Like any new technology, facial recognition has accumulated some big myths since its inception. The human imagination - not to mention Hollywood movies - are to blame for most myths. But with a bit more understanding of the how the technology actually works, you'll discover what is true and what is not, as we debunk the biggest myths out there.
One of the biggest myths about facial recognition is that all systems are linked. Put another way, if you’re identified on one system, you will be identified on other facial recognition systems.
Firstly, there are many facial recognition solutions, using very different technology stacks that simply cannot (or don’t want to) link with each other. Take for example the facial recognition on your phone that opens your banking app. The technology that performs this task, has no interest or connection with the technology that is used to tag friends in photos on social media.
Even if two facial recognition solutions are solving the same problem such as identifying people entering a workplace, that doesn’t mean the two technologies share databases. That would be like two competing CRM’s linking with each to cross share private customer data. This would be a huge breach of privacy and doesn’t make any commercial sense.
If a workplace wants to use the same facial recognition technology across multiple sites to know when a contractor visits one site versus another, then that’s possible with a solution such as Nirovision. This however is very different to two separate business entities sharing a database.
So even if a workplace is using the same facial recognition technology as a nearby pub, this doesn’t mean they cross share data to allow the workplace to know every time John from Accounts is having a beer.
In summary, facial recognition software is no different to other software that stores employee or customer data. There are privacy protocols to follow. Plus each software is different and there is no incentive to share data with other businesses.
If you understand how facial recognition works then you’ll understand why this myth is false.
Facial recognition works by looking for a ‘match’ against a database. If there is no match then your face is classified as unknown and ignored. So if you haven’t opted in or been added to a particular facial recognition database then you cannot be identified.
It’s important to add that a face only becomes valuable when you can tie information to that face such as a name, a label, a phone number and other metadata. So for a facial recognition system to identify anyone, it would need access to a centralised database with everyone’s head shot and vital details.
In some cases, a facial recognition system might remember an unknown face (if it sees that face a few times) but remember, a face is as only good as the information associated with it.
If you’re a workplace wanting to know more about how privacy relates to facial recognition, then check out our guide, Facial Recognition and Australian Privacy Laws.
This guide covers things like the difference between personal information & sensitive information, employee privacy issues you need to consider, practical ways to obtain ‘informed’ consent, how to ensure your data storage meets your privacy obligations and much more.
What if someone hacks a database that I know I am a part of (like my work's HR system)? What if someone steals the server that holds the database? What if someone hacks the cloud provider we use? These are all common fears when it comes to the security of data and the same is true for facial recognition data.
Broadly speaking, data points is what makes up a facial recognition database. Here at Nirovision (and this is the same for most facial recognition software), each time you select a face to create or update an identity, our software extracts its facial features and generates a fingerprint as a random alphanumeric string of code. This anonymizes the facial data therein so the fingerprint cannot be reverse engineered back into a photo.
So even if there was a data breach, the data itself would be meaningless and of no value. You might end up with a list of names but you wouldn't have photos to match against those names.
Accessing a facial recognition user interface is more problematic for privacy and this is why password encryption and who you authorise to have access matters. At Nirovision, we leverage world-class partners that meet the strictest compliance standards to help you protect your data. Our authentication partner is Auth0, an industry leading identity management platform and our cloud infrastructure provider is AWS, with all data being stored and transmitted solely in Australia. Read more about our security and privacy here.
Faces do not randomly end up on a government database unless a government-owned agency is using facial recognition for the purpose of border control, passport or driver license verification. In these circumstances, your data can only be used for a sole task and there are privacy policies around the use of your data. For example, the Roads & Traffic Authority state that "Your photo is protected by the Privacy and Personal Information Protection Act 1998 and can only be used for a driver licence or photo card product."
In addition, facial recognition data is not easily hacked, intercepted or shared. This is due to the way face recognition data is processed as we learned in the previous myth. This makes it hard for someone to share a database of faces with anyone including the government.
