The advent of facial recognition in consumer smartphones has lead to the public’s basic level of understanding of the technology, but it’s certainly no match for the expertise in the security industry. In an environment where it’s more important than ever to protect business networks and data, the ability to differentiate between facial recognition and facial authentication is paramount. The two concepts are intertwined, but not interchangeable. Here’s a closer at the differences that are important to grasp.
Understanding Facial Recognition
The definition of facial recognition is biometric software technology that makes it possible to uniquely verify or identify a person based on their unique facial contours and features. Compared to similar biometric identification practices like voice recognition or thumbprint sensors, these are praised for being more secure and reliable.
We are seeing this technology used today in a variety of different settings, including:
- Identifying people with a history of fraud or shoplifting in retail establishments
- Law enforcement
- Targeted advertising
- Missing persons
- Social media
Of course, the most important and common use for this technology is security. While the actual technology can vary, they all generally follow the same basic process. Facial recognition begins by capturing the image of someone’s face from a video or photo. The software will then analyze the image of the person’s face based on factors like the distance between their eyes, the shape of their nose, or the distance between forehead and chin. This develops a mathematical algorithm called a “facial signature.” This signature is then compared to a database of known faces to find a potential match.
While this may sound extremely advanced, it’s not completely foolproof. Even the most advanced facial recognition software has a false positive rate of slightly under 10% – this means it declares there is a match when this actually isn’t the case. Accuracy can also vary based on factors like lighting, camera quality, and distance. The safest uses of facial recognition technology at the moment are trying to source a picture among a larger database of pictures or finding a definitive match.
Understanding Facial Authentication
Facial authentication is best seen as a more specific offshoot of facial recognition. Facial recognition tech is designed to try and pick one face out of a larger crowd. However, facial authentication is about proving the identity of a person by using this technology. What this means in practice is that rather than comparing a face against a database of facial images, it’s being compared to one reference image.
For example, a person looking to prove their own identify may take a picture of a government ID and a picture of their face, in order to confirm the ID wasn’t stolen. There may also be a liveness test just to confirm that you are physically present for all of this. The software, as with facial recognition, creates a map and algorithm of your face and checks it against a base image provided by your company. Should your facial features and the base image align, you will be given login credentials for whatever you need.
This can be particularly useful when it comes to identity verification. Facial authentication tech can capture the face of an employee accessing a company device or data, match it to their reference photo, then confirm transactions or entry.
Because the base images being compared are generally a lot clearer and similar than say, law enforcement tracking down a suspicious individual, there’s less concern about false positives or mistakes. Along with this, by adding additional steps to verify identity, the chance of fraudsters or malicious actors “gaming” the system with image manipulation is slim-to-none.
There are still some potential drawbacks to facial authentication, namely efficiency. Taking the time to capture your facial image every time you need to access sensitive data can be frustrating, especially if it’s something you need to do frequently over a given workday. In addition, this is data-intensive software, which can lead to logistical concerns.
With that being said, it is both effective in terms of security and has the benefit of being entirely permission-based, which isn’t the case with all facial recognition.
About the Author:
Philip Beck, CEO of Ipsidy – a leading provider of mobile biometric security solutions.