Manufacturer 1-on-1: StoneLock Co-Founder and CEO Colleen Dunlap

Sept. 26, 2017
Facial recognition firm's top executive sits down for a Q&A interview with SIW

Once reserved for only niche high-security environments, biometrics have found their way into more mainstream access control applications in recent years driven primarily by advancements in technology and falling prices. Additionally, increasing interactions between people and biometric solutions, such as fingerprint and now even iris readers on some smartphones, has also played a significant role in getting the population more comfortable with using biometric identifiers for physical and logical access.

While there remains a multitude of modalities that end-users can opt to deploy in the market, the majority of organizations have settled on fingerprint, iris and facial recognition as the de facto standards for most biometric installations. When it comes to facial recognition, one company that has made great strides in the product category is StoneLock, which leverages near-infrared technology (NIR) to provide end-users with quick and reliable verification of identities.

SecurityInfoWatch.com (SIW) caught up with Colleen Dunlap, the co-founder and CEO of StoneLock, at ASIS 2017 to discuss what differentiates them from the rest of the market as well as how their latest product release, the StoneLock Gateway, will help security end-users manage biometric profiles moving forward. 

SIW: How does near-infrared technology work and what kinds of advantages does it offer to end-users in biometric access control environments?

Dunlap: One of its greatest advantages is that it is not light-dependent. We flood the user’s face (with NIR wavelengths) and measure – over 2,000 points of measurement – and know that it is absolutely the person that is supposed to be on that biometric profile. It’s accurate enough that we know identical twins every single time. We are one of the only biometric (companies) that will go out and publish our false acceptance rate (FAR), which is better than one in a quarter-million or 0.0004 percent. Our whole purpose is that the correct person gets in on the biometric each and every time. We would rather deny someone than let the wrong person in.

For us, the infrared allows for very high accuracy and when you compare that to what has been done with other technologies – most of them use IP cameras, they are light-dependent, so if I register in the morning but I need to use it half a year from now and it’s a different kind of day and lighting structure, I may or may not get in and most of the time I won’t. When you use a photo-based image versus a measured, infrared process, you’re actually taking that image in color, dropping it to grayscale and then doing extrapolation and that’s how you’re trying to compare your biometric and that’s distinctly different from us.

SIW: Biometrics, in general, seemed to have gained increased momentum in the market in recent years. What you say have been some of the biggest drivers behind that and how are you technologies like yours pushing the bar even further in terms of what can be achieved?

Dunlap: Let’s start with brass keys right, nobody knew who had the key, they just had the key to get in the door and if you could find it, you could get in. Then the industry moved to cards, prox cards, etc., but at the end of the day cards can be cloned and they can be cloned very easily and fairly inexpensively. When you just have that card – it is being audit trailed at the door but not the person – add the biometric. The biometric actually allows you to then audit trail to determine if it is the right person. In the biometric world, there are biometrics that can be spoofed and there are biometrics that cannot be. We are one of the ones that have been proven out, if it’s the proper user with proper credentialing, proper permissions, they get through the door. If it is an improper user without a credential, they do not get through the door.    

SIW: Are some of the concerns that have been raised with biometrics in past, such as privacy, still a big hurdle for many end-users and who do you overcome that?

Dunlap: Those are questions we’re asked all the time. The first one is always; do you have PII (personally identifiable information)? We have clients that are global in nature, many of the high-tech ones are very global in nature and, depending on the country, you have to be very careful about what you do or don’t contain or hold of a person. We don’t have PII, so when we do a biometric read that is dropped in the binary and then that is actually thrown away and dropped just down to a reference file. So, you’re nothing but a reference number, there is nothing that could be reproduced of you. A company can’t take that information and use it against you nor could a hacker take that information and know it is you. They just have a number and without us to decrypt it and your face to decrypt it, it is not usable.

Also, our throughput is in line with turnstiles. A lot of turnstiles can only go up to 25 to 30 people a minute whereas we can go up to 40 people a minute. Speed is something we’re known for. We’re also frictionless.   

SIW: With the variety of biometric access solutions that are on the market today, how do you stand out from the crowd?

Dunlap: A lot of it is word of mouth from people that use it which is always a wonderful thing. The other thing is that we do one thing really well and that’s facial recognition, we’re not a company that is going to move into other biometrics. Second to that, we understand the problem that has been associated with maintaining, managing and transferring those biometrics, whether it is because there is a government policy, a logistics issue, etc. 

SIW: How does your new StoneLock Gateway solution that you’re unveiling at ASIS this year play into that?

Dunlap: The StoneLock Gateway is absolutely the key to managing biometric profiles. We don’t really care if you have one PACS system or if you have three PACS systems, we will help you maintain, transfer and accurately audit trail, as well as not have to re-enroll should you choose a new PACS system. It is something that houses and self-contains those biometrics.

The biggest thing about the Gateway is that it keeps us very scalable. It is a single functionality that happens with those PACS systems and, as I said, many PACS systems can be rolled together. So financial companies, for example, that may have three or four (access control) systems because they keep buying buildings, that becomes important for them and then on the tech side, because we’re able to put the Gateway in redundancy, we maintain our high-availability. If something goes down, the other one picks up, they never go offline or lose any of those biometric profiles.

We’re looking to continue to grow and make biometrics an easy thing to use versus something you need to fumble around with.

About the Author: 

Joel Griffin is the Editor-in-Chief of SecurityInfoWatch.com and a veteran security journalist. You can reach him at [email protected].