The current 2FA methods, something you have and something you know, are better than the proposed methods.
Under the new method, something you have and something you are, hackers/feds only require your device to get into your accounts. Feds especially can extract your biometrics: simply force your hand against the fingerprint reader or take your picture. They have a much greater difficulty extracting your passwords, they must compel you to reveal that information through fines or torture (aka the hammer to the kneecap principle).
The decent thing about face login on iPhone is you can set it to require your attention before unlocking the phone. So closing your eyes or looking away from the phone will prevent unauthorised unlocks.
The feds really want into your accounts.
The current 2FA methods, something you have and something you know, are better than the proposed methods.
Under the new method, something you have and something you are, hackers/feds only require your device to get into your accounts. Feds especially can extract your biometrics: simply force your hand against the fingerprint reader or take your picture. They have a much greater difficulty extracting your passwords, they must compel you to reveal that information through fines or torture (aka the hammer to the kneecap principle).
The decent thing about face login on iPhone is you can set it to require your attention before unlocking the phone. So closing your eyes or looking away from the phone will prevent unauthorised unlocks.
They found out that iPhones do a 3D face scan every 5 seconds, not just on the lock screen.
There's a setting in there that prevents the phone from dimming or locking if you're looking at it; the repeated scan may be related.
I turned that off primarily because it made my eyes feel a little odd.
So now its a weapon too, great.