Iris recognition reaches the mainstream for identification, authentication
Iris recognition is technology that scans the iris of a person’s eye through visible or near-infrared light in a camera, which analyzes for approximately 240 patterns and features. The data converts to a template, or mathematical information that contains details on the iris, that compares to a reference database of iris templates for identification or verification purposes.
The iris is the muscle in an eye that controls the amount of light that reaches the retina. It also determines the color of the eye, which depends on the amount of melanin pigment. Like comparable biometrics, the value of iris recognition is in the uniqueness and non-replicability of irises. Research that dates from the 1930s onwards discovered that each individual has a distinctive iris pattern from birth that is statistically near-impossible to be replicated. This creates an inherent security advantage as it minimizes the number of false positives and uniquely corresponds to one person.
Iris recognition can even function on people who are blind, have cataracts, had operations on their eyes, or are wearing contact lenses and glasses.
A traditional drawback of iris recognition is that it requires the scanner to be at a short distance — typically 10 cm to 1 meter — to capture the image of the iris. But recent developments in the technology have led to iris recognition from up to 10 meters away or in a live camera feed that can quickly determine the identity of the person.
These benefits have led to the adoption of iris recognition biometrics in public and private applications. Some banks in Qatar and South Korea use iris recognition as an authentication method for their customers, while deployments around the world allow for payments at stores, vending stations, and public transit with iris recognition. Law enforcement agencies such as the police and immigration services use iris biometrics to keep track of registered individuals. Some smartphones have iris recognition to unlock for their biometrically verified user.
The same advances have also opened up iris biometrics to criticisms historically directed most at face and voice recognition, that it could be used to identify a person involuntarily, and therefore be used to harm privacy or carry out mass surveillance.
Though iris recognition is a highly data-rich biometric that tends to be less prone to false positives than other modalities, it can still potentially be fooled by a presentation attack with a high-quality image of an enrolled iris. The scanner could also be of poor quality, affected by movement or the enrollment photo distorted by poor lighting, which can affect the template and make future use very difficult. It is also often more expensive to implement than some other biometric modalities, like fingerprints.
Click here for more explainers on concepts in the field of biometrics.