Three systems collect biometric data. All three claim to protect privacy. But they are fundamentally different in architecture, purpose, and threat model — and the "safer" system depends on what exactly you are protecting yourself from.
In brief: this article is an analytical comparison of three biometric identification models without marketing conclusions.
⚡ In Brief
- ✅ Face ID — local biometrics. Never leaves the device, does not identify you in any external system
- ✅ State Biometrics — centralized identification. Tied to an individual, managed by the state, used for access to services
- ✅ World ID — global anonymous uniqueness. Does not identify an individual, but proves that a real person is behind the account
- ⚠️ None of the systems is "the best" — each protects against different threats and carries different risks
📚 Article Contents
🎯 Three Biometric Models: Local, State, Global
Biometric systems differ not only in technology but also in a fundamental question: who is the trusted party and what are the data used for. The answer to this question determines the architecture, risks, and applicability of each system.
The popular discussion about biometrics often boils down to the question "is it safe to give away your data". But this is an imprecise formulation — it mixes three fundamentally different architectures with different trust models.
Let's distinguish them by three key dimensions:
| Dimension |
Face ID (Local) |
State (Centralized) |
World ID (Global Anonymous) |
| Question it answers |
Is this your device? |
Who are you? |
Are you a unique human? |
| Trusted Party |
You yourself (data only on your device) |
State |
Tools for Humanity + cryptography |
| Identification Goal |
Unlock device or app |
Identify person for government services |
Prove humanity without revealing identity |
This difference in purpose determines everything else: where data is stored, who has access to it, and what happens in case of compromise. Let's consider each model separately.
🎯 How Face ID Works and Where it Stores Data
Face ID is the most closed of the three systems. The mathematical model of the face is stored exclusively in the Secure Enclave — a protected coprocessor on the device's chip. Apple does not have physical access to this data.
During the initial Face ID setup, the TrueDepth camera projects 30,000 infrared dots onto your face and builds a three-dimensional depth map. This map is converted into a mathematical representation — faceprint — and stored in the Secure Enclave: a separate microprocessor on the Apple Silicon chip with its own memory and encryption keys.
What this means in practice:
- The faceprint is not transmitted to Apple servers — not even during iCloud backup.
- The iOS operating system does not have direct access to the Secure Enclave — only to the verification result ("match / no match").
- Apps only receive a boolean value: verification passed or not.
- Device change = complete erasure of the faceprint. No data exists for transfer.
A fundamental limitation: Face ID solves only one task — authenticating the owner of a specific device. It does not confirm your identity for external systems and does not prove that you are a unique person on a global scale. It is a local key to a local lock.
🎯 How State Biometrics Work: Passports, Aadhaar, eID
State biometrics are built on the opposite principle: data is stored centrally, tied to an individual, and managed by the state. The goal is not anonymity, but identification. The level of protection and transparency varies significantly between countries.
State biometrics is the oldest of the three models. Fingerprints in criminal registries appeared as early as the 19th century. Modern systems have added photos, irises, and DNA — but the basic architecture has remained the same: a centralized database tied to a legal entity.
Let's consider three archetypes — from the most common to the most ambitious:
Biometric Passports (ICAO 9303 Standard)
Since 2004, ICAO (International Civil Aviation Organization) has standardized biometric passports. As of 2025, more than 150 countries issue passports with an ICAO 9303 standard chip.
The chip contains: a digital photo (mandatory), two fingerprints (in most EU countries and the USA), sometimes — an iris scan (United Arab Emirates, Netherlands). Data is stored on the chip and duplicated in the national registry.
When crossing the border, a reader compares the face with the photo on the chip (and/or in the database) via a facial recognition system. Each crossing is a record in the database: who, when, where, from which direction. This log is stored for 5 to 15 years depending on the country.
| Country / Region |
Biometrics in passport |
Where database is stored |
Third-party access |
| EU (overall) |
Photo + 2 fingerprints |
National registries |
Law enforcement agencies (Prüm) |
| USA |
Photo (fingerprints — upon entry) |
DHS / FBI (NGI) |
Federal agencies, some states |
| UAE |
Photo + fingerprints + iris |
Federal ICP database |
Police, immigration |
| Ukraine |
Photo + fingerprints (since 2015) |
Unified State Register |
Ministry of Internal Affairs, SBU, courts |
Aadhaar (India) — the largest biometric system in the world
Launched in 2009, Aadhaar covers 1.4 billion people — over 99% of India's adult population. Each record contains: 10 fingerprints, scans of both irises, a photo, and demographic data. All data is centrally stored at UIDAI (Unique Identification Authority of India).
