BWS 3 Face Recognition is in preview now!

Feel free to test our BWS 3 Face Recognition API now. It is still available as a preview version, so we would very much appreciate your feedback.

BWS 3 Face Recognition

Face Recognition is the comparison of the facial characteristics (face features) of a person with a stored version of the facial characteristics (face template) of one or more persons. A comparison with a single biometric template (one-to-one face match) is used for user verification purposes, a comparison with many templates (one-to-many face match) is used to search a specific user in a set of persons.

Service Definition

Use the Protobuf files below to integrate the BWS 3 Face Recognition gRPC API into your client software. When you plan to use the JSON Web API, you don't need these Protobuf files, of course. However, the JSON Web API is generated from the Face Recognition protobuf file.

facerecognition.proto: Definition of the BWS 3 Face Recognition API (preview).
bwsmessages.proto: Definition of messages as used in various BWS 3 APIs.

Endpoint

The face recognition APIs (gRPC API and JSON Web API) can be found at the face subdomain of the various BWS 3 installation locations: https://face.{bws-location}.bioid.com, e.g.: https://face.bws-eu.bioid.com or https://face.bws-sa.bioid.com.

Biometric Templates

Face Recognition is mainly about the creation and management of Biometric Templates and the comparison of face features against these templates. A Biometric Template is a binary representation of a person, generated from one or more face feature vectors, which are calculated from provided face images of this person. To protect generated templates against modifications, biometric templates are always digitally signed. Optionally they can be encrypted for additional security. In BWS 3 we have three versions of biometric templates that build on each other:

Compact: Contains the biometric template only, together with its biometric class ID, the creation timestamp and the encoder version. This minimalistic template version is used for the face recognition operations (verification and search). It has a constant size of currently about 8.2 KB (encrypted ~8.5 KB).
Standard: Additionally to the compact template data, all calculated feature vectors are part of this template version. The enrollment operation uses the stored feature vectors to update a biometric template by adding newly calculated feature vectors to the template. The size of the template depends on the number of feature vectors (~ 24 KB + n * 8 KB) and is currently not limited.
Full: Additionally to the standard template data, all thumbnail images, from which the feature vectos have been extracted, are part of the full template. The enrollment operation can use the stored thumbnails to upgrade a biometric template to a new encoder version if necessary. The size of the template depends on the number of images and is currently not limited.

Biometric Template addressing

Like with our classic BWS version, we stick to the usage of Biometric Class IDs (BCID) to address the location and ID of a biometric template. A BCID is the concatenation of a string for the storage location, where the template is persisted, an integer for the partition and a long for the Class ID:

Storage: The storage indicates where BWS has to search for a persisted template to load it into memory. It is typically associated with the location of the BWS installation and the used storage type (like Database, Azure Table, ...). With on-premises installation, the storage is not used (its always the local database) and can be chosen arbitrarily.
Partition: The partition is a unique number assigned to a BWS 3 client. It is managed with the BWS Portal. When a new client is created in the BWS Portal, a unique partition is automatically assigned to this client. Anyway, at this point, a client can also use another partition already in use within its subscription, so multiple clients in one subscription can share a partition.
Class ID: The unique (within the partition) class ID of the person associated with the biometric template. The class ID is a 64-bit number > 0, completely managed by the client.

Cryptography

As mentioned already, all biometric templates are always digitally signed and the signature is verified, each time the template is loaded. This ensures, that a template has not been manipulated. Additionally, the enhanced templates (standard and full) are always encrypted. Optionally, the compact templates can be encrypted as well for additional security. Typically it should not be necessary to encrypt the compact templates, especially when you plan to perform database search requests, as encryption substantially slows down the performance.