Apple’s new privacy page drives home its product security advantage

Matthew Panzarino

Today, Apple is launching a new version of its privacy page that presents security and privacy as a consumer feature set. This effort to position Apple as a provider of security and privacy services that manifest as features was begun back in September of 2014, in the wake of the celebrity nude hacking incidents.

Earlier that month, I had published a piece arguing that Apple needed to be less opaque about its security and privacy systems and policies, because they were substantially different and more important than a ‘product reveal’. While Apple had been making the security and privacy of its users for years at that point, that’s essentially where its new era of transparency and salesmanship around the topics began. The new security page it launched then kicked off an era of aggressive positioning by Apple that emphasized how little interest it had in users’ personal data beyond protecting it, and how that differentiated them from their competitors. Cook began speaking publicly about the importance of encryption and privacy, Apple got more vociferous about pushing back on law enforcement requests to unlock iPhones and in 2015 it launched a new version of its privacy page that I noted brought the concepts of security and policy solidly into the realm of product eduction.

The reason for that lengthy setup is that the version of the site that launches today I think finally brings together all of these pieces and tells a story of Apple’s security policies as true, usable consumer features. If you’ve written about, worked in or studied security and privacy of systems like mobile devices or computers you know that no matter how much people say they’re interested in security, they do not exhibit this in their behavior. People duplicate passwords, use short or no passcodes at all and have terrible operational security in their day-to-day lives.

Why? Because it’s harder. Security is wonderful, people say, as long as it doesn’t inconvenience them or interrupt any basic action they may take during a day. That’s a tough threshold that few companies take the time or energy to even begin to surmount. Most of the time the argument is ‘hey, we provided the security, it’s your fault if you don’t use it.’

The Apple methodology, meanwhile, has been to make security part of features so attractive that you want to use them. A substantial magic trick in the draconian, opaque arena of security. 

The security features of iPhone, iOS and other devices are presented on the site as a product showcase inside the philosophical framework of security — with a splash of customer education. While I don’t think every customer will visit this site, I can tell you that it will likely get more traffic and sell more devices than any privacy and security page that has ever existed.

A few new things make an appearance. Differential Privacy is now being applied to discovering bad actor websites that crash or memory hog, something we covered earlier this week, for instance. But mostly this is a payoff of all of the work Apple has done to integrate security and privacy deeply into its products.

Yes, it’s a bit of a victory lap and a bit of a marketing tool — the page kicks off by positioning privacy as a fundamental human right — but Apple also worked for it, so I’ll give it this one.

Face ID Security Detailed

There is also a new security white paper and knowledge base article on Apple’s Face ID authentication system. Many of the points inside were covered in my recent interview with Apple’s Craig Federighi, but there are some more details about how the face information is gathered and handled that will be interesting to the infosec community, or security-minded people.

One important takeaway from the paper is that Face ID operates almost identically to Touch ID from a security perspective. Once the binary ‘hey this is you or it isn’t you’ decision is made, all other systems function nearly the same. This means that they’re already tested by years of Touch ID being around without the Secure Enclave being meaningfully unwrapped or compromised. A good thing for consumers.

Another interesting note is that developers do not have to update their Touch ID apps to use Face ID. If an app you use now uses Touch ID to authorize anything, open anything or pay for anything, it will automatically work with Face ID. The same authentication framework is called as was called before. It’s probably best for those apps to update any text that refers to Touch ID, but otherwise they should work just fine on day one of the iPhone X.

Apple also details the methods that Face ID uses to adapt to changes in your face over time. It can learn from both solid matches in good light where it will add to its ‘good data’ about your face. It can also learn from failures that require you to enter a passcode.

To improve unlock performance and keep pace with the natural changes of your face and look, Face ID augments its stored mathematical representation over time. Upon successful unlock, Face ID may use the newly calculated mathematical representation—if its quality is sufficient—for a finite number of additional unlocks before that data is discarded. Conversely, if Face ID fails to recognize you, but the match quality is higher than a certain threshold and you immediately follow the failure by entering your passcode, Face ID takes another capture and augments its enrolled Face ID data with the newly calculated mathematical representation.

Basically, if it passes a certain level of certainty that this is probably you but can’t get a match, and then you enter a passcode — it will add that data to your face profile, improving matches in the future. But if it doesn’t think it’s you and someone enters a passcode then it won’t add the data.