FAQs
Is facial recognition insecure?
Facial recognition access control matches a face’s characteristics against a template in a database. That template must have been enrolled and authorised in the database first, then a matching process follows where identifying points are verified against the authorised template.
Showing: Most Recent
In the UK it’s the Information Commissioner’s Office (ICO); organisations that process data should be registered with them. If you’re unsure whether you should be there is a simple and effective self-assessment tool that you can use to check. For Ireland it’s the Data Protection Commissioner; you can find advice on their website.
While some early versions of facial recognition software could be fooled by someone holding up a photograph, the latest anti-spoofing and liveness detection technology means that this is no longer the case.
As with any technology, not all systems are created equal. In the studies conducted by NIST, while some of the algorithms tested only had a 70% accuracy rate, or had problems identifying women or those from ethnic minorities, the best achieved accuracy of over 99.8% across all demographics.
Here we refer back to the difference between identification and verification. While some public CCTV systems may have had facial recognition tied in to them as part of a trial for identification (such as in South Wales)...
Early versions of the technology may have struggled to correctly identify subjects in a timely manner, but as