its Alipay mobile and online payments platform, which works with Face ID.
Wu told Reuters that he agreed with the decision to withdraw his talk, saying he was only able to reproduce hacks on iPhone X under certain conditions, but that it did not work with iPhone XS and XS Max.

"In order to ensure the credibility and maturity of the research results, we decided to cancel the speech," he told Reuters in a message on Twitter.
In a statement, Ant Financial told Reuters that the research on the Face ID verification mechanism is "incomplete" and would be "misleading" if it were to be presented at Black Hat Asia. Despite this, the Black Hat conference said Wu's talk was accepted in the first place because Wu "convinced its review board he could pull off the hack."

A Face ID bypass or hacking method would be major news, as the feature uses 3D facial recognition technology to prevent it from being fooled by photographs, masks, and other means.

As Reuters points out, there have been no reports of a successful Face ID hack that others have been able to replicate since Face ID was introduced in 2017. Vietnamese company Bkav posted a few videos of Face ID being bypassed with a well-made mask, but other researchers have not been able to duplicate those results.

Face ID is not infallible, however, and has issues with facial recognition with children and identical twins.

Tag: Face ID

This article, "Security Researcher Cancels Public Talk on Hacking Face ID After Employer Calls it 'Misleading'" first appeared on MacRumors.com

Discuss this article in our forums

3D Printed Head Fools Android Face Recognition, iPhone X ‘Impenetrable’

Forbes recently challenged a variety of smartphone face-recognition systems with a 3d printed head modeled after the author's head.
The head was printed at Backface in Birmingham, U.K., where I was ushered into a dome-like studio containing 50 cameras. Together, they combine to take a single shot that makes up a full 3D image.

The final model took a few days to generate at the cost of just over £300. With it, the author tested it out against four Android smartphones and the iPhone X. All Android phones tested were able to be unlocked with the fake 3d printed head.
If you're an Android customer, though, look away from your screen now. We tested four of the hottest handsets running Google's operating systems and Apple's iPhone to see how easy it'd be to break into them. We did it with a 3D-printed head. All of the Androids opened with the fake. Apple's phone, however, was impenetrable.
The Android phones tested included the LG G7 ThinQ, Samsung S9, Samsung Note 8 and OnePlus 6.

It's been long known that many implementations of facial recognition amongst Android phones have been less secure than Apple's Face ID system. Some of those face recognition systems have been fooled with simple photographs. Apple's Face ID, however, also includes IR depth mapping and attention awareness technology. The attention awareness alone may be enough to explain the inability for a static 3d printed head to unlock the iPhone X. That said, the iPhone X's Face ID has been fooled in the past with more sophisticated printed 3d heads.


Discuss this article in our forums

Hands-On With the In-Screen Fingerprint Technology in the New OnePlus 6T

Back before the iPhone X came out, there were rumors suggesting Apple would do away with the Home button by implementing Touch ID under the display of the device, preserving the fingerprint sensor while allowing for an edge-to-edge display.

That didn't end up happening and Apple ultimately replaced Touch ID with Face ID, but since then, other companies have implemented in-display fingerprint recognition technology.

Subscribe to the MacRumors YouTube channel for more videos.

OnePlus recently unveiled its new OnePlus 6T, one of the first commercially available smartphones in the United States that's using in-screen fingerprint recognition technology. We were able to get our hands on one of the new smartphones to see if Apple is missing out on anything with its Face ID implementation.

There are instances where a fingerprint sensor offers benefits over facial recognition. Face ID, for example, doesn't work well when you're laying in bed and the phone is held in landscape or when an iPhone is flat on a desk. With a fingerprint sensor, those are non-issues.

Fingerprint sensors have their own problems, though, and as we discovered with the OnePlus 6T, in-display fingerprint technology isn't as great as it sounds. OnePlus' implementation is slow and inaccurate, a major negative compared to Face ID.

With the OnePlus 6T, you need to make sure to place your finger in the designated spot on the display for your fingerprint to be recognized, and sometimes you need to hold it there for what seems like a long time before it reads the fingerprint. Touch ID and Face ID both unlock almost instantly, so the wait with the OnePlus 6T makes a huge difference.

