Skip to main content

Duckface to unlock: How our selfie obsession helped make eye-recognition possible

How our selfie obsession helped make eye recognition possible
Image used with permission by copyright holder
Let’s all give thanks for selfies. Not because they’ve given the vain something to occupy their time, but because without them, we wouldn’t be on the cusp of unlocking our phones merely by looking at them. In a strange twist of fate, the world’s obsession with the selfie has helped propel eye-recognition technology forward faster than expected.

If the selfie craze hadn’t happened, we might not be where we are, according to Toby Rush, CEO and founder of EyeVerify, which makes eye-recognition technology called Eyeprint ID. According to Rush, selfies were just starting to take off when his team began working on their technology, and not every phone had a high-res front camera. “We were naive. We thought people would turn their phones around,” he laughed.

Recommended Videos

Thankfully, our lust for photos of ourselves sparked a wave of new hardware that Rush’s team was able to ride right alongside preteens snapping selfies. “All of a sudden, every smartphone manufacturer wanted to put a 5 or an 8-megapixel camera on the front of a phone,” Toby remembers. Apple’s introduction of TouchID on the iPhone 5S, he adds, played a big part in bringing attention to the world of biometric authentication.

Not more secure, more convenient

Why should our phones scan our eyes instead of our fingerprints? They shouldn’t.

“We don’t see EyePrint as an alternative to fingerprint scanning, we see it as an addition to it,” Rush explains. “When you think about biometrics, there is no right or wrong, but you do need to think about what the user is doing the vast majority of the time when they want to authenticate an action.”

“It’s not more security, it’s more convenience.”

“Heartrate makes a perfect biometric for smartwatches, but don’t make me talk, touch, or look at it. But with a smartphone, you’re either touching or looking at it, and some of the companies we’re working with — on flagship phones — want to provide both. It’s not more security, it’s more convenience.”

EyeVerify’s technology impressed when we saw it on the ZTE Grand S3 back at CES this year. It works by matching the blood vessels in the whites of our eyes, each one of which is like mapping 100 unique points-of-interest on a map, and then another 100 points-of-interest on each one when you zoom in. It’s not the same as iris or retina scanning, and both of these require special camera hardware to measure. EyeVerify’s method, as we’ve already found, only needs a selfie cam.

No additional hardware needed

Without additional hardware cost, even low-end phones can incorporate eye recognition without spending out on an extra component. However, is a low-res front camera up to the job of looking deeply into our eyes?

“The only difference for us is range,” said Toby, when asked if there was a difference between a 2-megapixel and a 13-megapixel front camera for use with EyePrint’s technology. “The better the resolution, the farther away you can hold the phone.” However, even the lowest megapixel front cams can produce surprising results. A single megapixel camera is still usable from 20cm away, for example. For comparison, a 5-megapixel camera is capable of operating from 30cm away, and an 8-megapixel camera is happy at between 35 and 40cm — easily covering most outstretched arms.

Like all good security measures, the authentication process is designed to be quick and seamless. “We don’t want to move a finger to the fingerprint sensor when we’re already looking at the device.” said Toby. EyeVerify is now authenticating at a speed of 500 milliseconds, and even on older processors — such as the Snapdragon 400 — the time is still only just over a second. Interestingly, the graphics processor inside a phone is actually more important than the CPU for EyeVerify, due to the heavy use of image processing. So besides selfies, Rush has the rise of 3D mobile games to thank for the hardware that enables his technology, too.

Nothing stored in the cloud means nothing to hack

There is something pleasingly sci-fi about having our eyes scanned for recognition, but what about the real-world security aspects of biometric authorization? For Eyeprint, there is only one option, and it’s not storing data in the cloud. “It’s never a matter of ‘if’, it’s only ‘when’,” said Toby, referring to data stores like this being hacked. “So we do all of our matching on the device.” To make sure there’s no chance of anything being transferred to the cloud accidentally, EyeVerify doesn’t sell any cloud server software at all.

