The Telegraph is reporting that in trials of facial recognition scanners at Manchester Airport, the machines had such difficulty recognising people against the facial image in their passport, that the ‘pass’ threshold was dropped back to such a low level that in tests the system could not distinguish between Osama Bin Laden and Winona Ryder.*
The failure isn’t in itself a major problem. The scheme is still a trial, so there will be a great deal of useful data coming in through the systems, and this will improve performance in the future. What is of concern is that the system goes ahead with this low pass threshold being deemed acceptable for live operation: the argument will go that it was shown to work in the trials, so why not in production? After all, it must be working if there aren’t any queues at the automated gates. The reason, of course, that there aren’t any queues is because they are letting nearly everyone through regardless of whether they match their passports or not.
This sort of problem is an old one in the world of information security, and there are numerous cases of system attacks caused by security being switched off when it became a problem (eg “we can’t get the link to work, let’s switch the firewall off and see if that sorts it”). IRIS went live despite many niggling performance problems, will this system be the same?
* – Although since both have criminal records, at least neither would be permitted UK entry.