Biometric authentication (Face ID, fingerprint)
Also known as: Face ID, Touch ID, fingerprint unlock, face unlock
Biometric authentication unlocks a device or app using a physical trait — your face or fingerprint — instead of typing a passcode. On phones the biometric data stays in a secure hardware chip and never leaves the device or syncs to the cloud.
- Uses your face or fingerprint, backed by a passcode
- Data stays in a secure chip, not the cloud
- Falls back to passcode after restart or failures
How Face ID and fingerprint work
Apple’s Face ID and Touch ID, and Android’s face and fingerprint unlock, scan a physical trait and compare it to a mathematical model stored on the device. They are a convenient front end to your passcode, not a replacement for it — the passcode is still the ultimate fallback.
On iPhone, the model lives in the Secure Enclave, a dedicated chip isolated from the rest of the system. The raw scan is never stored as a photo and is not uploaded to Apple or backed up.
Strengths and limits
Biometrics make a strong passcode practical to use constantly, since you do not retype it every time. Apps can require it to open — useful for banking, password managers, and private folders.
They have limits: a biometric can be compelled more easily than a memorized passcode in some situations, and after a restart or repeated failures, the device falls back to requiring the passcode. Biometrics work best as a layer on top of a strong passcode, not instead of one.