User profile for user: msmaizel
msmaizel Author
User level: Level 1
27 points

Assist with FaceID security considerations/risk, third party apps (inc. What's App), biometric data

Hi!  Hoping for reassurance (either way) from those deep in platform security.   Downloaded the apple platform security guide to review. Meanwhile, have an immediate issue, thought the community might weigh in!  iPhone 11 17.2.1


I use Face ID to log into my iPhone.  My personal decision is I use this feature on Apple only / data on iPhone only.


Question - when prompts to allow FACE ID authorization pop up (from 3rd party app on iPhone), am I authorizing for my iPhone Face ID feature/functionality/data residing only on my iPhone - as is the case for sign in?  In which case what am I actually authorizing?


Or, is there any sharing, access, or provision of rights/data/ biometric data transfer - to the third party?  


And if (fingers crossed) - I am authorizing for biometric feature/functionality/data will continue to only reside on my iPhone, does it apply universally to all third party apps when these prompts come up?


To get my head around, would be useful to understand conceptually - across apps - any nuances, considerations, possibly variables. Though, I would only plan for use on key apps like the bank. 


Second question - for my immediate issue specifically - after update, the what’s app seems to be looping me back to authorize Face ID.  I’ve been missing calls/meetings from someone that uses what’s app.  I do not use it.  I ensured every single notification setting was on, immediate, etc.  Support even saw I notification overkilled.  And I continue to miss appointments.  I reset phone settings, app is up to date, focus is not on, etc.  Now the app seems to be requiring Face ID, which I won’t allow.


Could that be the reason, I’m missing all forms of notifications? 

Hence my first question.  I won't give Meta biometric data.

It seems the app locks after every update, I miss calls and I don't get notifications when locked(unbeknownst to me), or not.


I realize likely user confusion and I’m missing something on question 2, but I have no idea what the issue is, support wanted to escalate to advisor and I also need clarification on broader security considerations/risks to add.


Thanks so much!!!


ps the call got disconnected during settings update, so I'm coming to the community first. thanks!

iPhone 11

Posted on Feb 3, 2024 1:42 PM

Reply

Similar questions

3 replies
User profile for user: Lawrence Finch
Lawrence Finch
Community+ 2026
User level: Level 10
232,756 points

Feb 3, 2024 1:54 PM in response to msmaizel

Biometric data never leaves your phone. When you authorize an app to allow login with Face ID it works because the app has previously “trusted” the iPhone when you set up FaceID in the app’s settings, after the app has authenticated some other way, such as password, Authenticator app, passkey, or security key and optionally 2 factor authentication. It is iOS displaying the Face ID prompt, not the app itself, and if iOS recognizes you it tells the phone that you are you.

Reply
User profile for user: msmaizel
msmaizel Author
User level: Level 1
27 points

Feb 5, 2024 11:55 AM in response to Lawrence Finch

Thanks so much Lawrence!  really appreciate the clarification.  so many variables, apps and security options, it can be incredibly confusing.  


Would be really useful  - (this is not meant for you specifically, though mention should Apple support / education / engineering notice) - 


If there were a simple visual example (maybe I just haven't found it?), which includes a list of all the security choices / settings option variables you mention, each options (or combination of options) level of risk vs feature/function pro's - to help us users more easily determine / decide on a personal standard approach / MO / plan to proceed more easily and secure our data.  


I imagine it would be in a basic spread sheet chart (visual format) and succinct.  Maybe something a product manager might put together that addresses the technical piece in a user friendly fashion for us regular folks and our user requirements :)


I find it overwhelming and feel as a result I’m putting my security at risk inadvertently.  An education piece is missing, is my sense, or I haven’t yet found it, which is entirely likely. :)


Thanks again!!

Reply
User profile for user: Lawrence Finch
Lawrence Finch
Community+ 2026
User level: Level 10
232,756 points

Feb 5, 2024 1:39 PM in response to msmaizel

Well, I don’t have a spreadsheet, but I do have a lot of security reading:


Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

Assist with FaceID security considerations/risk, third party apps (inc. What's App), biometric data

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up