- Security TWENTY
- Women in Security
It’s time to face the facts and get to grips with facial recognition technology, writes Steven Murdoch, Innovation Security Architect at the VASCO Innovation Center.
Facial recognition technology is back in the spotlight following the launch of the iPhone X. While the technology has many admirers, it is fair to say that there are still a few people that are yet to be convinced. There are a number of questions around how facial recognition technology will stand up in the real world – How secure and private is the technology? Will it actually work? What if it’s dark? Can someone really “steal my face”?
What was wrong with the fingerprint?
One of the questions being floated about by everyday consumers following the release of the iPhone X is ‘what was wrong with the fingerprint?’. Many people were happy using fingerprint technology – even if it could be a struggle to use with gloves – and some others just struggled to understand the concept of using their face as a password. Many users felt that they didn’t need the technology, and certainly didn’t want to pay for it.
However, when it comes to comparing fingerprint technology and facial recognition, the latter seems to win out quite conclusively. There are a number of ways to assess biometric authentication systems, but the yardstick most commonly provided by manufacturers is the false-positive rate. This is the likelihood that a randomly selected person will be able to get into your phone using their fingerprint or face. There’s also the false-negative rate, which is the likelihood a legitimate owner will fail to unlock their phone.
So where does facial recognition stack up when it comes to false-positives and false-negatives? Well, firstly it depends on the details of the technology involved. Apple claim that Face ID has a false-positive rate of one in a million, whereas Microsoft claims its own facial recognition technology has a false positive rate of one in 100,000. Both however are a substantial improvement on Apple’s false-positive rate for Touch ID, which is 1 in 50,000. These rates only tell part of the story though – because they assume a randomly selected person will attempt impersonation. Face ID is susceptible to impersonation by close relatives, like siblings or even children, and particularly between identical twins. Because fingerprints are mostly unaffected by genetics, Touch ID may be a better option if this scenario is a concern.
When it comes to false-negatives, Apple doesn’t disclose these for either Face ID or Touch ID, and we all witnessed the blunder when Face ID failed on a global stage. But anyone with a Touch-ID equipped phone will be familiar with its quirks. Similarly, many users can’t register their fingerprints due to wear and tear – a common result of playing the guitar or manual labour. It’s unclear whether Face ID will be better with respect to false-negatives as it’s simply too early to tell, but there’s reason to be optimistic about more people being able to use it over Touch ID.
Can someone steal my face?
Although the technology is progressing in the right direction, there are many people who have concerns about its security – “can someone steal my face” is a common question. While these concerns aren’t unfounded, understanding how facial recognition works is usually a good starting point for alleviating concerns. The technology works by storing a template of the user’s face during enrolment and then comparing the face presented to this template during authentication.
Many people feel uneasy that these templates might fall into the wrong hands, possibly because people view the technology as a high-tech version of comparing a photograph with a face. However in reality, it’s unlikely that the template will be recognisable to someone just by looking at it – converting it back to a photograph is not simple. Also, biometric templates are commonly stored securely – for example the templates for Face ID are stored in the iPhone’s secure enclave. All that applications should be able to discover is a yes or no decision as to whether the biometric presented is sufficiently similar to the template or perhaps a score of how close the match is, as opposed to the template itself. And in reality, our fingerprints are left on anything we touch and our photos are scattered all over the Internet, so these concerns about whether templates might leak out should be put into proportion compared to other risks.
The real security of facial recognition technology comes from the ability to tell the difference between a fake created with the knowledge of someone’s face – a photograph for example – and the real thing. This is known as liveness detection. For Face ID, Apple have said that they look at the 3D shape of the face as well as a photograph to make it hard to pass off someone’s photo, and they likely have some liveness detection features that they don’t talk about publicly.
There are clear advantages with facial recognition technology and it’s certainly proving to be a more effective method of user authentication compared to passwords or a four-digit PIN. However, it would be naïve to think that one solution can work in all situations. Instead the best approach should be to adapt solutions for the circumstances in which they’re used and the risks that need to be mitigated. By doing this, it will be clear that the best option is likely to be a combination of multiple authentication methods, possibly including multiple biometrics.