When Charles III was crowned in London in May this year, several firsts were recorded. For royal watchers, it was notable because the 74-year-old was the oldest person ever to become monarch. For tech specialists, the occasion was the setting for the biggest use (so far) of facial recognition technology in the country. Hundreds of thousands of people thronging the streets may have been scanned, according to estimates. Previously, the Metropolitan police force had said that the largest number of people who had been scanned in the UK by facial recognition tech was around 100 000, during the Notting Hill carnival in 2017. Police said the facial recognition software was used at the coronation to look for ‘those under relevant offender management programmes in order to keep the public safe’, a probable reference, according to UK newspapers, to convicted terrorists.

Also in May, Welsh police admitted that facial recognition tech was used to scan crowds attending the Beyoncé concert in Cardiff, searching the 60 000-strong gathering for those wanted for ‘priority offences’.

Although safeguarding the public against potential acts of terror or nabbing violent criminals on the run are, of course, vital to society, the most obvious everyday use of facial recognition technology for the average person lies in safeguarding their data, especially in light of the escalation of identity theft in Africa. In the face of these escalating cyberthreats, corporates have taken a lead in developing and implementing biometric safety measures to safeguard the identity of individuals and protect their confidential information.

‘In an era of thriving digitalisation, which continues to contribute significantly to our economy, facial recognition technologies – also known as digital identity verification – have become a vital tool to strengthen the security of customers and their data,’ writes Aadiel Ayob, executive for innovative enterprise services and solutions at Sizwe Africa, in an op-ed article. ‘By using facial recognition software, businesses can verify customer identities quickly and securely, and protect their customers from costly fraud attacks. As each individual is unique, the software provides an ideal way to verify the identity of an individual by using methods and technologies that identify them based on physical or behavioural characteristics.

‘Digital solutions also provide extra security and convenience for engaging with individuals and validating their identities from any location,’ he says.

For banks it’s been for clients ‘to authenticate certain transactions through facial scans on their phones’, says Ayob. ‘This method leverages facial mapping technology to verify and identify users when linking a device – such as a smartphone – to their banking applications. The user’s face then becomes a way to gain access to the app, providing an additional layer of security’.

Many of the biggest banks have introduced facial recognition. Absa, one of the ‘big four’ of South Africa’s banking groups, for example, in late 2021 launched its ‘ID Facial Biometric’ as an addition to its banking app.

‘The technology will recognise your face and automatically link your relevant accounts and products, and make immediate payments more securely and conveniently,’ the company notes. The feature, Absa says, allows users to link their unique facial characteristics to their mobile devices to ‘create even greater security’.

Although the banking and aviation industries have been at the forefront of facial recognition tech, Ayob says the technology can also be used in medical scheme transactions, payroll and e-commerce.

‘As an e-commerce solution, it provides digital authentication for online transactions and customer verification. The result is a reduction in online fraud, transactional fraud, identity fraud and reduced onboarding friction and timeframes, which improves client engagement and security.

‘The use of facial recognition technologies in the medical field can substantially reduce the risk of medical aid fraud, insurance fraud and financial aid fraud; where it is estimated that the industry loses between ZAR22 billion and ZAR28 billion a year to fraud, waste and abuse, according to the Council for Medical Schemes. Furthermore, a payroll authentication system can utilise facial recognition technologies to curb ghost employee fraud. The payroll recipient is validated through facial biometric authentication against the organisation’s database to determine if they are an employee of the organisation.

‘In the retail sector, facial recognition can be used to improve point of sale efficiency, reduce customer friction and drive transitional security.’

The increased levels of biometric safety have had a big impact on banking fraud. At the end of last year the South African Banking Risk Information Centre (SABRIC), a company formed by South African banks to support the industry in the combating of crime, released its yearly crime statistics for 2021.

Banking on digital platforms (on app, online and over the telephone) now exceeds all other transaction channels in South Africa and is also the safest, according to the organisation. It said that from 2020 to 2021, digital banking fraud incidents decreased by 18% overall, with the biggest decline occurring in mobile banking fraud.

‘Digital banking products are far safer than in-person banking and enable people to transact from anywhere safely,’ says Nischal Mewalall, CEO of SABRIC. ‘But criminals have adjusted their social engineering tactics to leverage your data from social media and data leaks, making their efforts to manipulate customers difficult to spot.’

As with any new technology, the biometric safeguard parameters have been exploited by criminals, who have come up with a range of responses in efforts to breach defences.

‘Biometric security threats currently fall into two categories – presentation attacks and digital injection attacks,’ says Murray Collyer, COO of iiDENTIFii, a provider of biometric safety measures. ‘Presentation attacks refer to photos, videos or even masks being held up to a screen to fool the technology into mapping the features of the identity being defrauded.

‘On the other hand, digital injection attacks see imagery injected directly into the video stream, either through emulators, hacking tools or virtual cameras. This directly injected imagery includes sophisticated “deepfakes” or “face swaps”, where AI technology spoofs another person’s likeness.’

He says a 2023 study carried out by one of iiDENTIFii’s partners revealed that ‘there has been a 149% increase in digital injection attacks and a 295% increase in face swaps. With the emergence and growth of face swaps, low-skilled criminals now have the means to launch advanced attacks. Threat actors launched motion-based attacks simultaneously and at scale against hundreds of systems globally’.

Even without malicious attempts to fool facial recognition software, ‘differences in imaging conditions such as brightness, face angle, lighting conditions such as backlight, as well as alterations to a person’s external features such as hairstyle changes, ageing, or wearing masks or glasses can reduce the accuracy with which faces are detected and identified’, as digital company Canon puts it.

Canon has developed a facial recognition system that has been trained by AI. It says it built a ‘massive, diverse database of face images that consisted not just of normal photographs but also high-angle images from network cameras installed in high locations, as well as images captured in poor conditions that are blurred or carry image noise. The training also accounted for differences in shooting environment such as backlight and different face angles, as well as changes in external appearance, such as hairstyle changes and ageing’.

In addition, it also trained the model so that ‘face images of the same person would give similar feature values, and those of other people with similar facial features would give feature values with larger differences, hence ensuring a high recognition accuracy rate even for images for which identification is difficult. For cases in which subjects are wearing masks or sunglasses, Canon collected a massive amount of image data in-house and input them as training data, enabling highly accurate comparison and recognition even for partially obscured faces. These training efforts, together with the optimised combination of numerous algorithms, enabled the realisation of reliable and accurate facial recognition in various environments’.

Apart from deterring the threat of cybercriminals, for many companies the security aspects that facial recognition tech brings assists in securing a secure office environment for employees as well as proving possible (in some small ways) of injecting a bit of joy into the working day…

At Canon’s Beijing office, for example, the facial recognition tech that controls access was ‘reprogrammed’ so that employees needed to flash a smile to gain entry.

‘The smiling face tech is the cornerstone of Canon’s “Jiachuang Space” system, which also measures workers’ temperatures, registers guests, and – naturally, for Canon – allows them to print documents,’ according to a 2021 Business Insider report. Canon is marketing the system (the smile-detection function can be switched off) to a variety of businesses, and says it hopes it can ‘bring joy and health to everyone’ in the post-pandemic era and encourage people to ‘relax and get healthy with a smile, so as to create a happier working atmosphere and improve efficiency’.

Images: Gallo/Getty Images