Aadhaar is an infrastructure, not just an ID. Built on it are: food and fuel subsidies (Direct Benefit Transfer), bank accounts (Jan Dhan), mobile SIM cards, medical records, tax declarations, voting in some states.
The convenience of the system is undeniable: millions of people without bank accounts gained access to financial services. But centralization created a corresponding attack surface:
- 2018 — Tribune journalists bought database access for $8 through an anonymous intermediary.
- 2023 — a researcher discovered a data leak of 815 million Indians through the ICMR government portal.
- The Supreme Court of India in 2018 declared the mandatory linking of Aadhaar to private services unconstitutional.
European eID (eIDAS 2.0) — the most decentralized state model
The European Union is moving in a fundamentally different direction. The eIDAS 2.0 regulation (effective in 2024) provides for a European Digital Identity Wallet — a smartphone application that stores verified personal attributes.
The key architectural difference from Aadhaar: the state verifies attributes (confirms that you are 18 years old, that you have a driver's license), but does not store all biometrics centrally. The data is located on the user's device. The platform receives only those attributes required for a specific transaction — and nothing more.
This is architecturally closer to World ID than to Aadhaar — but with a fundamental difference: eID is tied to a legal entity and managed by the state. Anonymity is impossible by definition.
⚠️ Common denominator of all state systems: the state knows who you are. This is not an architectural flaw — it is the system's goal. The question is not "does the state know", but rather: what legal guarantees are there against abusing this knowledge, is there independent oversight, and what happens when the government changes.
🎯 How World ID Fundamentally Differs
World ID solves a problem that neither Face ID nor state biometrics address: proving that a unique real person is behind an account — without tying it to an identity, without a centralized repository, and without state involvement.
The phrasing is important: World ID does not answer the question "who are you?". It answers the question "are you a human, and have you not registered yet?". This is a fundamentally different task with a fundamentally different architecture.
Property 1: Global Uniqueness without Identification
Face ID doesn't compare you to anyone — it only verifies the owner of a specific device. State biometrics compares you to your record in the registry and knows who you are. World ID compares your IrisCode to all registered codes on a global scale — but through ZKP, the platform only learns "unique human", not "who exactly".
This allows solving a problem that arose with the advent of generative AI: proving that a human, not a bot, is behind an account — without revealing identity. Neither a passport nor Face ID is suitable for this: a passport reveals too much, and Face ID does not verify identity for external systems at all.
Property 2: Absence of a Central Identity Custodian
Let's compare what each party knows in the three systems:
| Party |
Face ID |
State Biometrics |
World ID |
| Company / State |
Apple knows: you have an iPhone. Faceprint — no. |
State knows: name, address, date of birth, biometrics |
TfH knows: verification fact (public key). IrisCode — only in fragments via SMPC. |
| Platforms where you log in |
Know: you are the device owner |
Know: your legal identity (when using eID) |
Know only: "unique human". Different platforms cannot correlate your actions. |
| Potential attacker in case of breach |
Nothing (data not transmitted) |
Full identity of millions of people |
IrisCode fragments without value (if one SMPC node is breached) |
Property 3: Verification without State Involvement
To obtain a World ID, no passport, tax ID, or any government document is required. It is enough to have eyes and a smartphone. This is fundamentally important for two categories of people:
- 1.1 billion people without documents (according to the UN) — primarily in African and Asian countries. They cannot obtain a bank account, vote, or sign a contract. World ID can become the first digital identifier for this audience.
- People in authoritarian regimes — where state identification is used for persecution. World ID does not transmit data to government agencies by design (although regulators may demand access to the company).
Where World ID Loses to Both Systems
An honest analysis requires acknowledging limitations:
- No legal force. World ID is not a document. It will not confirm your identity in court, when signing a contract, or when receiving government services.
- Dependence on a private company. Unlike state systems, World ID is managed by Tools for Humanity — a private company without public oversight and regulatory accountability comparable to state institutions.
- Irreversibility upon compromise. If IrisCode somehow leaks — it's impossible to replace an iris. A state passport can be reissued. A password — changed. Biometrics — no.
- Opacity of SMPC nodes. World does not disclose who exactly manages the SMPC nodes and what is the minimum number of nodes for collusion. This is an open question regarding the system's true decentralization.
⚠️ Analytical summary: World ID is technically the most innovative of the three architectures — and the least time-tested. State systems have existed for decades, passed legal tests, and have (in democratic countries) oversight mechanisms. World ID is a bet on cryptography and trust in a private company instead of legal institutions. This bet may turn out to be right — or not.