While this may sound like the simple option, it’s not. “What we had to do is calculate a special security key from your eye, which is a two-step process. Step one is to match the biometric, and if they match at a high enough level, then you pass. We have to go beyond that for step two, and calculate a key that’s the equivalent of a 50-character complex password, which is used for authentication. It’s not just a true or false.” Imagine trying to remember a password of this length and complexity, on an everyday basis.

Should the password be compromised, all that’s needed is a quick reset and re-authentication, and a new key is created. No keys are ever sent from an EyeVerify-equipped device, even if a server-based app is asking for authentication, when a publicly-generated, one-time key is used. It was also a considerable challenge to come up with a way to generate the keys on the device, and not on a server. For data privacy’s sake, it was worth it.

New phones with eye-scanning tech out before the end of the year

Keeping our phones locked, and payment methods secure is only the start. Looking to the future, Toby sees our phones and any relevant wearable devices becoming tied to medical records and health data, for which a higher degree of security will be needed to authenticate when we visit healthcare practitioners. This, combined with increased reliance on our phones for financial and company information, makes reliable, super-secure biometrics even more important.

The more confidential data that’s stored on, or accessed using, a smartphone, the more comprehensive that security needs to become. EyeVerify is working on even more complex keys, and says a 100-character password created by using an Eyeprint ID eye scan — twice what it’s capable of producing now — is possible in the next six months or so.

The good news is, we’re not going to have to wait long for more phones to come out with EyeVerify’s eye print recognition installed either. Toby confirmed that the company is “working with 20 different smartphone manufacturers right now.” Four have already launched with EyeVerify’s technology — ZTE, Alcatel, Vivo, and Umi — and he expects another four before the end of 2015. Soon, look-to-unlock will be as normal and natural as using our finger for a scan, or to tap out a PIN code.

All because we can’t stop taking selfies.

Andy Boxall
Andy is a Senior Writer at Digital Trends, where he concentrates on mobile technology, a subject he has written about for…
Government demands answers from Apple over iOS 18 performance problems
A person holding the Apple iPhone 16 Pro Max.

Soon after Apple began the public rollout of iOS 18 — loaded with the Apple Intelligence stack — there were plenty of negative reports documenting sluggish performance, camera woes, UI status, and more.

Today, Apple has received a stern notice from India’s consumer watchdog over the performance issues encountered by iPhone users after installing the update. It is not quite the same as “Apple deliberately slowing down old iPhones,” because the iOS 18 woes also affect the latest iPhone models. The notice was issued by the Central Consumer Protection Authority (CCPA), a regulatory agency that oversees consumer grievances and violations of their rights, while also conducting investigations and issuing orders related to recalls.

Read more
Don’t buy overpriced used iPhones with TikTok installed
Exploring TikTok's STEM feed on a phone.

If you want to download the TikTok app onto your iPhone and you live in the U.S., you’re currently out of luck due to an ongoing ban. Because of this, some would-be entrepreneurs are attempting to make a quick buck on eBay by selling iPhones with the TikTok app pre-installed.

People are attempting to sell used iPhones “Unlocked with TikTok App” on the site for as much as $50,000, as first noted by Wired. To make these deals even less appealing, some of these listings are for iPhone 12 Pro Max models first released in 2020, and not even the latest iPhone 16 models.

Read more
T-Mobile crushed its rivals in this important test
A person playing a game on the Asus ROG Phone 9 Pro.

In the U.S., the top carriers don't offer the same network performance. One carrier has significantly outperformed the others over the past six months, according to data collected in network and connectivity expert Ookla's latest "Speedtest Connectivity Report." The report, which covers data collected between July and December 2024, found that T-Mobile, the third-largest carrier in the U.S., has emerged as the clear leader in overall performance. The differences are striking.

Ookla reports that T-Mobile provides media download speeds 120% faster than its closest competitor, AT&T. Verizon, the largest carrier by subscriber count, ranked third. These speeds are enough for Ookla to conclude that T-Mobile offers the best mobile gaming experience.

Read more