September 15th 2017
By Mike Flaminio
Ars Technica has a nice rundown of security and privacy implications of the new Face ID security feature. Basically, it doesn't really change much from Touch ID. It expected law enforcement can still compel people to unlock a device. Apple, however, says Face ID is harder to trick, so it can be more secure from unauthorized access. As described by Apple, Face ID also requires your attention, which basically seems to mean you must be looking at your device to unlock.
Other than the new hardware, iOS 11 should beef up security across all devices.
it should be noted that Apple has instituted some new privacy features for iOS 11, which rolls out next week. Let's assume you unlock your phone for the authorities, whether they have a warrant or not. If you have TouchID enabled on a non-iPhone X phone, the passcode is now required when the phone is connected to a new computer. "Trust This Computer" pops up on the computer's monitor, requiring the password. That wasn't the case before. This means the authorities would need your passcode again to siphon data from your phone beyond just reading its contents manually.
One researcher who has written about this suspects the same will apply to the iPhone X and its FaceID--that a passcode will be required when connecting it to a new computer.