By Lamont Wood
Sept. 9, 2016
NIR light is needed for iris scanning because it consistently captures the textures of both light and dark irises, and shining an NIR light into the user's eyes does not cause the discomfort that shining visible light into the eye causes, Kim adds.
Vendors add a third camera to the unit (i.e., a second one on the user-facing side) for iris scanning, explains analyst Ville-Petteri Ukonaho of Strategy Analytics, because standard digital cameras include infrared-blocking filters that would defeat NIR iris scanning. (Digital cameras are more sensitive to infrared than the human eye; without the filters, colors would be distorted, the sky would look dark, and foliage would have an ice-like sheen due to its high infrared reflectivity.)
A camera with VGA resolution (640 x 480 pixels) is sufficient to scan an iris, but to register both eyes simultaneously a higher resolution (usually 5 megapixels) is common, Kim says.
As for the possible dangers of flashing NIR into the users' eyes, "There are none that I know of," says Ukonaho. "The amount of infrared light is no more than would be received by walking outside on a sunny day."
The power of the IriTech NIR LED is about 2% of the power allowed by government safety standards, Kim adds.
A Samsung spokesperson states that the company's NIR LED turns off if the unit senses that the user's eye is too close to the scanner, or if the NIR LED is on for more than nine seconds.
Security is initialized using both eyes but (except for the Fujitsu unit) subsequently only one eye is needed to unlock the device, Ukonaho says. Users with normal glasses can wear them during later logins but should take them off when initializing, while clear contact lenses are not an issue during either initialization or later log-ins.
However, some sunglasses, especially mirrored ones, and colored contact lenses can defeat scanning, Ukonaho continues. Other sources have admitted that glasses with scratched, high-diopter or progressive lenses can also defeat infrared scanning.
Additionally, scanning in direct sunlight can be a problem since the iris may be obscured by bright reflections on the overlying cornea, Ukonaho adds. Kim says his units have been able to control the problem with a proprietary combination of software and lens filters.
As for accuracy, Ukonaho gives the false acceptance rate (FAR, when someone other than the owner is able to log in) for iris scanning technology at one in 1.2 million, and the false rejection rate (FRR, when the owner is unable to log in) as "very close to zero." For fingerprint scanning, FAR is usually about one in 100,000 while the FRR is about 3%, he adds.