Facial recognition is a type of biometric technology that uses data to verify the presence of a human being’s face in a digital capture. There are two main uses for facial recognition software: recognition and authentication.
Face recognition technology (FRT) -- verifies the presence of a specific individual in a digital capture.
Face authentication software (FAS) -- grants a specific individual physical or digital access to something. The use of the word authentication signifies that the user has given their consent for their faceprint data to be collected and stored. Additionally, they have been told what the data is being used for and can request to opt-out of the system at any time.
Adding opt-in facial recognition capabilities to any IT system adds a significant level of security while providing a frictionless user experience. The Microsoft Photos app In Windows 10 and Windows 11, for example, uses face detection and facial grouping technologies to organize the user’s photos. In contrast, Windows Hello and Apple Face ID are two popular examples of how facial recognition software is being used today for authentication.
One of the key benefits of using face authentication for physical access control is that it provides a higher level of security when compared to traditional physical credential-based systems. Another important benefit is that it frees users from having to create and update unique strong passwords and offers a better user experience.
Both face recognition and face authentication technologies require user opt-in. The General Data Protection Regulation (GDPR) in the EU and the California Consumer Protection Act (CCPA) in the USA are two important examples of how legislative protections have been created to limit the use of non-cooperative facial recognition software in order to protect end-user privacy.
Techopedia Explains Facial Recognition
How Does Facial Recognition Software Work?
During enrollment, an image (e.g., a photograph, a digital capture, or a video still) of a face of the known individual is submitted to the facial recognition system. While each system’s techniques may vary, in general, the distinctive characteristics of each face, such as the distance between the eyes, the width of the nose, and the depth of the eye sockets, are measured. These characteristics are known as “nodal points.”
Nodal points are extracted from the face image and are transformed through the use of algorithms into a unique file called a reference sample or biometric template. Reference samples and biometric templates are stored in a data repository for future comparison with other captures.
Traditionally, face authentication, like many biometric technologies, was based on calculating the probability that the data representing a person’s identity in real-time accurately reflected an individual’s reference sample that was collected during enrollment. This one-to-many approach uses techniques such as hamming distance to calculate what percentage of binary digits (bits) from a live capture match an individual’s reference sample. A drawback to this approach is that unlike fingerprints or iris scans, people’s facial appearances often change over time. When reference samples are only collected during opt-in, a dramatic change in someone’s facial appearance can result in the system refusing access.
Luckily, improvements in machine learning (ML) and artificial intelligence (AI) make it possible for reference samples to be continually updated in real-time. In addition to improving accuracy, this has the positive effect of making this type of system easier to use over a long period of time.
Uses for facial recognition software
Facial recognition plays an important role in multi-factor authentication and is increasingly being used in some parts of the world to add an additional layer of security to ATM transactions and point-of-sale (POS) terminals. Other popular uses include:
Digital security - unlock a smartphone, laptop, sensitive file or business application.
Physical security – unlock a gate or door.
Law enforcement – identify a known criminal or missing person in a crowd from a distance.
Retail – alert store managers when convicted shoplifters enter a specific retail establishment.
Attendance and crowd control – provide Crowd intelligence insights into what spaces within a building are being used and by whom.
Facial Recognition and Zero Trust
Facial recognition plays an important role in a security strategy known as zero trust. The fundamental concept of zero trust is that there is no implicit trust granted to assets or user accounts based solely on their physical or network location.
Zero trust focus on resource protection and the premise that trust is never granted implicitly and trust must be continually evaluated. Authentication systems that include facial recognition components add a level of verification consistent with the principles of zero trust. The challenge is figuring out how to lock down every resource without interrupting workflows.
The outcome is that biometric systems, which in some cases have not enjoyed mass deployments due to poor user experience, are now using machine learning and artificial intelligence algorithms to overcome one of the larger barriers to large-scale adoption – the need to constantly update reference samples.
Concerns about Facial Recognition
Facial recognition software has come under great scrutiny in the past several years because some companies have leveraged the technology in ways that many people believe violate their privacy rights. These companies surreptitiously collected biometric data from users that were, in some cases, unaware that the data was being collected. The data was then compiled into large databases that were shared, or even sold to third-party entities.
Other concerns around using facial recognition to support a zero trust architecture include:
The potential for race, gender or age-related biases.
Compliance concerns about how to collect, retain, and secure images reference templates.
Privacy concerns about whether or not people who have not opted into a facial recognition system should be notified when their image has been captured.
Establishing standards and passing legislation to govern law enforcement agencies’ use of the technology.
Authentication vs. Recognition vs. Comparison
The terms face recognition and face authentication are often used interchangeably in everyday speech but technically, they are not the same thing.
Although both technologies use biometric software systems to identify individuals, they employ distinct processes and are applied for different purposes. Face recognition uses technology to identify the presence of a human face in a digital image, while face authentication uses technology to verify the identity of an individual who is actively interacting with a digital or physical asset.
In contrast, facial comparison initiatives require a manual examination of the differences and similarities between two face images or live subjects -- and uses one-to-one matching to determine whether they are the same or different persons. Today, many standard investigative techniques use facial recognition software before implementing facial comparison to limit the number of candidates that will be manually examined.