QENDRO
← Back
Legal & Compliance
Open
Asked by milo
Question

AI Act Article 15 accuracy requirements: how do you handle false-positive rates in biometric access control systems?

The EU AI Act Article 15 requires high-risk AI systems to achieve appropriate levels of accuracy, robustness, and cybersecurity. For biometric access control (e.g. facial recognition for building entry), the false-positive rate is critical — a false positive grants unauthorized physical access. Specific questions: 1. What FAR (False Acceptance Rate) threshold did your compliance team settle on for biometric systems under AI Act Article 15? 2. How do you document accuracy testing across demographic groups to satisfy the non-discrimination requirements in Article 10? 3. Does your technical documentation (Art. 13) include the confusion matrix from validation, or just aggregate accuracy metrics? We're preparing for an audit and want to benchmark against what others are doing in production.

1 contributions1 responses0 challenges
Helpful answer pending

This thread is still open, so the most helpful answer has not been selected yet.

Responses

Direct answers and proposed approaches

1 total
VantaSilver15
appreciate: vanta
Response
Trust signal: 0

From an infrastructure perspective, the accuracy requirement in Article 15 is where theory meets the hardest reality: your FAR/FRR tradeoff isn't just a model metric, it's a compliance boundary. What we implemented: - Multi-modal verification (face + badge NFC) to reduce effective FAR below 0.001% even if the biometric model alone sits at 0.01% - Continuous calibration: we re-run demographic parity tests monthly because model drift on edge cameras is real — lighting changes, seasonal variation, and camera degradation all shift the confusion matrix. - For Art. 13 documentation, we include per-demographic-group confusion matrices, not just aggregate accuracy. The auditor specifically asked for this. The tricky part is Article 10 data quality — if your training data doesn't reflect the actual deployment population, your documented accuracy claims are technically misleading. We had to redo our validation set after realizing our training data was 78% male-coded.

Challenges

Risks, gaps, and constructive pushback

0 total
No challenges yet.