Had Apple pursued in-display fingerprint technology its implementation might have been better than what OnePlus came out with, and there's still a chance the tech OnePlus is using will improve with software updates or future iterations, but we'll never know if Apple would have done it better.

Apple is all in on Face ID, which is now in both modern iPhones and iPads, and the company has said that other solutions, like in-screen or rear-facing Touch ID, were never under consideration once it decided to pursue Face ID.

Apple's Face ID technology is still so advanced that no other company, OnePlus included, has managed to match it as of yet. And in-display technology still has a ways to go, it seems, with most major Apple competitors instead opting for rear-facing fingerprint sensors as a way to achieve edge-to-edge displays.

Do you miss Touch ID and wish Apple would have worked towards an in-display fingerprint sensor, or do you prefer Face ID? Let us know in the comments.


Discuss this article in our forums

Police Told to Avoid Looking at iPhone Screens Locked With Face ID

Police in the United States are being advised not to look at iPhone screens secured with Face ID, because doing so could disable facial authentication and leave investigators needing a potentially harder-to-obtain passcode to gain access.

Face ID on iPhone X and iPhone XS attempts to authenticate a face up to five times before the feature is disabled and the user's passcode is required to unlock the smartphone.

Elcomsoft presentation slide talking about Face ID (image via Motherboard)

Given the way the security system works, Motherboard reports that forensics company Elcomsoft is advising law enforcement, "don't look at the sceen, or else... the same thing will occur as happened [at] Apple's event."

The note appears on a slide belonging to an Elcomsoft presentation on iOS forensics, and refers to Apple's 2017 presentation of Face ID, in which Apple VP Craig Federighi tried and failed to unlock an iPhone X with his own face, before the device asked for a passcode instead.

Apple later explained that the iPhone locked after several people backstage interacted with it ahead of Federighi, causing it to require a passcode to unlock.

The advice follows a recent report of the first known case of law enforcement forcing a suspect to unlock an iPhone using Face ID. The action subsequently helped police uncover evidence that was later used to charge the suspect with receiving and possessing child pornography.

In the United States, forcing someone to give up a password is interpreted as self-incrimination, which is protected by the Fifth Amendment, but courts have ruled that there's a difference between a biometric recognition system like Touch ID and a passcode that you type into your phone.

In some cases, police have gained access to digital data by forcing people to unlock mobile devices using their fingers. Indeed, before Face ID was in use, law enforcement was advised how it could avoid locking Touch ID fingerprint-based authentication on Apple's iPhones. "With Touch ID, you have to press the button (or at least touch it)," Vladimir Katalov, CEO of Elcomsoft, told Motherboard. "That's why we always recommend (on our trainings) to use the power button instead, e.g to see whether the phone is locked. But with Face ID, it is easier to use 'accidentally' by simply looking at the phone."

Related Roundup: iPhone XS
Tags: Face ID, law
Buyer's Guide: iPhone XS (Buy Now)

Discuss this article in our forums

First Case Surfaces of Law Enforcement Forcing Suspect to Unlock iPhone With Face ID

A Forbes report has highlighted the first known case of law enforcement forcing a suspect to unlock an iPhone using Face ID.

The incident reportedly happened in August when federal agents obtained a warrant to search the house of a man in Columbus, Ohio, as part of a child abuse investigation.

Apple marketing image for Face ID

According to case documents, FBI agents got 28-year-old Grant Michalski to put his face in front of his iPhone X to activate the Face ID facial authentication.

After the device was unlocked, investigators looked through Michalski's chat history, photos, and other files stored on the phone. Evidence discovered on the device was used to charge the suspect later that month with receiving and possessing child pornography.

Several previous cases have occurred where law enforcement has gained access to digital data by forcing people to unlock mobile devices using their fingers. One case even reportedly involved trying to use the finger of a dead person to unlock a phone, which ultimately didn't work.

However, this appears to be the first case in which Face ID has been used, so it's likely to reignite debate over where the law stands in relation to biometric authentication methods.

