We could be using facial authentication for a whole lot more than unlocking our phones

Ultimately, facial authentication will be a prevalent method in anything that requires more security but eventually trickles down to every industry, including replacing keys and card readers to become the de facto access-control-authentication method. Facial authentication shouldn't be confused with facial recognition. The latter is prone to misuse, as governments, corporations, and other entities leverage public data (as well as data collected without consent) to identify or track people without their awareness. This isn't what Apple's FaceID does, and it's not what access-control solutions do either. Rather, authentication matches specifically enrolled, consenting people to their own identity without plugging into significant databases.