🎯 Comparison Table by 10 Parameters
Comparison of the three systems by key parameters — from technical architecture to legal guarantees. No single system dominates across all parameters simultaneously. Read the comments below the table — numbers without context can be misleading.
| Parameter | Face ID (Apple) | State Biometrics | World ID |
|---|
| 1. System Purpose | Device owner authentication | Identity verification for government services | Proof of humanity and uniqueness |
| 2. Where data is stored | Secure Enclave on device chip. Not transmitted anywhere. | Centralized state registries. Duplicated between agencies. | SMPC fragments on independent nodes. Full IrisCode — on user's device (from 2025). |
| 3. Who has access to data | Physically — no one but Secure Enclave. Apple has no technical access. | State, authorized bodies, in some countries — third parties by agreement. | No party has the full IrisCode by SMPC architecture. But the composition of nodes is opaque. |
| 4. Does it reveal identity | No. Local verification without external transmission. | Yes — completely. Name, address, date of birth are tied to the record. | No by architecture (ZKP + nullifier). But the company knows the fact of verification. |
| 5. Global uniqueness | ❌ Tied to a single device. Does not compare you to anyone. | ⚠️ Within a country or bilateral agreements (Prüm, Five Eyes). | ✅ 160+ countries, 26+ million verifications. |
| 6. Algorithm openness | Partial: general Secure Enclave architecture described. Specific implementation — closed. | Varies: from completely closed (Aadhaar) to partially open (eIDAS). | Partial: IRIS pipeline open on GitHub. Feature extraction model — proprietary. |
| 7. Legal basis | Apple's terms of use. GDPR in EU. No specific biometric legislation. | National legislation. Strongest legal basis of the three — but quality depends on the country. | Disputed. Regulatory bans or investigations in 10+ countries. Legal status undefined in most jurisdictions. |
| 8. Risk of leak | Low: data is not transmitted and not stored centrally. | High: centralized databases are proven targets for attacks (OPM 2015 — 21 million records, Aadhaar 2018). | Medium: SMPC significantly reduces risk. But the real independence of nodes is unknown. |
| 9. What happens upon compromise | Device settings reset. Faceprint does not leak — it does not exist outside Secure Enclave. | Irreversible for biometrics. Documents can be reissued — but fingerprints and iris cannot be changed. | Irreversible for IrisCode. The company can revoke World ID — but the iris cannot be replaced. |
| 10. State involvement | Not required for operation. But the state can demand device access through court. | Mandatory by definition — it is a state system. | Not required for registration. But regulators have already demanded data deletion (Kenya, 2025). |
Comments on the table: what the numbers don't show
Parameter 3 (data access) — the most misleading. "No one has access" in Face ID is a technical truth about the faceprint. But Apple has access to metadata: when you unlocked the phone, which apps you opened, where you were located. In World ID, "no party has the full code" is true about IrisCode, but Tools for Humanity knows the public keys of all verified users on the blockchain. Complete anonymity is not the same as the absence of any traces.
Parameter 7 (legal basis) — the most important in practice. Technical architecture determines what a system can do. The legal framework determines what it must do. State biometrics in democratic countries have decades of case law, independent oversight, and appeal mechanisms. World ID has the terms of use of a private company and the jurisdiction of the Cayman Islands. These are qualitatively different levels of user rights protection.
Parameter 9 (compromise) — same consequence, different probability. All three systems use biometrics that cannot be replaced. But Face ID, due to architectural reasons, has the lowest probability of a leak — data is simply never transmitted. World ID, through SMPC, has a medium probability. State centralized databases have the highest, which is confirmed by real incidents.
🎯 Which System is Safer — Depends on the Threat
The "safer" system is the one that protects against the threat relevant to you. The three systems were designed for different scenarios. The right question is not "which is better," but "what exactly are you protecting yourself from."
A threat model is a security analysis tool: to determine who the potential attacker is, what their capabilities are, and what the cost of a successful attack is. Without this, the question "which is safer" has no answer.
Scenario 1: Unauthorized Access to Your Device
Threat: an attacker wants to unlock your phone — physically or remotely.
Best architecture: Face ID.
The faceprint never leaves the Secure Enclave. Even if an attacker breaches Apple's servers, gains access to iCloud, or intercepts traffic — they will get nothing useful. The only attack vector is physical presence: forcing you to look at the phone or using a sophisticated 3D face replica (documented successful attacks on Face ID via 3D masks are rare, and all required significant resources).
World ID and state biometrics are irrelevant for this scenario — they do not protect the device.
Scenario 2: Mass Identity Theft via Database Breach
Threat: an attacker targets a centralized repository and obtains biometrics of millions of people.
