Iris Scans Improve as Means of IdentificationNIST Evaluates 92 Iris Recognition Algorithms
Though not perfect, the accuracy of iris scanning software as a means of identification is getting better, according to the National Institute of Standards and Technology.
See Also: Rethinking Endpoint Security
NIST said its researchers evaluated the performance of iris recognition software from 11 different organizations and found that some techniques produced very rapid results, though this speed often came at the cost of accuracy. The institute tested 92 iris recognition algorithms from nine private companies and two university labs, all of which submitted software to an open competition. The task was to identify individuals from a database of eye images taken from more than 2.2 million people.
"This ability to pick out a needle in a haystack quickly and accurately is crucial, and we found some algorithms can search a haystack thousands of times larger than others," said Patrick Grother, a scientist in NIST's information access division. "This is important because often there is no corresponding record, no needle to be found."
Accuracy varied substantially across the tested algorithms, according to NIST. Success rates ranged between 90 and 99 percent among the algorithms, meaning that no eye-scanning biometric software was perfect, and some produced as many as 10 times more errors than others.
NIST said the tests found that some algorithms would be fast enough to run through a data set equivalent to the size of the entire American population in less than 10 seconds using a typical computer, though there could be limitations to their accuracy. A related NIST report showed that accuracy could be improved - perhaps approaching 100 percent -- if operators controlled image collection more tightly during acquisition, thereby obtaining better quality iris images, Grother said.
NIST said its Iris Exchange III report is the first public and independent comparison of commercially available algorithms that use iris recognition for the challenging task of finding an individual match within a large database of potential identities. Previous published studies only used single algorithms or considered "one-to-one" verification in which an individual claims an identity and the software then attempts to confirm whether the claim matches a specific record.