Facial matching is a biometric verification technique that confirms whether two facial images belong to the same person. In digital identity systems, it's primarily used during identity proofing, comparing a selfie captured during enrollment or credential issuance against a reference photo from an authoritative source like a DMV database.
One-to-one verification
Facial matching for identity proofing performs one-to-one (1:1) verification: given two images, the system determines whether they show the same person. It’s important to note that facial matching differs from facial recognition used for surveillance or identification, which performs one-to-many (1:N) searches across databases of many individuals.
Facial recognition is controversial because it enables broad identification without an individual’s direct participation or consent and can be used for persistent monitoring. In contrast, facial matching for identity proofing is a consent-based, point-in-time verification performed only at enrollment or issuance, for the limited purpose of confirming an individual’s identity.
The 1:1 verification question is straightforward: Is the person taking this selfie the same person whose photo is on file with the DMV? The system isn't trying to identify an unknown person from a crowd; it's confirming that a specific claimed identity matches the person present.
This distinction matters for privacy. 1:1 matching is used to confirm a claimed identity against a specific reference image; it is distinct from 1:N identification use cases, though similar underlying technology can be used in other contexts depending on governance and deployment.
How facial matching works
Modern facial matching systems use machine learning algorithms trained on large datasets of facial images. The system extracts features from each face, measurements of distances between facial landmarks, analysis of face shape and structure, and other characteristics that remain relatively stable over time.
These features are converted into mathematical representations (often referred to as embeddings or templates) that can be compared numerically. If two embeddings are sufficiently similar, exceeding a defined threshold, the system concludes the faces match. The accuracy of facial matching has improved dramatically with advances in deep learning.
Facial matching in credential issuance
During remote mDL provisioning, facial matching confirms that the person requesting the credential is the same person whose identity documents are on file. The workflow typically proceeds as follows:
The applicant initiates a credential request through a mobile app or web portal. The system prompts them to capture a selfie, often with liveness detection to confirm physical presence. The captured image is compared against the reference photo in the DMV's database, the photo taken during the original license application.
Comparing against an authoritative, high-resolution DMV photo provides stronger security than traditional identity verification approaches that rely on low-resolution images sourced from commercial data aggregators. This authoritative comparison reduces susceptibility to synthetic or manipulated images and improves resistance to deepfake attacks, because the verification is anchored to a trusted government source rather than probabilistic third-party data.
If the images match with sufficient confidence, the identity proofing check passes, and the credential issuance can proceed. If the match fails or falls below the confidence threshold, the system may require additional verification or direct the applicant to complete the process in person.
Combining with liveness detection
Facial matching alone doesn't confirm the person is actually present, it only confirms that two images show the same face. An attacker with a stolen photo could potentially satisfy facial matching by presenting that photo to the camera.
For this reason, facial matching is typically combined with liveness detection. Liveness confirms someone is physically present; facial matching confirms that person matches the claimed identity. Together, they provide robust assurance that the right person is receiving the credential.
Privacy considerations
Facial matching involves processing biometric data, which raises privacy considerations. Best practices include:
Data minimization: Capture only what's needed for the match, and retain only what's necessary for the use case.
Automatic deletion: Discard selfie images after verification completes, leaving only the original reference photo from the issuer's database.
Transparency: Inform users that facial matching will be performed and explain how their data will be handled.
Accuracy monitoring: Test systems across demographic groups to identify and address bias or accuracy disparities.
The role of trust
Facial matching provides a crucial link between the digital and physical worlds. It confirms that the person requesting a verifiable digital credential is the same person who was identity-proofed for the original physical credential. This chain of trust, from the issuance of original documents through credential provisioning, ensures that verifiable digital credentials carry the same assurance as the underlying identity verification processes.
Want to keep learning?
Subscribe to our blog.
