Using Iris Biometric Technology Enhances Security and Protects Privacy

Almost twenty years ago, in an article titled, “Trading Privacy for Convenience,” Sara Kehaulani Goo, a Washington Post staff writer wrote about a novel concept of a “machine” taking a photo of a man’s eye as a means to identify him and provide faster clearance at an airport security checkpoint. Under this new program at Reagan National Airport and other select airports around the country, the TSA and a few airlines would pilot a test project. The project was targeted to people who were deemed “frequent travelers”; they would be able to participate and use the latest biometric technologies to verify their identities throughout the travel process with better accuracy and convenience.  Over the course of 90 days, 7,000 passengers across the country signed up and TSA noted that hundreds of passengers used the designated security lanes each day. An Arlington, VA resident who participated in the program then was quoted as saying “I travel so much that anything that can lessen the hassle is worth it”; ironically that is where we still are today although much progress has been made. The IATA (International Air Transport Association) surveyed about 10,000 people to learn about their travel experiences. In 2022, it was found  75% of passengers want to use biometrics instead of passports and boarding passes even though there is still a concern about how the data is being used and protected. Travelers want convenience but don’t want their data stolen or misused.

Now in 2023, the use of biometrics is widespread across government agencies, small and large corporate entities whose business depends on accurate identification and authentication as well as national and global airports and land border crossings. As an example, CLEAR, a New York based private company uses iris authentication software in kiosks to identify enrolled travelers in 54 airports. Approximately 10 million people have registered for the program so far. This is just an example of the opportunity that is available as according to the IATA, the number of domestic and global airline flights worldwide in 2021 was an estimated 22.2 million. With numbers like these that will continue to grow, the need to identify travelers accurately, quickly and safely is paramount.  Not only is iris technology one of the most accurate biometrics, but it is physically safe and safeguards personal data and individual identities.   The main attraction of a biometric is that it cannot be lost or compromised. Iris recognition goes a step further by ensuring that only a living being can be identified.  This safety feature along with all of the other benefits work to accurately confirm an identity and protect the person in the process. The technology that supports iris recognition is based on data rich pattern recognition, it has over 240 unique characteristics that are used to make each iris template. One iris template has more data than is collected when creating a template for a finger, face, or hand combined.

Iris ID supports biometric adoption across many verticals and the use case opportunities continue to grow. We provide solutions for law enforcement, government agencies, transportation & immigration, time & attendance, and national identity.  We also provide access control solutions in some of the most secure spaces like data centers, healthcare facilities and nuclear powerplants.  The growth in use of iris biometrics is attributed to the accuracy of its authentication process and the failsafe countermeasures that are applied to ensure only a live person is identified and the correct person is authenticated. With the exception of DNA, iris biometrics are the second most accurate, but have the fastest search speed of any biometric in the one-to-many search mode.  Enrollment takes less than 2 minutes and authentications takes less than 2 seconds. Arguably, all biometrics have pros and cons to consider.  However, iris recognition is the best authentication and identification solution available today because it is:

  • Stable – by 10 months of age, the unique iris pattern is formed, and it will not ever change.
  • Unique – the probability of two irises being the same is nearly impossible. In fact, even identical twins cannot have the same iris patterns.
  • Flexible – the technology easily integrates into existing security systems or can operate standalone.
  • Reliable – An iris cannot be stolen, lost or compromised.
  • Non-invasive – iris recognition, which is not retinal scanning, is completely non-contact and does not require any bright lights to be used.
  • Long Distance Capture Ready – the technology works as far as one meter away from the device.
  • Presentation Attack Detection (PAD) features liveness detection which ensures that only a living being can be identified. Showing a static image will result in a rejection.

Furthermore, iris technology will always work. Subjects wearing glasses, religious clothing such as a hijab, a hat, or facial hair can use iris technology. Even a blind person is able to be identified.

Iris recognition is an ideal solution for protecting privacy and enhancing security because there is no data that can be replicated. The technology is video based which makes it easy to enroll users and the enrollment is good for the lifetime of the individual. Once the images are captured, they are stored as encrypted templates (transformed using the algorithm). An innovative iris recognition algorithm analyzes the patterns and converts them into a 512-byte digital template. The encrypted data is not connected to any other personal identifying information so this also protects the individual and ensures that no fraud or misuse of the data can be applied. To help protect the privacy of individuals once the template has been generated, Iris ID encrypts the iris template which makes it impossible to regenerate the images.  Additionally, to comply with certain regulations, iris templates can be added on a smart card, passport, or any other secure token to provide two-factor authentication and more control of the biometric data to the individual. And although the United States does not have a comprehensive biometric data privacy and protection regulation like EU countries, it is necessary to understand and comply with GDPR as companies that have global footprints. Iris ID’s products and its applications satisfy GDPR regulations in that it is an opt-in biometric; it cannot be taken without the knowledge of the individual. GDPR requires that EU citizens know what data is being collected, how it is being used and how they can opt into a company’s database. GDPR ensures that permission is actively given first by the individual. If the individual requests that the information is deleted, the company must comply.

For more information about Iris ID and iris technology, visit www.irisid.com.