KYC AML Guide: the Clock shows the average reeding time of the blog10 min Read


KYC AML Guide: the Clock shows the average reeding time of the blogJanuary 3, 2024

The Dilemma of “False Acceptance Rate vs False Rejection Rate” in Identity Verification

According to summarized NIST findings by Roger Grimes, None of the KYC Vendors is good enough. The ideal KYC Solutions have an error rate of 1.9% after every 100 IDV submissions. In multiple Biometric solution deployments, both FAR and FRR are much higher than expected. False Positives and False Negatives are the main concerns for KYC Solution Providers. This article is a detailed explanation of the False Acceptance Rate (FAR) and False Rejection Rate (FRR) in an identity verification process. It also talks about how an ID Verification Solution can reach the ideal match and reduce both FAR and FRR to achieve higher accuracy levels in identity verification.

Belal Mahmoud

KYC Product Consultant

What are the False Acceptance Rate (FAR) and False Rejection Rate (FRR)?

The concept of False Acceptance and False Rejection is based on False Positives and False Negatives respectively. False Positives are the wrongly raised red flags by a KYC Identification System. It means that the customer’s identity was fraudulent and posed a high risk to the financial institution but the system accepted it and raised no red flag. The frequency with which a KYC Tool accepts false positives is known as False Acceptance Rate.

On the contrary, False Negatives are the incorrect rejection of customer profiles and wrong red flags the system raises. Thus, the False Rejection Rate refers to the frequency of rejecting false negatives.

Background calculation of FAR and FRR

It is a critical task and a rising concern for KYC solutions to minimize the FAR and FRR. The trust in these solutions greatly depends on the fact that how the number of their FAR and FRR is low. Here are the main formulae by which FAR and FRR are calculated:


False Acceptance Rate (FAR) and False Rejection Rate (FRR) Formulae

False Acceptance Rate Formula:

It calculates the percentage of times the system incorrectly accepts something false among all instances where it should have been rejected (including the cases where it was correctly rejected).

False Rejection Rate Formula:

It calculates the percentage of times the system incorrectly rejects something true among all instances where it should have been accepted (including the cases where it was correctly accepted).

Main Causes of FAR and FRR

Data Overload KYC Identity Solution can be overwhelmed by a large amount of data leading to increased False Acceptance and False Rejection. It may mix up similarities causing erroneous red flags and accepts.
Human Error Manual Handling in KYC has high chances of False Positives and False Negatives. This is due to human error for example while carrying out data entry in biometric IDV systems, it may record wrong information during verification. Also, slight movements and human limitations during biometrics such as sweaty palms and fingers during fingerprint scans can lead to False Rejections.
Outdated Systems Outdated Algorithms and IDV technology can lead to difficulty in recording the right identifiable information leading to increased FAR and FRR. Poor-resolution cameras in older smartphone models and outdated biometric and selfie verification scanners can cause False Positives and False Negatives.
Scarce Resources Insufficient resources and limited tool capacity can also limit the power and accuracy of a KYC Tool to rightly identify and detect customers. This limitation can be computational power, storage capacity, or the ability of scanning devices.

How do FAR and FRR affect KYC Identity Verification?

Know Your Customer (KYC) requires robust identity verification tools, software, and associated practices in place to rightly differentiate between a risky individual and a genuine customer. For this purpose, it is important to meet the benchmark of highest accuracy through the least possible FAR and FRR. Here is a graphical illustration of how False Acceptance and False Rejection coincide:

Thresholding FAR and FRR

Here, the ideal estate for a KYC Tool is to reach an equilibrium (ERR) where both FAR and FRR are minimized at the best possible levels. Achieving a perfect zero effect in this case is impossible due to limitations of resources and other factors such as:

  • KYC Technology used (biometrics, AI, etc.)
  • Cost
  • Accuracy Levels

The Risk of Identity Spoofing due to FAR and FRR

Identity Spoofing is a risk associated with increased False Acceptance and False Rejection rates in biometrics. It is a criminal act in which a person is disguised as a legitimate individual or an entity. The risk of identity theft or spoofing is raised whenever a false positive is accepted. This is because the imposter can not easily use the services of a bank or FI to commit further crimes if it goes undetected. Similarly, in the case of False Rejections, the genuine customer identities that are already in use by a spoofer hinder the use of services by that customer. This can cause customer loss and reputational damage to the firm.

Identity Spoofing also uses a technique called ‘Deepfakes’ that increases the risk of FAR and FRR as deep fakes make it difficult for Identity Verification solutions to detect potential fraudulent login attempts.

Also Read: How to Detect a Fake ID? | KYC AML Guide

How can a KYC Solution Reduce FAR and FRR?

There are 5 ways in which a KYC Identity Solution Provider can reduce the FAR and FRR and reach the optimal balance.

How Identity Solution Providers can Reduce FAR and FRR?

1) High-Quality Biometrics

Biometric scanners and authentication devices should be of high quality and accuracy to ensure that the data recorded is the most accurate. It includes clear facial images through high-resolution and intelligent cameras, accurate fingerprint scanners, etc.

2) Advanced Algorithms

Well-tested algorithms can enhance the accuracy of Identity Verification and help reduce the FAR and FRR. These algorithms need regular updates and testing for bugs to maintain quality responses.

3) Robust Liveness Detection

Liveness Detection ensures that a biometric verification attempt is coming from an actual live person and not a spoofing attempt. Liveness Checks increase the accuracy of identification and verification and support the reduction of False Accepts and False Rejects.

4) Fine-Tune Threshold

Implementing adaptive thresholding and adjusting the decisions according to the industry standards for example trying to minimize both FAR and FRR in identity verification and reaching the acceptable minimum balance. There should be an optimal balance between the levels of FAR and FRR to achieve the highest possible accuracy.

5) Risk-Based Authentication

Consider the risk-based approach in authentication requests for example if a user is attempting to log in to an account from a known device and location, the solution should adjust the threshold as per the risk level involved. It allows for a more secure but user-friendly experience and manages risky profiles accordingly.

KYC Solution Providers should consider implementing a pragmatic approach to test their Identity Verification Solution. It will draw a clear picture of where their solution stands in terms of accuracy and the levels of FAR and FRR. KYC AML Guide introduces a well-researched guideline and analysis where KYC Solution Providers can test their solutions under the following metrics:

Testing metrics of KYC Solutions by KYC AML Guide


KYC AML Guide: the Facebook share KYC AML Guide: the Linkedin share KYC AML Guide: the Twitter share
Belal Mahmoud
KYC AML Guide: the Linkedin share

Belal possess over 8 years experience in the KYC Identity Verification industry. He has consulted KYC solutions for over 20 new economy companies at DIFC and ADGM while ensuring a seamless technical integration and helped in jurisdictional compliance audits.