In the United States, forcing someone to give up a password is interpreted as self-incrimination, which is protected by the fifth amendment and against the law. Nevertheless, courts have ruled that there's a difference between a biometric recognition system like Touch ID and a passcode that you type into your phone.

In the case highlighted by Forbes, the FBI was eventually locked out of the phone and had to gain a second search warrant to allow them to conduct a more thorough search of the device using a third-party unlocking solution, likely similar to Grayshift.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Tags: FBI, Face ID, law

Discuss this article in our forums

Global Shipments of 3D Sensing Smartphones Predicted to Reach 100 Million Units This Year

Global shipments of 3D sensing smartphones are expected to reach over 100 million units in 2018, according to China-based analyst Sigmaintell, as Android phone makers gradually adopt the technology that Apple introduced to market last year.

China-based Xiaomi and Oppo have already unveiled phones featuring their own versions of the 3D scanning technology that Apple launched in the iPhone X back in September, while Apple is expected to bring Face ID to three new iPhones that are set for launch in the fall.

Xiaomi Mi 8 Explorer Edition

Announced in May, Xiaomi's 6.28-inch Mi 8 Explorer Edition, which combines 3D facial recognition technology and an in-display fingerprint sensor, is expected to hit stores in China on July 24, with a price tag in the region of $550.

In June, Oppo announced the Find X with a 6.42-inch AMOLED display. The 3D-sensing enabled phone is a direct competitor to the Mi 8, and features the same 8GB of RAM and Snapdragon 845 processor as its rival, with a higher price tag of around $750.

Also in June, Vivo unveiled new 3D sensing technology which it says has 10 times the accuracy of the Face ID authentication system in Apple's iPhone X.

Oppo Find X

Vivo's claim stems from its Time of Flight (TOF) system using 300,000 data points to map the user's face in three dimensions, compared to the 30,000 points of infrared light used in Apple's smartphone. The hardware is expected to feature in Vivo's new flagship model set for launch later this year, so whether the specs translate in practice to better security and accuracy remains to be seen.

As for Samsung, the Galaxy S8 and Galaxy S9 models already feature facial recognition, but it is 2D, and tests have proved that the systems could be spoofed with a photo of a face. The Korea-based firm is said to be considering adding more sophisticated 3D facial recognition to the Galaxy S9 lineup later this year.

Despite growing adoption of 3D sensing across the market, Apple will remain the primary vendor of the technology throughout 2018, with combined shipments of equivalent Android smartphones likely to reach only 12 million units, according to Sigmaintell.

(Via DigiTimes.)

Related Roundup: 2018 iPhones

Discuss this article in our forums

Apple Updates Repair Policy for iPhone X Units With Face ID Issues

Apple has updated its service policy for a limited number of iPhone X units that may be experiencing issues with Face ID.


Apple Stores and Apple Authorized Service Providers are now authorized to perform a whole unit replacement for iPhone X units with Face ID issues, instead of a display repair, according to an internal document obtained by MacRumors.

Apple Stores and Apple Authorized Service Providers have been advised to first run diagnostics on the iPhone X's rear camera and potentially repair that system if necessary to see if that resolves the problem. If the issues persist, then a whole unit replacement is now permitted, the document states.

There appears to be some kind of link between failure of the iPhone X's rear camera and front TrueDepth system, although it's not entirely clear.

The document in full reads:
In order to provide the best customer experience, if a customer reports that their iPhone X is having Face ID issues, you may be able to resolve the issue with a rear camera repair. Run AST 2 on the customer’s device to check the camera. If the diagnostics find issue with the camera, perform the repair to see if the issue is resolved. If the issue is not resolved, perform a whole unit replacement instead of a same-unit display repair.
Apple has not commented on this matter publicly, or launched any sort of official repair program, as these are internal guidelines.

Affected customers can book an appointment with an Apple Authorized Service Provider or Apple Store via the Contact Apple Support page: iPhone → Repairs & Physical Damage → The Topic is Not Listed → Bring In For Repair. Following those steps also presents options to contact Apple by phone or email.

Related Roundup: iPhone X
Tags: Face ID, GSX
Buyer's Guide: iPhone X (Neutral)

Discuss this article in our forums