The iris — the colored part of the eye that eye-scanners analyze — changes as people age, making the scanners more likely to wrongly lock out people with every passing year, according to a new study.
The finding goes against the established, yet never-proven notion that eye scanners can accurately identify people throughout their lives, said Kevin Bowyer, a computer scientist at the University of Notre Dame who performed the study. Meanwhile, iris scanners continue to gain popularity around the world: India is in the midst of setting up a massive ID system for its 1.2 billion citizens that uses fingerprints and iris scans.
"There was general opinion that the iris doesn't change, but no one has looked at it very carefully," said Bojan Cukic, director of the Center for Identification Technology Research, a National Science Foundation-run group that researches biometrics, or security systems that use people's eyes, faces and other physical characteristics as their passwords. Cukic was not involved in the new study. [Hands Transform into Scam-Proof ATM Cards]
"It's one of those truths that are never checked," he told InnovationNewsDaily. "I think the authors at Notre Dame are making good progress and they are doing due diligence in trying to find the results."
Between 2008 and 2011, Bowyer and Samuel Fenker, a colleague at Notre Dame, scanned volunteer students, staff and faculty using an LG 4000, a top-of-the-line commercial iris scanner. In the end, they had 32 people who stuck with the study over three years.
The researchers found that with each passing year, the scanner gave more of what they call "false nonmatches," or instances when the machine would say a volunteer didn't match the original reference iris scan taken when he first enrolled in the system. By the third year, the researchers saw a 150 percent increase in false nonmatches. Meanwhile, the rate of false matches stayed steady over time.
The steady false match rate means iris aging isn't a security problem, but it's an inconvenience that can add up over time, Bowyer said. Every time someone can't get past security using the eye scanner, a staff member has to go check that person's ID by hand, slowing down the security process.
"I just want government program managers or corporate managers — anyone who's fielding a biometric system — to know what's going to happen when they do it," Bowyer said.
He thinks researchers should give up on the idea that they can enroll people in an iris security system only once. "I think they need to drop the idea of one enrollment for life," he said.
Instead, eye scanners should update their reference images for people annually, he said. Bowyer envisions an easy, automatically updating system. If someone goes to the airport once a year, for instance, a machine there would make one scan that performs two functions. First, it would use the scan to check the person's identity. Second, it would save the new scan as the reference for the next time the person came to the airport. This would be an easy fix, said both Bowyer and Marios Savvides, a computer scientist and biometrics researcher at Carnegie Mellon University. [Top 10 Technologies of the 9/11 Age]
Savvides and Cukic, however, aren't as convinced Bowyer's study is proof the iris ages in a way that hurts scanners' performance. "I think the jury is still out on the aging of the iris," Cukic said. He said studies with more people, plus studies led by biologists or doctors, are needed to make stronger conclusions. Neither he nor Savvides think iris scanners need to update their reference scanners as often as once a year.
Nevertheless, Savvides and Cukic said Bowyer's study was well-done, important work for biometrics. All three biometrics researchers agree the study means they need to find exactly what in the iris changes, and how engineers can make biometric security systems that keep working as people age.
"This is an engineering discipline which is reasonably successful in the market, yet there is a lot to be studied to make these systems better and more reliable," Cukic said.
Bowyer and Fenker presented their study at the Institute of Electrical and Electronics Engineers Computer Society Workshop on Biometrics held in Providence, R.I., in June.
This story was provided by InnovationNewsDaily, a sister site to LiveScience. You can follow InnovationNewsDaily staff writer Francie Diep on Twitter @franciediep. Follow InnovationNewsDaily on Twitter @News_Innovation, or on Facebook.
Live Science newsletter
Stay up to date on the latest science news by signing up for our Essentials newsletter.