Future Apple biometric security may include scanning veins in a user's face
Apple's Face ID could become even more secure in the future, after the revelation the iPhone X producer has explored the possibility of scanning the pattern of veins in a user's face as another form of biometric authentication, one that could potentially tell identical twins apart.
The U.S. Patent and Trademark Office published a patent on Tuesday called "Vein imaging using detection of pulsed radiation," granted to Apple. First applied for on November 12, 2015, the patent describes the use of an infrared emitter and a receiver that can detect blood vessel patterns below the surface of the skin.
The system consists of an optical transmitter that emits multiple pulses of infrared light towards an area of the user's body, such as a hand or a face. The infrared light can pass through the skin and reflect off the user's veins, with returning light received by an image capturing device capable of accepting IR light.
The data generated by the reflected IR light is then processed to generate an image of the blood vessels within the defined area. Based on the time-of-flight of the pulses, this technique could also be used to generate a three-dimensional map of the body surface.
In the patent, Apple notes existing vein-based authentication systems for hands are considered to be very accurate "due to the complexity of the vein patterns in the hand." As said vein patterns are internal to the body, it would be extremely difficult for someone to produce a usable counterfeit, especially when used alongside other biometric systems.
As vein imaging is also contactless, it also "alleviates hygienic concerns" associated with other systems that use fingerprints or handprints.
While Apple does discuss vein authentication in relation to hands, the patent also indicates the possibility of using it in other areas. Supplied prior art images include photographs of a person's face, while a diagram of the system shows it being used on an illustration of a face.
Vein-based authentication would potentially help Face ID from solving its "twin problem" if the two systems were used together. Face ID's facial map creation is thought to have a one-in-a-million false positive rate, with Apple itself suggesting there could be issues with identical twins or family members that are visually similar to each other.
As the structure of veins in the face differ from person to person, even between twins, such a system would help minimize these false positive instances further.
A requirement to read veins in a face would also make attempts to fool Face ID with a mask close to impossible, due to the need to replicate the target user's blood vessels.
The inventors of the patent are listed as Andrew T, Herrington, Jawad Nawasra, and Scott T. Smith.
Apple regularly applies for patents, filing ideas with the USPTO tens or hundreds of times a week, and in many cases the firm does not attempt to commercialize the described idea. As a result, there is no guarantee aspects of applied or granted patents will make an appearance in future Apple products or services.
Due to the emitter and receiver system used in the TrueDepth camera array in the iPhone X, the addition of two more sensors or the repurposing of existing components to implement vein-based authentication does seem to be a plausible addition to a future Apple product.
The U.S. Patent and Trademark Office published a patent on Tuesday called "Vein imaging using detection of pulsed radiation," granted to Apple. First applied for on November 12, 2015, the patent describes the use of an infrared emitter and a receiver that can detect blood vessel patterns below the surface of the skin.
The system consists of an optical transmitter that emits multiple pulses of infrared light towards an area of the user's body, such as a hand or a face. The infrared light can pass through the skin and reflect off the user's veins, with returning light received by an image capturing device capable of accepting IR light.
The data generated by the reflected IR light is then processed to generate an image of the blood vessels within the defined area. Based on the time-of-flight of the pulses, this technique could also be used to generate a three-dimensional map of the body surface.
In the patent, Apple notes existing vein-based authentication systems for hands are considered to be very accurate "due to the complexity of the vein patterns in the hand." As said vein patterns are internal to the body, it would be extremely difficult for someone to produce a usable counterfeit, especially when used alongside other biometric systems.
As vein imaging is also contactless, it also "alleviates hygienic concerns" associated with other systems that use fingerprints or handprints.
While Apple does discuss vein authentication in relation to hands, the patent also indicates the possibility of using it in other areas. Supplied prior art images include photographs of a person's face, while a diagram of the system shows it being used on an illustration of a face.
Vein-based authentication would potentially help Face ID from solving its "twin problem" if the two systems were used together. Face ID's facial map creation is thought to have a one-in-a-million false positive rate, with Apple itself suggesting there could be issues with identical twins or family members that are visually similar to each other.
As the structure of veins in the face differ from person to person, even between twins, such a system would help minimize these false positive instances further.
A requirement to read veins in a face would also make attempts to fool Face ID with a mask close to impossible, due to the need to replicate the target user's blood vessels.
The inventors of the patent are listed as Andrew T, Herrington, Jawad Nawasra, and Scott T. Smith.
Apple regularly applies for patents, filing ideas with the USPTO tens or hundreds of times a week, and in many cases the firm does not attempt to commercialize the described idea. As a result, there is no guarantee aspects of applied or granted patents will make an appearance in future Apple products or services.
Due to the emitter and receiver system used in the TrueDepth camera array in the iPhone X, the addition of two more sensors or the repurposing of existing components to implement vein-based authentication does seem to be a plausible addition to a future Apple product.
Comments
Hmm, nope, joke doesn’t work.
2) There are lots of reasons why an unlocking mechanism on the device is better than requiring a tether to another device that you may or may not have with you and may or may not be powered up. Even if the number of Apple Watches sold equaled the number of iPhones sold it still wouldn't be a good idea.
3) Even now, you're required to own an iPhone to setup an Apple Watch, yet the Watch has its own secure element for Apple Pay purchases. You don't have to have your iPhone with you to use Apple Pay. It's an offline system once the initial authentication with your financial institution occurs per card per device.
2) I don't understand what you're getting at here. The number of Apple Watches doesn't even come close to the number of iPhones sold so this idea that biometrics should be removed completely from the iPhone lineup because some people have an Apple Watch doesn't make any sense.
3) The point is that have Apple Pay on both systems and each systems locally authenticating a purchase is good for the product. The same goes for the iPad and Mac. If my iPhone is lost or stolen I can dissolve all the pseudonymbers® that each of my financial institutions created and tied to my physical card number fore each device without affecting any of the other pseudonymbers tied to other devices for my accounts. With your setup that everything is pushed through the Apple Watch I risk 1) a slower transaction (see Mike W's comments about his issues unlocking his Mac with his Apple Watch), and 2) having no way to make a payment if not having one device means that the chain is broken and authentication to unlock the device no longer works.
4) Is this about the notch? Are you looking for ways to get rid of the notch? The camera and other sensors would still be there if they removed Face ID and while the notch could be smaller, it may not be better. Just look at the ironically-named Essential phone.
5) I'd much rather see more independent features come to the Watch at WWDC so I can reduce my use of the iPhone more, not a way to lessen the iPhone's capabilities, slow down my access to it as it verifies that the Watch is still tethered via BT, or for it to be more anchored to the iPhone than it is already.
That said, the current setup makes sense since the authentication of the Watch only occurs when you place it on the wrist. If Touch ID or Face ID isn't instant enough then I don't see how the encrypted communication to verify that the Watch is still tethered to the current wrist would be instant enough, it wouldn't be good for battery life to have it constantly sending authentication credentials to verify it's still authenticated on a wrist, and I don't think it would be a good security to have to just assume the Watch is still connected per the last time it checked.
While using Apple Watch to authenticate my MBP was faster than typing in my password it's not faster than putting a finger on the Touch ID sensor, and I'm certain Face ID will be even faster if and when that feature comes to the Mac.