Different metrics can be used to rate the performance of a biometric factor, solution or application. The most common performance metrics are the False Acceptance Rate FAR and the False Rejection Rate FRR.
When using a biometric application for the first time the user needs to enroll to the system. The system requests fingerprints, a voice recording or another biometric factor from the operator, this input is registered in the database as a template which is linked internally to a user ID. The next time when the user wants to authenticate or identify himself, the biometric input is compared to the templates in the database by a matching algorithm which responds with acceptance (match) or rejection (no match).
FAR and FRR
The FAR or False Acceptance rate is the probability that the system incorrectly authorizes a non-authorized person, due to incorrectly matching the biometric input with a template. The FAR is normally expressed as a percentage, following the FAR definition this is the percentage of invalid inputs which are incorrectly accepted.
The FRR or False Rejection Rate is the probability that the system incorrectly rejects access to an authorized person, due to failing to match the biometric input with a template. The FRR is normally expressed as a percentage, following the FRR definition this is the percentage of valid inputs which are incorrectly rejected.
FAR and FRR are very much dependent on the biometric factor that is used and on the technical implementation of the biometric solution.
Furthermore the FRR is strongly person dependent, a personal FRR can be determined for each individual. Take this into account when determining the FRR of a biometric solution, one person is insufficient to establish an overall FRR for a solution. Also FRR might increase due to environmental conditions or incorrect use, for example when using dirty fingers on a fingerprint reader. Mostly the FRR lowers when a user gains more experience in how to use the biometric device or software.
FAR and FRR are key metrics for biometric solutions, some biometric devices or software even allow to tune them so that the system more quickly matches or rejects. Both FRR and FAR are important, but for most applications one of them is considered most important. Two examples to illustrate this:
- When biometrics are used for logical or physical access control, the objective of the application is to disallow access to unauthorized individuals under all circumstances. It is clear that a very low FAR is needed for such an application, even if it comes at the price of a higher FRR.
- When surveillance cameras are used to screen a crowd of people for missing children, the objective of the application is to identify any missing children that come up on the screen. When the identification of those children is automated using a face recognition software, this software has to be set up with a low FRR. As such a higher number of matches will be false positives, but these can be reviewed quickly by surveillance personnel.
False Accept Rate is also called False Match Rate, and False Reject Rate is sometimes refered to as False Non-Match Rate.
The Crossover Error Rate or CER is illustrated on the graph to the right. It is the rate where both accept and reject error rates are equal.
The matching algoritm in a biometric software or device uses a (configurable) treshold which determines how close to a template the input must be for it to be considered a match. This treshold value is in some cases referred to as sensitivity, it is marked on the X axis of the plot. When you reduce this treshold there will be more falce accept errors (higher FAR) and less false reject errors (lower FRR), a higher treshold will lead to lower FAR and higher FRR.
Failure to Enroll Rate (FER)
The Failure to Enroll Rate or FER is the percentage of the population which fails to complete enrollment. Such failures can be due to lack of training on how to enroll, to environmental or ergonomic conditions, or to certain demographics which make that the biometric factor is simply not suitable with a certain percentage of the population.
Most manufacturers of biometric devices and softwares can give clear numbers on the time it takes to enroll as well on the time for an individual to be authenticated or identified using their application. If speed is important then carefully consider this, 5 seconds might seem a short time on paper or when testing a device but if hundreds of people will use the device multiple times a day the cumulative loss of time might be significant.
Number of templates
If a biometric device will be used by many different users then the number of templates it can store might become an issue. Most stand-alone devices have limited memory and therefore only allow a limited number of enrolled users. When you are looking for a device that will have multiple users, always verify how many users can enroll to the device you are looking to buy.