Passwords are meant to be forgotten and it's not a new problem. Even years ago, when we only had four-digit codes for email accounts and ATM cards, people often used a loved one's birth year as a password, and funny enough, sometimes we still managed to forget whose birth year it was.
Evolving technology had made things even more difficult, especially for people who have a hard time remembering numbers and with numerous services like social media, online banking, mobile shopping each having different password criteria. Along came more complex password combinations like six-to-eight digits of alphanumeric codes that require special characters.
Again, we "solved" this digital mess by using the same easy-to-remember (also, easy-to-guess) passwords for different accounts. In the end, most of us did not take the trouble of creating distinct and hard-to-guess passwords for Facebook, Twitter, Instagram, Gmail, iCloud, Amazon, Netflix, Dropbox, our banks' mobile apps, e-Government services, and so on. Even counting them is tiring, let alone devising the perfect combination for each account. But, that only made cybercriminals happy because it allowed them to hack into just one of these accounts and easily gain access to one's entire digital portfolio.
Enter Biometrics: Your finger as your password
Tech companies and security experts banded together to find a robust alternative to tricky password combinations, a solution that would not involve human memory.
Because, as mentioned before, people are bound to forget any alphanumerical string. The advancements in processing power and recognition technology created a new way to authenticate identity, using biometrics.
With the possibilities of using a variety of body measurements and calculations that are unique to each person, biometrics became a convenient alternative to traditional passwords. Since it's the most easily accessible and commonly used biometric identity of a person, the fingerprint was the first to replace alphanumerical entries.
Despite not being the first smartphone with such capability, Apple iPhone 5S introduced biometrics as a reliable alternative to passwords.
Apple developed a fingerprint recognition feature called Touch ID that allowed users to unlock their iPhone, make purchases on iTunes, and years after that, verify transactions on Apple Pay.
Equipped with the Touch ID sensor for the first time, iPhone 5S made biometrics so popular that business analysis firm IHS estimated that the yearly shipments of fingerprint scanning smartphones, in general, grew up to 45.7 million units in 2013. That was up from a mere 4.5 million units the year before.
As the time passed, fingerprint scanning hardware became more accessible to manufacturers, giving even entry-level smartphones the ability to recognize users by their fingerprints.
The iPhone 5S' Touch ID authentication process took a couple of seconds but with last year's iPhone 7, that came down to milliseconds-level.
Improved performance aside, how reliable was it as a security measure? According to Apple, "The probability that a random person in the population could unlock your iPhone with his fingers is approximately 1 in 50,000."
Since the Cupertino-based company sold more than 200 million devices in 2016 alone, that probability ratio found its way to Apple's improvement road map.
The next step in biometrics: iPhone X with Face ID
For the first time in Apple's history, the iPhone X has completely ditched the Home button and features an end-to-end screen. But no one is talking about that. Since Apple's 10-year anniversary model was introduced on Sept. 12, it's all about the next step in biometrics, namely the Face ID.
According to its developers, the system provides intuitive and secure authentication enabled by the TrueDepth camera system with advanced technologies to map the geometry of a user's face accurately. In other words, just like Touch ID uses your fingerprints as biometric data, Face ID will analyze your facial geometry and use it as an alternative to passcodes so it can verify it's you.
INSIDE FACE ID: HOW DOES IT WORK?
An advanced combination of hardware and software enables Face ID to work smoothly. Most of the work is shared by two main components: The front-facing TrueDepth camera and the A11 Bionic chip in the iPhone X.
"The TrueDepth camera captures accurate face data by projecting and analyzing over 30,000 invisible dots to create a depth map of your face and also captures an infrared image of your face," explains Apple.
The A11 Bionic chip's neural engine then processes this image and the depth map, transforms them into a mathematical representation and compares that representation to the enrolled facial data.
That way, Face ID recognizes you even if you wear makeup, sunglasses, a stylish hat, or grow a gorgeous beard.
"If there is a more significant change in your appearance, like shaving a full beard, Face ID confirms your identity by using your passcode before it updates your face data."
So, any changes to the appearance are confirmed by the traditional passcode as an added precaution. Also, the biometric user data never reaches Apple's servers. It's stored locally on the phone, in a portion of the A11 Bionic chip aptly called the Secure Enclave.
Face ID requires eye contact with the front camera, so it will not work if the owner of the iPhone X is asleep or unconscious. You can disable Face ID discreetly by quickly pressing the Sleep/Wake button five times and unlike the Touch ID, where you can register multiple fingerprints, Face ID can track just one person.
Since the technology is so new, the experts in the field have different opinions. Apple says the 1:50,000 chance of being unlocked by another person's biometrics in Touch ID is now down to approximately one in a million with Face ID. But initial tests with identical twins showed you should probably use old-school passcodes if you have an evil lookalike. Anyone who feels uncomfortable using one's face as a security measure has the option to use a passcode instead. The comfort/security ratio of an essential feature on a personal device is always open for debate. But the innovation can be plainly seen in the "face" of the iPhone X.
As biometric technologies mature at their own pace, there's no denying the fact that Apple has once again taken a massive leap towards making a next-gen security tool mainstream.