The lidar technology in many newer cars would be capable of 'stealing' a person's 3 dimensional facial data without even needing close proximity or line of sight. Fingerprints, voice and iris patterns are bad enough but facial data is literally the easiest to compromise...
With the type of high end high resolution lidar being utilised by large companies and governments for 3D area mapping the facial data of large crowds could be captured in minutes or seconds...
And even without lidar it is possible to extrapolate 3D data from multiple images of a person's face, particularly with a dual camera setup.
It seems the only people not vulnerable would be Muslim women, bikers, and teens wearing hoodies...
What might an individual hacker need to compromise this new unlock feature?
1 A lidar scanner (becoming surprisingly common place, and with enough images of the target this might not even be needed)
2 A picture of the target, or preferably 2 or 3 from slightly different angles, to map onto the 3D construct of their face, not difficult at all these days... (and this won't even be necessary if the facial detection is based on geometric data only)
3 A 3D printer