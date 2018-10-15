US ROZZERS are being warned to avoid looking at iPhones with Face ID in case they get locked out of the device, much like Craig Federighi at the iPhone X launch event.

Apple's mug-scanning Face ID tech, found on the iPhone X and iPhone XS, attempts to authenticate a face up to five times before the feature is disabled and the user's potentially harder-to-obtain passcode is required to unlock the smartphone.

Because of this, forensics outfit Elcomsoft is warning US law enforcement not to gawp at iPhones involved in investigations as failed attempts would render Apple's Face ID useless, meaning a suspect can no longer be forced to unlock their own phone.

"iPhone X: don't look at the screen, or else… The same thing will occur as happened on Apple's event," a slide from forensics Elcomsoft, obtained by Motherboard, reads.

In the US, forcing someone to give up a password is interpreted as self-incrimination, which is protected by the Fifth Amendment. However, the same isn't true of biometric security because a person's face or fingerprint can't be a secret.

This legal grey-area recently enabled the FBI to recently use a suspect's face in a child pornography case. The allowed agents to "place the [phone] into airplane mode and examine it by looking through the files and folders manually and documenting the findings with pictures."

Vladimir Katalov, CEO of Elcomsoft, confirmed his company's presentation to Motherboard.

"This is quite simple. Passcode is required after five unsuccessful attempts to match a face. So by looking into suspect's phone, [the] investigator immediately lose one of [the] attempts," he said.

"With Touch ID, you have to press the button (or at least touch it); that's why we always recommend (on our trainings) to use the power button instead, e.g to see whether the phone is locked. But with Face ID, it is easier to use ‘accidentally' by simply looking at the phone." µ