While facial recognition is a strong form of identification, that doesn’t mean the technology on its own is perfect. The same can be said for most forms of identification. For example:
The biggest challenge for facial recognition as a form of identification is accuracy. That's why here at Nirovision our software allows uses to add multiple photos to someone's profile to strengthen their identity.
While accuracy can be a challenge, the technology has a lot of advantages over other methods of identification because biometrics require the person to be present to verify their identity. This is not the case for things like pin numbers and passwords.
Facial recognition technology becomes even more powerful when you combine it with other forms of identification. For example, combining facial recognition with a formal induction process is a powerful way to ensure only those pre-approved can access a work site.
Ensuring people are, who they say they are, is the goal of any identification system. Facial recognition paired alongside other identification methods, goes a long way to achieving this.
While a person’s facial features can change slightly over time, this is generally not an issue for facial recognition systems due to the regularity of the person being identified. As time goes on any changes are noted and updated.
This is no different to how humans remember faces. We find it easy to recognise the people we see regularly, however it’s much more difficult to remember someone we haven’t seen in 10 years. Facial recognition works in a similar way.
It’s also true that the more images of a face, the better the recognition. For example, you’ve probably seen your best friend in all sorts of guises and situations so your brain has a strong depository of images to make recognising your friend easy. This is the same for face recognition.
Even if someone makes a really drastic change to their appearance such as a male shaving off a beard, a face recognition system may still recognise that person assuming their identity within the system is very strong. The more images, facial expressions and angles of a face, the better the recognition. This is why the facial recognition on your smartphone works so well even if you have your sleep face on in a dark room.
This myth is an extension of the myth that facial recognition doesn't work full stop. This is not true but accuracy can vary depending on image quality, which brings us to face masks.
Some facial recognition software may still be able to recognise a face even if that face is covered by a mask. This is not always the case but if an identity in a facial recognition database is strong and the facial features unique enough, then it’s possible. We’ve seen it firsthand here at Nirovision (not that we encourage the use of face masks for an accurate detection).
As we discussed in the previous myth, the ability for a facial recognition system to identify someone greatly improves when a system can access multiple faces of that person for comparison. That's why here at Nirovision we give you tools to find more faces to strengthen identities, so if someone starts wearing a mask, you can add images of that person wearing a mask which in turn helps recognition of that person.
All this said, if you want accurate facial recognition then mask wearing is not advised.
There is a perception that facial recognition technology is really expensive but it really depends on the use case. For example, the face recognition you use to log into your smartphone is basically free, whereas implementing facial recognition on hundreds of cameras at an airport may cost thousands of dollars.
In addition to the software, there can be hardware costs such as cameras (in order to capture footage), server (if processing facial recognition on-site), cloud costs (if processing facial recognition in the cloud), and the installation of the hardware.
Here at Nirovision, we provide facial recognition software that runs on a server and analyses footage from security cameras. Recognition is performed locally with an on-premise server which reduces the cost and provides faster processing. This enables us to provide facial recognition at a reasonable cost.
If you’re interested in facial recognition for your workplace, please get in touch to learn more about what it might cost for your situation.
A workplace wanting to implement facial recognition is very affordable - or at least more affordable than you may think.
No facial recognition system is exactly the same, there are multiple purposes for the technology which means systems are not interlinked.
Recognition is only possible if you have been added to a facial recognition database.
A face can't be re-created from data points which makes hacking and sharing a facial recognition database difficult.
Government agencies do use facial recognition for very specific tasks such as driver license verification but are bound to privacy laws like everyone else.
Facial recognition is a powerful identifier as it requires the person to be present to verify their identity but the technology is even greater when integrated with other technology to provide two factor verification.
Masks are a challenge for facial recognition but in some cases if the identity is strong, recognition may be possible.
Facial recognition is a lot more affordable than you think.
Subscribe to get fresh stories, tips, and resources delivered straight to your inbox once a month.