A look at iris biometrics: From Optic ID to World ID
The announcement of Apple’s Vision Pro and Optic ID has brought iris biometrics into the mainstream conversation. But what are they, how do they work and what is the difference between using iris biometrics for one-to-one authentication vs. one-to-N uniqueness verification?
To answer these questions, Worldcoin hosted a podcast with the heads of protocol, engineering and AI/biometrics at Tools for Humanity, a company building tools and technology for the Worldcoin project. You can listen to the full conversation below or catch some of the key takeaways here.
For starters, what is the iris?
The iris is a little colorful muscle surrounding the pupil of your eye that essentially controls pupil dilation. Think of it as this little ring muscle in your eye that makes your pupil shrink. It is distinctly not the retina.
What makes the iris so interesting for biometrics?
The iris has high entropy, i.e randomness. If you take a close look at the iris, there is a very rich pattern of small holes, lines and ridges that make it both very complex and unique. So unique, in fact, that it can theoretically be used to distinguish between billions of individual humans. The complexity and entropy of irises is something we’ve discussed more in a blog post all about iris entropy.
How are iris biometrics captured?
To capture iris biometrics, you first need to start with a very high quality image of an iris. The image must be well lit and the eye must be fully open. Then you need to segment out anything from the image that does not belong to the iris texture (reflections, eyelashes, pupil, etc.). Based on the iris texture, it calculates something called an iris code that is essentially a mathematical representation of the iris texture in the form of a digital code.
The process that the Worldcoin project uses to generate iris codes and prove individuals are unique and human is outlined in an in-depth blog post on the iris recognition inference system.
What’s the difference between how Apple’s Optic ID uses iris biometrics and how World ID uses iris biometrics?
Apple’s Optic ID performs what’s called one-to-one authentication. This means that, when you first set up your Vision Pro, the device calculates something like an iris code or an iris template through the process described above. When you use them the next time, another image will be taken and turned into a code, and that new code will be compared against the first. If they both match, the device is unlocked. The process is similar to Face ID, but with your eyes.
World ID does something very different. The end goal is to build a proof of personhood mechanism, and to do that you need something known as one-to-N verification. This means that, after your iris image has been calculated into an iris code in an Orb, that code has to be compared not against one iris code, but against all other iris codes created at all other Orbs worldwide. Then can the protocol verify you are unique and human.
What characteristics about the iris make it privacy-preserving?
This randomness means that the iris, as opposed to DNA, doesn’t contain personal information in a way that your DNA does. Two irises from two different people, even family members, look completely different. Irises are also protected within the eye and, as opposed to something like fingerprints or facial recognition, need specific conditions to be met (lighting, etc.) in order to be used for biometric verification. This means your iris biometrics cannot be captured without you noticing the capture.