20-year Anniversary Report: Thales

Thales: How facial recognition revolutionised the future of access control

How facial recognition revolutionised the future of access control

It’s undeniable that biometric technology has greatly enhanced many core aspects of our lives. Whether enabling access to highly secure areas or unlocking our smartphones in an intuitive yet secure way, biometrics have revolutionised the way we protect and access sensitive information or resources over the last 20 years.

The impact of biometric technology has been particularly powerful in modernising access control. In the case of facial recognition, biometrics have provided administrators of restricted areas, such as construction sites, airports or banks, with a new identification method unlike anything previously used. Let’s delve deeper into how facial recognition has re-written the rules of access control.

The problem of physical credentials

Before the application of biometric technology, most administrators across secure sites around the world built their access control strategies around the issuance of physical credentials, such as personalised photo identity cards or non-personalised swipe cards. While this method of authentication isn’t yet totally obsolete, the use of physical credentials is not without its issues.

The primary problem with physical credentials is the authentication process, which relies on accurate manual checking by staff at entry points. As well as being slow and labour intensive, it is difficult to consistently and reliably make a visual match between the ID card and its holder. And, in the case of non-personalised swipe cards, the accurate verification of card holders becomes even more unattainable.

Both these single-factor methods of authentication can be easily circumvented. Simple techniques, such as badge swapping or theft, can quickly allow unauthorised parties access to restricted sites. What’s more, tactics such as ‘tailgating’, where an unauthorised person follows an authorised person into a secure environment, are also enabled by staff using physical credentials. Lastly, losing or forgetting physical credentials is a major pain point for users and another time-consuming challenge for management.

The power of facial recognition in access control

First pioneered in the 1960s, with the first semi-automated use coming in 1988, the use of facial recognition technology throughout our everyday lives has skyrocketed over the past 20 years. Perhaps unsurprisingly, access control operators have embraced the benefits of facial recognition.

One of the main reasons for this positive reception is the speed at which these systems operate, almost instantly matching a face captured by a camera to the reference digital facial template of the individual stored on a database. Compared to manual systems, the time taken to verify individuals using facial recognition is dramatically reduced, with the authentication process taking place in less than a second. At the same time, the accuracy and reliability of identification is significantly enhanced. As a result, facial recognition eliminates the need to make trade-offs between efficiency and security. Instead, the two can go hand-in-hand.

The other core benefit of facial recognition is the convenience it provides to the user and the administrator. In the case of the former, workers entering and exiting secure sites do not need to constantly have their physical credentials on their person, be it an ID card or electronic key-fob. What’s more, with the removal of physical credentials, administrators can significantly reduce the risk of these items being stolen, cloned or lost, providing that additional level of privacy and security that administrators seek.

An added benefit of removing physical credentials is that it allows users to enter and access restricted sites without touching any surfaces. This is particularly important in a time where minimalising physical contact has become a priority.  With facial recognition access control, what was once a system based on the exchange of physical credentials has now become a seamless, touchless experience, further underpinning the technology’s benefits.

Looking forward: What’s next for physical access control?

In the coming years, the use of facial recognition in access control is only set to increase, with predictions showing that the facial recognition market will grow to $8.5 billion by 2025. While the increased uptake in these systems will improve the security of access-controlled sites, the industry will see more sophisticated spoofing attacks from unauthorised parties. Whether it’s increasingly life-like masks or realistic video sequences presented to scanners, the growing use of facial recognition could unearth a wide range of new presentation attack instruments (PAI).

But, while the attacks on facial recognition systems have advanced, so have the systems themselves. How, you ask? With the power of artificial intelligence (AI). By adding bespoke AI software, such as liveness detection algorithms, developers have been able to vastly improve the accuracy of these systems. Combining AI with increasingly sophisticated tests from bodies such as NIST, facial recognition systems are in the best position ever to tackle modern presentation attacks.

The need to stay ahead of hostile actors looking to gain access to restricted sites will remain the priority when it comes to access control. And, while physical credentials have their purposes, the game has fundamentally changed. This seismic shift is predominantly due to the increasingly sophisticated techniques used by these hostile actors attempting to enter controlled areas. But with rapid advancement over the past decade, facial recognition now offers operators of controlled access sites an answer to access control, while offering users a more convenient method of authentication.

Kadie-Ann Fyffe
+33 1 55 01 54 26

Applications and use cases | Privacy and policy | Research and development | Technology innovation

Lead the debate with us on the
responsible use of Biometrics