FAR/FRR

FAR/FRR -- Biometric Accuracy Metrics

False Accept Rate (FAR) and False Reject Rate (FRR) are the two primary metrics used to measure the accuracy of biometric authentication systems, including those embedded in smart cards. FAR quantifies the probability that the system incorrectly accepts an unauthorized person, while FRR measures the probability that it incorrectly rejects an authorized person. Together, they define the security-convenience trade-off in any biometric implementation.

Understanding the Trade-Off

FAR and FRR are inversely related through the matching threshold. Lowering the threshold (making the system more lenient) reduces FRR (fewer legitimate users rejected) but increases FAR (more impostors accepted). Raising the threshold tightens security but increases the chance of rejecting genuine users. The Equal Error Rate (EER) -- the point where FAR equals FRR -- is a single-number summary of overall system accuracy. For smart card Match-On-Card implementations, typical targets are FAR below 0.01% (1 in 10,000) with FRR under 3%.

Smart Card Context

In biometric payment cards, the FAR/FRRFAR/FRRBiometricError rate metrics for biometric authentication accuracy.Click to view → balance has direct business implications. A high FRR means legitimate cardholders are frequently unable to complete contactless transactions using their fingerprint, forcing fallback to PIN entry and degrading the user experience. A high FAR means the card might authorize transactions from unauthorized persons, creating fraud liability. Card issuers and EMVCo work with fingerprint sensor manufacturers to establish certification thresholds that satisfy both security and usability requirements.

Measurement Standards

ISO/IEC 19795 defines the methodology for testing biometric systems, including sample collection, evaluation protocols, and statistical reporting requirements. For smart cards, testing must account for the constrained processing environment: the matching algorithm runs on a low-power chip with limited RAM, and environmental factors (dry or wet fingers, temperature extremes, sensor wear) affect real-world performance. Liveness detection capabilities add another dimension, preventing spoof attacks from artificially inflating the FAR through presentation of fake fingerprints.