Apple said in presentation you can't use FacialID if you have a (evil) twin.

Even identical twins might not have facial features (due to body fat percentage differences or sun exposure) which are close enough to fool it.

It's an interesting question how exactly the device switches to the remote profile mode versus an "authentication failed" route. If the profile has never existed on the device you'll need permission from someone who is live on the device (in other words you need to get past the lock screen) to retrieve a new profile.

But if two profiles are live on a device owned by identical twins who can't be distinguished by FaceID -- perhaps detected by trying to authenticate the human to both profiles and seeing if both pass -- you're going to need a PIN (or something else) to distinguish them.

Honestly, I am waiting to see how FaceID works for various use cases.

Just me, without a twin, change beards all the time (shave it, grow it, shape it, etc).

I have also have friends who do contact sports (brazilian juijitsu) and trust me, their ears change shape all the time.

I dont have any personal friends that box, but man, I can also see that not working so well.

He doesn't. You turn the feature off.

Well since it doesn't have touchid, you're pretty much back to using a pin/password, so back 5+ years ago