For those complaining about surveillance. people in countries like china/india, don't trust cab drivers as easily as they do in the first world.
If I can get into a cab in China and the app can tell me "yes, this is a driver that we have verified", this seems very useful and will make me feel safe(r).
Yes but at what cost? If people are fine with this, companies will start forcing people to scan faces for all sorts of reasons. Whether it's to enforce drm or for better targeted advertising ("It seems you're suffering from acne, here's 3 products that may help"), do you really want to live in a world like that?
At the cost of not being mugged, beaten, stabbed, raped, or killed.
It's not uncommon in many parts of the world for cab drivers to supplement their income by staging robberies or worse, they'll usually take a "short cut" which means they'll drive trough some alley in which some guy will come and rob both you and your driver, but in reality only you are being robbed.
I've been to a few places in Asia where the policy was simple - you do not hail cabs.
Cabs are handled by either the hotel or the office building you are in. You ask for the cab, they ask you where you are going and order it for you.
When the cab arrives some one from reception will go check it, they check the driver's ID, and if everything is ok they'll write down the time, the cab number, and your details and let you board the cab.
If you are not in a place that can hail a cab for you, you usually call the hotel and they'll either arrange it for you or tell you a safe place near by where you can get a reliable cab from.
And as far as the driver checks go on more than one occasion the guy from the reception told us to wait for another cab because he "had a bad feeling" which was usually he either did not know the driver, the driver that showed up wasn't the one the cab company said would come, or something just smelled fishy to him.
I am taking it that you don't travel anywhere. Last I checked, every airport does a TSA check. People simply don't trust each other. One cannot simply remove this checks. Just ask around you, how many people will board a plane with no police check of fellow passengers?
Am I only the one that thinks the animation on that page of a woman having her face scanned and turning her head looks like something from a modern retelling of 1984? I don't like the idea of app developers getting people used to submitting to facial scans; it seems inevitable that public acceptance of the concept will eventually be abused when someone decides that it's necessary to verify your identity before you access the internet in order to prevent terrorism.
edit: Upon further reflection, I see no reason why my argument above couldn't be applied to fingerprint sensors on smartphones, which I personally use and don't have much of a problem with... I guess anything that gets even remotely close to the territory of mainstream video surveillance using phone cameras just creeps me out. I'm no longer sure of exactly where I stand on the facial scan issue.
On the question of security and privacy - is my face being matched on THEIR cloud? or locally and then a token is matched?
Liveness on the whole has its own issues in terms of a spoofing 'arms race' and secondly the more complicated they make it the larger the risk of False Rejection Rate (rejection what should have been accepted)
On your latter point, it is a bit of a flaw that I feel inclined to address - Depends on implementation. on iPhone, your "fingerprint" is not exposed when you use that to unlock your phone... but then again when using that to maneuver in an app, you're doing no server side validation.
Touch ID doesn't store any images of your fingerprint. It stores only a mathematical representation of your fingerprint. It isn't possible for someone to reverse engineer your actual fingerprint image from this mathematical representation. The chip in your device also includes an advanced security architecture called the Secure Enclave which was developed to protect passcode and fingerprint data. Fingerprint data is encrypted and protected with a key available only to the Secure Enclave. Fingerprint data is used only by the Secure Enclave to verify that your fingerprint matches the enrolled fingerprint data. The Secure Enclave is walled off from the rest of the chip and the rest of iOS. Therefore, iOS and other apps never access your fingerprint data, it's never stored on Apple servers, and it's never backed up to iCloud or anywhere else. Only Touch ID uses it, and it can't be used to match against other fingerprint databases.
> edit: Upon further reflection, I see no reason why my argument above couldn't be applied to fingerprint sensors on smartphones, which I personally use and don't have much of a problem with... I guess anything that gets even remotely close to the territory of mainstream video surveillance using phone cameras just creeps me out. I'm no longer sure of exactly where I stand on the facial scan issue.
Your face can be (and in parts of the UK, is) scanned passively very easily. Your fingerprint less easily.
Sure, but if they're driving for one of those companies, that company already has a high definition photo of their face and lots of other information - I assume that drivers are subjected to considerably more scrutiny than passengers.
What would they possibly gain by doing that? It's not like the trip is a secret. Uber arranged the trip in the first place. Unless they're not who they say they are, in which case Uber is glad to be rid of them.
One of the car sharing startup Turo (formally RelayRides) has had a step in the verification process to require you to take a selfie of your ID held at your face.[1] As a backup alternative, you have to upload the ID scan to them to manually verify you.
This new feature comes courtesy of a deal Uber struck with a Chinese facial recognition startup, Face++. It’s currently in beta, and will be part of the drivers’ app in China next month.
Does China have to pay for something it already owns?
This is a bit worrying... a blatantly law-ignoring organization (let's skip ethics for a while) whose actions are largely ignored by governments is rolling out surveillance-friendly technology. Is it just me...? Also, keep in mind their recent transparency report.
Even if it's used on passengers -- your credit card is basically a form of ID. I don't use uber but I assume they don't support bitcoin / cash. You were already not private.
I actually found out a few days ago that in some countries Uber does accept cash (like Singapore - https://www.uber.com/cities/singapore/). But it's still not anonymous, obviously, because your user profile is still tied to the ride.
Isn't that one of the main safety features of uber? At least it is according to the drivers I talk to.
You know who's getting in the car, so if they run (in places that support cash), or if they damage your car, you know who they are, it's a safety thing.
It does seem a bit weird that a company founded on the principles of ignoring the law and distancing themselves from liability would even care about the identity of their drivers.
When I was traveling in a different Asian country, I would text someone the license plate of any cab I got into before driving off. Too many chances in big anonymous cities for people to get ripped off and for bad people to hide.
If I can get into a cab in China and the app can tell me "yes, this is a driver that we have verified", this seems very useful and will make me feel safe(r).