iPhone FaceID concerns

anonymous5344262278:

Apple says 1:10k vs 1:1MM for Touch/Face, so it’s def a step up for the threat model of a random passerby grabbing your phone.

What does the double M stand for? Or was that a typo for million?

anonymous5344262278:

But if you are roommates with a doppelgänger, then you may have to adjust your threat model.

I’m not, and neither is the person I’m helping, but still it’s worrisome.

anonymous5344262278:

As a data point for your actual question though, yah, I think a vast majority of iOS users do use it. I

I was wondering about users in the privacy community specifically. Do you use FaceID?

Do TouchID and FaceID work differently when it comes to the app store?

I ask this because my grandmother has an iPad with FaceID and an iPhone with ToucheID. She trusts me with her phone’s passcode. However, I had noticed that when I use her iPad, and it recognizes that I am not her, I am prompted to enter her pass code.

However, on her phone with TouchID, if I try to install a new app for her, I am not prompted to enter her pin. I actually have to ask her to place her finger to allow the download.

Is that specific to the app store or specific to TouchID vs FaceID?