Apple's Face ID has two key features: Face recognition makes it easier to deal with the iPhone X or its successors Xs, Xs Max and Xr. On the other hand, the facial recognition is just as important as a security measure. If someone other than the owner looks at the device, it remains locked. After five failed attempts, as well as after the restart, you must enter the passcode to unlock the device.
photo gallery
17 pictures
iPhone XS and XS Max under test: These are the new iPhonesThe Russian company Elcomsoft, which develops forensic software for government agencies, warns law enforcement against accidentally looking at seized iPhones X. On a presentation slide, which has published the technical magazine "Motherboard" and whose authenticity is confirmed, it says: "Do not look at the screen, otherwise ... the same happens as at the Apple event".
This refers to the idea of the iPhone X in September 2017. Apple's software chief Craig Federighi did not manage to unlock the iPhone X via Face ID on the stage and instead had to enter the passcode.
The passcode is a higher hurdle for investigators
Elcomsoft CEO Vladimir Katalov said "motherboard": "If an investigator looks at the iPhone of a suspect, he immediately loses one of the five attempts to unlock by Face ID". If this happens several times and the investigator does not manage to get the owner to the iPhone front camera at the latest on the fifth attempt, he needs instead the possibly hard-to-guess passcode. And that can actually be a disadvantage depending on the legal situation and the technical equipment of the authority.
In the US and also in Germany, accused persons do not have to burden themselves, for example by issuing passwords. But biometric access is something other than knowing a password. Since fingerprint sensors and face recognition, not least thanks to Apple have now replaced the password, the laws would actually need an update. As long as that does not exist, courts have to decide what cops are allowed to do and what they have to accuse.
The FBI, for example, for the first time in August, forced a suspect with a search warrant to unlock its iPhone X via Face ID, allowing officials to search it. Theoretically, the defense could have challenged this decision. But since there was plenty of other incriminating material, this was not worth it in this case.
"Face ID is another dimension than the fingerprint"
Also in this country there is no clear legal regulation. The Duesseldorfer defense lawyer Udo Vetter says: "The legal limit is that you do not have to actively participate as a defendant". But whether that is the case with Face ID is unclear.
His knowledge of the passcode does not have to be revealed by a suspect. Even more difficult is the question of whether he has to passively tolerate a fingerprint with which a fingerprint sensor is then actuated. "Face ID," says Vetter, "is another dimension than the fingerprint." If the police only have to face the suspect with his device, that may not be active participation.
If authorities want to avoid the uncertain legal process, they need special equipment to bypass or break the iPhones passcode lock. At least two providers of such devices are known: Grayshift and Cellebrite promise to crack even modern iPhones, some already for 1500 dollars apiece.
photo gallery
18 pictures
For iPhone and iPad: This is new in iOS 12Apple in turn has introduced some new features with its operating system iOS 12, which should make such burglary attempts impossible, because they could theoretically be used by criminals. So there is a kind of ongoing race between manufacturers like Apple and IT forensics companies selling their products to law enforcement.
There is also a third way around the passcode entry: Policemen can try to snatch the smartphone from a suspect in the unlocked state - just like a pickpocket would do it. At least that has worked in London.