Margaret Rouse is an award-winning technical writer and teacher known for her ability to explain complex technical subjects simply to a non-technical, business audience. Over…
Facial recognition is a type of biometric technology that uses data to verify the presence of a human being’s face in a digital capture. There are two main uses for facial recognition software: recognition and authentication.
Adding opt-in facial recognition capabilities to any IT system adds a significant level of security while providing a frictionless user experience. The Microsoft Photos app In Windows 10 and Windows 11, for example, uses face detection and facial grouping technologies to organize the user’s photos. In contrast, Windows Hello and Apple Face ID are two popular examples of how facial recognition software is being used today for authentication.
One of the key benefits of using face authentication for physical access control is that it provides a higher level of security when compared to traditional physical credential-based systems. Another important benefit is that it frees users from having to create and update unique strong passwords and offers a better user experience.
Both face recognition and face authentication technologies require user opt-in. The General Data Protection Regulation (GDPR) in the EU and the California Consumer Protection Act (CCPA) in the USA are two important examples of how legislative protections have been created to limit the use of non-cooperative facial recognition software in order to protect end-user privacy.
During enrollment, an image (e.g., a photograph, a digital capture, or a video still) of a face of the known individual is submitted to the facial recognition system. While each system’s techniques may vary, in general, the distinctive characteristics of each face, such as the distance between the eyes, the width of the nose, and the depth of the eye sockets, are measured. These characteristics are known as “nodal points.”
Nodal points are extracted from the face image and are transformed through the use of algorithms into a unique file called a reference sample or biometric template. Reference samples and biometric templates are stored in a data repository for future comparison with other captures.
Traditionally, face authentication, like many biometric technologies, was based on calculating the probability that the data representing a person’s identity in real-time accurately reflected an individual’s reference sample that was collected during enrollment. This one-to-many approach uses techniques such as hamming distance to calculate what percentage of binary digits (bits) from a live capture match an individual’s reference sample. A drawback to this approach is that unlike fingerprints or iris scans, people’s facial appearances often change over time. When reference samples are only collected during opt-in, a dramatic change in someone’s facial appearance can result in the system refusing access.
Luckily, improvements in machine learning (ML) and artificial intelligence (AI) make it possible for reference samples to be continually updated in real-time. In addition to improving accuracy, this has the positive effect of making this type of system easier to use over a long period of time.
Facial recognition plays an important role in multi-factor authentication and is increasingly being used in some parts of the world to add an additional layer of security to ATM transactions and point-of-sale (POS) terminals. Other popular uses include:
Digital security – unlock a smartphone, laptop, sensitive file or business application.
Physical security – unlock a gate or door.
Law enforcement – identify a known criminal or missing person in a crowd from a distance.
Retail – alert store managers when convicted shoplifters enter a specific retail establishment.
Attendance and crowd control – provide Crowd intelligence insights into what spaces within a building are being used and by whom.
Facial recognition plays an important role in a security strategy known as zero trust. The fundamental concept of zero trust is that there is no implicit trust granted to assets or user accounts based solely on their physical or network location.
Zero trust focus on resource protection and the premise that trust is never granted implicitly and trust must be continually evaluated. Authentication systems that include facial recognition components add a level of verification consistent with the principles of zero trust. The challenge is figuring out how to lock down every resource without interrupting workflows.
The outcome is that biometric systems, which in some cases have not enjoyed mass deployments due to poor user experience, are now using machine learning and artificial intelligence algorithms to overcome one of the larger barriers to large-scale adoption – the need to constantly update reference samples.
Facial recognition software has come under great scrutiny in the past several years because some companies have leveraged the technology in ways that many people believe violate their privacy rights. These companies surreptitiously collected biometric data from users that were, in some cases, unaware that the data was being collected. The data was then compiled into large databases that were shared, or even sold to third-party entities.
Other concerns around using facial recognition to support a zero trust architecture include:
The terms face recognition and face authentication are often used interchangeably in everyday speech but technically, they are not the same thing.
Although both technologies use biometric software systems to identify individuals, they employ distinct processes and are applied for different purposes. Face recognition uses technology to identify the presence of a human face in a digital image, while face authentication uses technology to verify the identity of an individual who is actively interacting with a digital or physical asset.
In contrast, facial comparison initiatives require a manual examination of the differences and similarities between two face images or live subjects — and uses one-to-one matching to determine whether they are the same or different persons. Today, many standard investigative techniques use facial recognition software before implementing facial comparison to limit the number of candidates that will be manually examined.
Techopedia’s editorial policy is centered on delivering thoroughly researched, accurate, and unbiased content. We uphold strict sourcing standards, and each page undergoes diligent review by our team of top technology experts and seasoned editors. This process ensures the integrity, relevance, and value of our content for our readers.
Margaret is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical business audience. Over the past twenty years, her IT definitions have been published by Que in an encyclopedia of technology terms and cited in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine, and Discovery Magazine. She joined Techopedia in 2011. Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages.
What is Turnitin AI Checker? The Turnitin AI checker is an advanced tool aimed at maintaining the integrity of school...
Maria WebbTechnology journalist
What is ISO/IEC 42001? ISO/IEC 42001 is an international standard that provides a governance framework for implementing and continually improving...
Margaret RouseTechnology Expert
What are Physical Resource Networks (PRNs)? The definition of Physical Resource Networks (PRNs) is that they are a type of...
Nicole WillingTechnology Journalist
Trending NewsLatest GuidesReviewsTerm of the Day