case study     BIOMETRICS Facial recognition:
Ensuring an accurate match
The National Institute of Standards and Technology is honing its ability to evaluate the algorithms used in the latest tools
BY MATT LEONARD
As use of facial recognition technology creeps into daily life — for instance, unlocking cell phones and bank accounts and veri- fying the identities of international pas- sengers at airports — the accuracy of its algorithms is increasingly critical.
That accuracy cannot be stated as a single percentage, said Patrick Grother, a computer scientist at the National In- stitute of Standards and Technology who administers testing under NIST’s Face Recognition Vendor Test. Since 2000, FRVT has provided independent evalu- ations of prototype and commercially
available facial recognition tools to help determine where and how the technol- ogy can best be deployed.
Grother added that the standard way to report an algorithm’s accuracy is by plotting two numbers. On one axis is the false match rate (FMR), or the likelihood of an image being matched with the wrong person, while the other axis mea- sures the false non-match rate (FNMR), or the likelihood that the algorithm will fail to identify a match when a clear match is present.
Both factors are essential for evaluat- ing an algorithm’s performance.
The risks those numbers indicate de- pends on the technology’s application. Grother used mobile phone verification as an example. “If a system fails to make a match with the right person [a high FNMR], the subject will make a further attempt, but it is an inconvenience,” he said. “Whereas the higher the FMR, the higher the insecurity of the system. If a facial recognition system makes a match with the wrong person, they would be granted access — the system is insecure.”
But the numbers mean something different in the context of identifying a bad actor. In that case, a high FMR rate means a higher chance of a false accusa- tion, and a high FMNR rate means the al- gorithm is not effective. “If a facial recog- nition system fails to make a match with a known threat even though a photo of that threat is in its database, it is ineffec- tive,” he said.
Similar trade-offs happen with other biometric verification methods such as fingerprint and iris scans, but because the input images are generated using dedicated devices, the resulting accuracy of the system is generally higher, Grother said.
NIST had been conducting FRVT test- ing every two to four years, but as the technology increasingly improves, the private sector has begun asking for more frequent evaluations.
 GCN JUNE/JULY 2018 • GCN.COM 43
ARTEM OLESHKO/SHUTTERSTOCK