What Does False Rejection Rate FRR Mean And Its Importance?
October 24, 2023
Have you ever been locked out of your phone because it didn’t recognize your face? That’s the false rejection rate (FRR) at work—a metric you can’t afford to ignore, especially in decision-making and accuracy assessment.
FRR, a commonly used metric in biometrics, is a key factor in validating identities as a whole, especially identity documents. It measures the rate at which valid identities are falsely rejected by the system. In other words, it indicates the likelihood of the system rejecting a genuine identity.
This metric is especially important when it comes to validating identity documents, such as passports or driver’s licenses, as it ensures only individuals with valid identification are granted access to certain services or areas.
In this article, we’ll dive into what FRR means, how it differs from false acceptance rate (FAR), and why getting a grip on these metrics matters for you and your business. Let’s get started.
What is false rejection rate?
False reject rate is a metric that gauges how often a system incorrectly denies access to authorized users. Simply put, it’s the rate at which the system says, “Nope, you can’t come in” to legitimate users.
You calculate it by dividing the number of false rejects by the total number of access attempts made by authorized users, typically shown as a percentage.
Understanding FRR has real-world implications. For instance, for a smartphone, you’d want a low FRR to avoid frustrating users just trying to check their messages. However, in high-stakes scenarios like a biometric system safeguarding sensitive financial data, a higher FRR might be tolerable, given the critical need to prevent unauthorized access.
What is the difference between the false reject rate (FRR) and false accept rate (FAR)?
FRR and FAR are critical metrics in systems designed to validate an identity, but they serve different purposes. FRR measures how often the system incorrectly rejects legitimate users. A high FRR can be a headache because it means the system is a bit too skeptical, even turning away people who should have access.
On the flip side, FAR gauges how often the system incorrectly accepts unauthorized users. A high FAR is a security red flag. It indicates that your system is a little too trusting, letting in people who shouldn’t be there.
However, FRR and FAR are not the only metrics used in evaluating identity and security systems. True acceptance rate (TAR) and true rejection rate (TRR) are also important metrics. TAR measures the rate at which valid users are correctly accepted by a system, while TRR measures the rate at which imposters are correctly rejected. These metrics provide a more complete picture of the accuracy of a system.
But when it comes to identity verification, FAR is often one of the most important metrics to consider.
How do the FAR and FRR impact each other?
The interplay between FAR and FRR is crucial. These rates are influenced by the threshold value set in the system.
Imagine the threshold value as a guard at the door. Set it too low, and you’ll reduce FRR but may end up with a high FAR, letting in unauthorized individuals. Set it too high, and the opposite happens: you’ll ramp up FRR by turning away legitimate users.
In terms of where these lines intersect, that point is often referred to as the equal error rate (EER), where FRR and FAR are equal. It’s a handy metric for finding a balanced threshold value that doesn’t compromise too much on security or user experience.
Consequences of high FRR
False rejections aren’t just a momentary annoyance. They disrupt user workflows.
Every time a legitimate user is denied access, there’s an interruption. These interruptions—especially if frequent, can accumulate into significant downtime.
For businesses, this means tasks get delayed, meetings get postponed, and the overall pace of work slows down. Over time, this can translate into tangible financial losses, especially in sectors where real-time access is critical.
Beyond the tangible, there’s a psychological cost to FRR. Continual denials can erode user confidence and trust in the system. Feeling locked out of one’s account or denied access to crucial data, especially when the user is legitimate, can be frustrating enough to make a user leave entirely.
How do FAR and FRR affect security levels?
Both of these metrics can significantly affect the security level of identity security systems. That’s why the Equal Error Rate is often a key reference point for optimizing a system’s overall security level. In real-world scenarios, failing to find this balance can be disastrous.
A recent study proved that over 6 million records were exposed in data breaches worldwide during the first quarter of 2023 alone. Imagine a data center suffering a security breach because its false acceptance rate was too high, allowing bad actors to access critical systems and sensitive information. A single point of failure like that can have cascading consequences.
Let’s also think about healthcare. Medical records accessed through biometric systems can present a security risk in a hospital setting.
An FRR that’s too low might seem like a good idea to ensure doctors get immediate access to life-saving information. But if this pushes up the FAR, there’s a risk of exposing confidential patient data, breaking privacy laws, and jeopardizing patient trust.
False rejection rate in Action
In a notable incident that challenges the infallibility of biometric security systems, HSBC’s voice recognition system faced a surprising loophole. Launched with the assertion that voice prints were as unique as fingerprints, the system was proven fallible when BBC Click reporter Dan Simmons discovered his non-identical twin, Joe, could mimic his voice well enough to bypass security.
While Joe couldn’t initiate money withdrawals, he was granted access to account balances, transaction histories, and the ability to transfer money between accounts. Alarmingly, the system permitted Joe seven attempts to replicate his twin’s voice before granting access on the eighth.
This event was a wake-up call, highlighting the potential pitfalls of relying solely on voice recognition, especially when the stakes involve sensitive financial data. HSBC defended the system’s overall security, stating its superior safety over traditional passwords. Still, the incident serves as a cautionary tale about the nuanced challenges of biometric security and the constant need for refinement and oversight.
Ensuring Accurate Identification
FRR isn’t a buzzword. It is a critical metric that informs the reliability and security of your systems. Balancing FRR with FAR is essential for maintaining a secure and efficient environment.
So, don’t let it be an afterthought. As technologies advance and security becomes more complex, keeping a vigilant eye on FRR-related developments and applications will serve you well.
If you want an efficient and accurate solution for validating identity documents, look no further than BlinkID.
With its advanced machine learning algorithms and state-of-the-art technology, it offers a smooth and secure identity verification experience with a low FRR. Get started with a free trial today.
