Facial Recognition has become a fairly established technology. While being mostly used to unlock smartphones in the Western World, in China, more and more user interactions are based on facial biometrics.
Alibaba’s Alipay, for example, rolled out a tablet-like Point-of-sales device that allows customers of any shop to authorize mobile payments using their face. At other places, access to restricted areas such as schools or offices is managed with the technology. Even train passengers can travel without any documents.
From my personal experience in China, I know that such interactions are considered convenient and mostly accepted across the society – albeit they clearly transform how humans behave and interact in public spaces.
Besides negative aspects of governmental surveillance, also private companies gain deeper insights on their users. For example, if public advertising display are equipped with internet-connected cameras (which some already are), private companies could recognize anyone with extreme accuracy. Pedestrians or even users of elevators could be targeted with personalized ads based on their movements, sentiment, outfit or companions. This scenario is becoming a reality now, but the notion is not new. Already in 2002, Minority Report envisioned public billboards that recognize and bother pedestrians in real life.
While an email address can be filtered or replaced if it receives too much spam, a face usually remains for a life time. Therefore, I asked myself, how facial recognition in public spaces can be designed in a way that averts such creepy scenarios and complies with European Data Protection Regulations (GDPR).
FaceAuthent
FaceAuthent is a facial recognition system that can be implemented by any service provider or public space, while allowing users to hide their biometric identity. In other words, users’ can authorize themselves using their face, without allowing any third party to know how they actually look like.
Users enroll in an app
FaceAuthent comes as a mobile app that facilitates transparent and informed user on-boarding by design.



Anonymous user profiles
FaceAuthent creates a multidimensional facial profile which is uploaded to a secure server. The system does not store any other personal information (not even name or email address).



Connection of third-party interactions with FaceAuthent



Third parties, for example an airline, will not know how the user looks like. Instead, they receive a temporary user token from the FaceAuthent plugin they can embed into their apps.
Real-life integrations
The airline also needs to integrate secure FaceAuthent facial recognition hardware at its boarding gates. Once passengers enter through these gates, the system will check if the person’s token matches with any linked boarding pass.

The same interaction could be implemented in any type of public interfaces, for example, …


Designing technology that protects user’s privacy
FaceAuthent gives an idea how controversial technologies such as cloud-based facial recognition could be designed in a way that combines protection of sensitive data with seamless and convenient user experience.