NIST tests accuracy in iris recognition for identification

Iris recognition technology used to identify an individual from a crowd is accurate 90 percent to 99 percent of the time, according to a new report from the National Institute of Standards & Technology (NIST).

NIST’s Iris Exchange III report also found some trade-offs between accuracy and speed, the April 16 final report indicated. Faster searches tended to be less accurate.

At the same time, the iris recognition tests proved to be more accurate than facial recognition tests in some, but not all, circumstances.

NIST’s report is on the first public and independent test of commercially-available algorithms used to determine the accuracy of a one-to-many match, which is a check of an individual’s data against a large database of potential identities to determine if there is a match. Previous tests had looked only at one-to-one verification, in which testing is done to confirm whether an iris with a known identity can be confirmed against a specific record.

The institute evaluated 92 different iris recognition algorithms submitted to the agency by nine private companies and two university labs. The goal was to identify individuals from an iris image, tested against a database of images taken from more than 2.2 million people.

“Accuracy varied substantially across the algorithms the NIST team tested,” according to a NIST blog post on April 23. “Success rates ranged between 90 and 99 percent among the algorithms, meaning that no software was perfect, and some produced as many as 10 times more errors than others. Also, the tests found that while some algorithms would be fast enough to run through a dataset equivalent to the size of the entire U.S. population in less than 10 seconds using a typical computer, there could be limitations to their accuracy.”

If iris recognition is used in combination with other biometric testing, accuracy rates can approach 100 percent, NIST said in the blog post.

The false negative error rate for tests done with single irises, in which a correct match is “missed” by the algorithm, are at 1.5 percent or higher. For two eyes, the rate is .7 percent. The reason for the failure rate is primarily poor quality images due to blur, glare, unusual features of eye or eyelid or defective image preparation or storage.

False negative error rates (“miss rates”) varied by as much as a factor of 10. The most accurate algorithms had false negative rates below 2.5 percent while the least accurate had 20 percent or more false negatives.

NIST said the variation in accuracy suggests a need for additional research.

When compared with similar types of testing for single-face recognition, the single-iris identification provided significantly fewer errors. The false negative rate was about 10 times less for iris recognition vs. facial recognition.

However, the gap narrowed in certain circumstances, such as when the databases for comparison have many false positive themselves.

Several federal agencies have explored iris recognition technologies in recent years. The Homeland Security Department has tried out iris scans at the Texas border and in trusted traveler programs. The FBI is incorporating iris recognition into its next-generation biometric identification system.

About the Author

Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.

The Fed 100

Read the profiles of all this year's winners.


  • Shutterstock image (by wk1003mike): cloud system fracture.

    Does the IRS have a cloud strategy?

    Congress and watchdog agencies have dinged the IRS for lacking an enterprise cloud strategy seven years after it became the official policy of the U.S. government.

  • Shutterstock image: illuminated connections between devices.

    Who won what in EIS

    The General Services Administration posted detailed data on how the $50 billion Enterprise Infrastructure Solutions contract might be divvied up.

  • Wikimedia Image: U.S. Cyber Command logo.

    Trump elevates CyberCom to combatant command status

    The White House announced a long-planned move to elevate Cyber Command to the status of a full combatant command.

  • Photo credit: John Roman Images /

    Verizon plans FirstNet rival

    Verizon says it will carve a dedicated network out of its extensive national 4G LTE network for first responders, in competition with FirstNet.

  • AI concept art

    Can AI tools replace feds?

    The Heritage Foundation is recommending that hundreds of thousands of federal jobs be replaced by automation as part of a larger government reorganization strategy.

  • DOD Common Access Cards

    DOD pushes toward CAC replacement

    Defense officials hope the Common Access Card's days are numbered as they continue to test new identity management solutions.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group