Tech has come a long way from post 9/11 claims
Facial recognition is growing in popularity among biometric forms of authentication. Microsoft has enabled it for access with Hello for Windows 10 users, MasterCard wants to use it to verify payments and other financial institutions are using it to authenticate customers on mobile devices. Still, it’s use spotting suspects in crowds and protecting airports and borders remains the brass ring for security professionals.
Face recognition algorithms date back to the 1970s, when the interest was in robotics. It reemerged in the days following the attacks of September 11, 2001. At that time, it was touted as a technology that could spot individuals in a crowd and stop terrorists from entering the country. To a certain extent, it worked fine – if the subjects were cooperative and the images were of good quality – something that wasn’t typically the case at the airports and sports stadiums where the technology was tested.
Around the time of 9/11, face recognition was still considered an emerging biometric modality, though it was not truly immature. “IBM laptops already had face recognition locks built into them,” says Brian Martin, director of Research and Technology at MorphoTrust. “After 9/11 the focus went to this kind of ‘bad guy’ use case where you’re trying to find somebody on a watch list. At that point in time, the technology was not accurate enough to meet people’s expectations.”
Back then, cameras had much lower resolution and the computational power of computers was much less than it is today. “Now cameras are everywhere. Every mobile phone has a couple of cameras on it. Your phone is as powerful as your computer was ten years ago. So, it’s a game changer,” Martin says. “You can actually do face recognition on a mobile phone and get good accuracy.”
Today, higher resolution images enable matching of small wrinkles and texture of the skin. With cloud computing, endless data is available on the Internet. “Now you can actually train the face recognition algorithms much better than you could 10 or 15 years ago. That’s made a dramatic difference in accuracy because machine learning requires a lot of data to learn how to solve a problem,” Martin says.
Much of the use of facial recognition today involves matching a person against a single record – rather than trying to identify an unknown subject from a large database. This one-to-one facial recognition is easier to accomplish and makes applications like logging onto your phone viable.
Much of the use of facial recognition today involves matching a person against a single record – rather than trying to identify an unknown subject from a large database
“It is important to stress this concept of how facial recognition went from looking for the bad guys to enabling the good guys to do stuff,” he says.
Challenges and accuracy
The post 9/11 era spawned significant research into the use of facial recognition for border control and surveillance. “Image recognition is getting a big boost from the artificial intelligence technologies and investments in machine learning,” says Rajiv Dholakia, vice president of Development and Product Management at Nok Nok Labs. “Still, I think an adversary can find these systems a little bit too easy to defeat.”
Using face recognition for border control or surveillance applications is very different than using it for user authentication. “You’re trying to prevent bad actors from spoofing a system and that turns out to be more manageable than the border control or surveillance issue,” Dholakia explains.
One of the challenges for facial recognition has been liveness detection – making sure the algorithm can detect the difference between a photograph and a real person. Early systems were vulnerable to a replay attack in which a photograph was presented for authentication. Modern systems use layers of technology to more accurately differentiate between live subjects and video images.
Facial recognition developer Digital Signal Corporation uses video and Light Detection and Ranging (LIDAR) to produce three-dimensional facial scans at a distance. The founders were using the LIDAR technology in the aviation industry but after 9/11 saw a need in security.
“If they could repurpose it for facial recognition, they could possibly prevent a future attack,” says Harry Choi, vice president of Business Development at Digital Signal Corp.
Choi believes many of the limitations with face recognition have come from the reliance on 2D video cameras and their inability to perform in variable lighting conditions. “They struggle to recognize a face that is in motion and has some levels of occlusion like sunglasses,” he says. “You can detect faces much better utilizing a three dimensional set of data.”
Facial recognition technology advances
While fingerprint is still the leader in mobile biometrics, facial recognition is growing in popularity. There are no buttons to push, and one blink does the trick. Face recognition is often used with other layers of security – like GPS location information, registered devices and one-time codes – and it’s showing great promise in reducing fraud.
Face recognition is often used with other layers of security – like GPS location information, registered devices and one-time codes – and it’s showing great promise in reducing fraud
Currently, an approach to doing facial recognition has emerged around convolutional neural networks. The whole image of the face is pushed through an artificial neural network. These networks are trained using many images of a known person from social media and other available sources. But much testing needs to be done by independent researchers. “Most of the results are self-reported, meaning the developer self-assesses their accuracy,” says Patrick Grother, a computer scientist with the National Institute of Standards and Technology.
“So there’s an enormous amount of work going on in that area at the moment, and that has been made possible by the advent of the digital camera, the invention of convolutional neural networks and the availability of internet-scale data,” Grother explains.