Worst architecture: classic state centralized biometrics.
Documented precedents: OPM breach in the USA (2015) — 5.6 million fingerprints of federal employees. Aadhaar database leak (2018) — potential access to 1+ billion records. Indonesian National Police database breach (2021) — 279 million records.
Face ID is fundamentally protected from this scenario: a centralized faceprint database simply does not exist. World ID, through SMPC, significantly reduces the risk — but not to zero, as the composition and independence of the nodes are opaque.
Scenario 3: Surveillance and Profiling through Data Correlation
Threat: a state, corporation, or attacker tracks your activity across different platforms and builds a behavioral profile.
Best architecture: World ID (provided correct implementation).
State biometrics is the worst option: the state knows your identity and can legally compel platforms to disclose activity. Face ID, when using Sign in with Apple, provides an isolated identifier — but this is not biometrics, but an OAuth login. World ID, through a nullifier, mathematically guarantees: two different services cannot establish that the same person is behind two verifications. This is an architectural, not a legal, guarantee.
Caveat: World ID protects against correlation at the verification level. But it does not protect against correlation of behavioral data after login — if you perform identical actions on two platforms, they can be correlated without any identifier.
Scenario 4: Forced Identification by the State
Threat: an authoritarian government uses biometric data to persecute citizens — activists, journalists, minorities.
Worst architecture: state biometrics in that jurisdiction.
Face ID does not transmit data to the state by design — but the government can seize the device. World ID is not tied to a legal entity — but regulators have already demanded access to the company (Kenya case). None of the three systems provides absolute protection against a state that controls physical access to an individual or jurisdiction over a company.
Scenario 5: Irreversible Compromise of a Unique Biometric Identifier
Threat: your biometrics leak and become publicly available or are used for identity forgery.
Same consequence for all — but different probability.
| System | Probability of leak | Consequence upon leak | Ability to "reset" |
|---|
| Face ID | Very low (data not transmitted) | Device compromise | Yes — reset settings |
| State Biometrics | High (centralized databases are attacked) | Irreversible identity compromise | Partially — reissue documents, but not replace fingerprints |
| World ID | Medium (SMPC reduces, but does not eliminate) | Irreversible IrisCode compromise | No — iris cannot be replaced. Only World ID can be revoked. |
⚠️ Conclusion: none of the three systems is "the safest" in all scenarios. Face ID is optimal for device protection and minimizing leaks. State biometrics is for legally significant identification, but with the highest systemic risk. World ID is for anonymous proof of humanity, with architectural advantages in protection against surveillance, but with unresolved questions regarding corporate trust and regulatory stability. The real danger arises not from the systems themselves — but from their misuse and from the concentration of power without adequate oversight.
❓ Frequently Asked Questions (FAQ)
Can Apple hand over Face ID data at the request of the police?
Technically — no. The faceprint is stored in the Secure Enclave and Apple does not have access to it. However, Apple can provide metadata: when the device was used, which applications were opened, iCloud data. The biometrics themselves are inaccessible even to Apple.
Can the state obtain my World ID?
World ID is not tied to an individual — the state cannot determine who is behind a World ID without additional information from the user themselves. However, regulators in several countries have already demanded the deletion of collected biometric data, and in some cases (Kenya, 2025) such a decision was obtained.
What will happen to my World ID if Tools for Humanity goes bankrupt?
This is a real open question. World Chain is a public blockchain, and smart contracts will continue to exist. But the SMPC infrastructure, Orb, and application support depend on the company. World has not provided a complete answer to the question of long-term sustainability.
Can all three systems be used simultaneously?
Yes — and most users already do. Face ID — for unlocking the phone. Passport — for border crossing. World ID — for verification on online platforms. These are not competing systems, but complementary ones in different contexts.
✅ Conclusions
Three systems solve three different problems. Trying to compare them on a single "better/worse" scale is a methodological error.
- Face ID — the most closed architecture. Minimal attack surface, maximum locality. Does not solve the problem of global identification.
- State Biometrics — the highest legal force of identification. Centralized architecture carries the highest systemic risk. The only system tied to an individual's legal identity.
- World ID — the only system that solves the problem of global uniqueness without identification. SMPC and ZKP architectures are technically sound. Open questions remain: proprietary feature model, opacity of SMPC nodes, regulatory uncertainty.
The real risk is not in which system you choose — but when a system goes beyond its intended purpose: state biometrics becomes a tool for mass surveillance, local biometrics turns into an entry point for third parties, and global biometrics concentrates control over the digital identity of billions of people in the hands of a single private company.
