Matching Methods for Identity Verification in Access Control Systems

Access control systems are designed to prevent unauthorized access into sensitive areas, rooms, and buildings. They function like a lock and key system, but with the flexibility to customize the “key” – the specific credential a person must present to gain entry. But how do these systems validate individual credentials? How do they determine if a person is authorized to enter? There are various matching methods that access control systems use to verify if a given credential – whether it’s a face scan, fingerprint, or card number – matches with what’s stored in the system’s database.

Method Description Speed Flexibility Accuracy
1:N Presented credential is compared against all stored records to find a match. Slow with large databases High Low
1:1 Presented credential with unique identifier is compared against a specific stored record to confirm a match. Fast Low High
1:Few Presented credential is compared against a subset of stored records to find and confirm a match. Faster than 1:N but slower than 1:1 Medium Medium

1:N Matching

1:N (“one to many”) matching compares a given credential against every stored record in a database to find a match. The term “one to many” refers to a single piece of information (the credential) being compared to many others in the system. This method doesn’t verify identity; rather, it identifies which record, if any, in the database matches the presented credential. The 1:N matching process is intended for identification, essentially asking, “Who are you?” By finding a match, the system establishes the person’s identity and checks their authorization for access.

How It Works

Let’s use our 2MTHFR-2M/2MWTK access control terminals as an example to explain how 1:N matching works. The terminals use 1:N matching to authenticate users when face recognition is enabled as the verification method. They capture a face snapshot of the person attempting to enter and compare it with every face image stored in the system’s library. If a match is found within this library, the terminal grants access. In summary, the terminal identifies who the person might be by searching for a face match in its system. Once the person is identified, the terminal determines access based on the authorization level in the matched record.

Advantages & Disadvantages

1:N matching doesn’t require an exact match, which provides more flexibility in the identification process. This is particularly useful in face recognition because people’s appearance can change or vary, and requiring an exact matching could result in the system failing to recognize a user. Additionally, the broad scope of comparison offers greater adaptability and increases the chances of finding matches. At the same time, however, it also raises the chances of errors and false positives. Another downside is that 1:N matching can be slower, especially with large databases, because each credential has to be compared against every record in the database.

1:1 Matching

Unlike 1:N matching, 1:1 (“one to one”) matching does not involve searching through the entire database to find a match. This method requires the user to present a unique identifier, which is then compared against a specific stored entry in the database to confirm a match. The purpose of 1:1 matching is verification, asking “Are you really who you say you are?” When a user provides an identifier, they claim to be a specific person with authorization to enter. The 1:1 matching process verifies this claim by confirming that the provided identifier matches the one associated with the claimed identity.

How It Works

When both card-based access and face recognition are used as the authentication method on our 2MTHFR-2M/2MWTK terminals, the system first conducts a 1:N match with the card and then a 1:1 match with the face. In the 1:N matching step, the user presents their access card, which has a unique identifier. The terminal compares this identifier against every record in the database to find a matching entry. If a match is found, the terminal moves on to the 1:1 matching step, where it scans the user’s face and compares it with the image registered to the matched card. If the two faces match, access is granted.

Advantages & Disadvantages

1:1 matching is typically faster because it only needs to compare the credential with a single entry. It’s also more accurate because it requires an exact match, which reduces the risk of unauthorized access. This makes it a great choice for places that need a high level of security. However, in face recognition systems, even minor changes in a person’s appearance can result in mismatches and false negatives.

1:Few Matching

1:Few matching is a combination of 1:N and 1:1 matching. Similar to 1:N matching, the system compares a given credential against records in the database to find a match. However, unlike 1:N, this comparison is restricted to a smaller subset of stored entries. After finding a match, it confirms whether the presented credential matches with the specific record, like 1:1 matching. Essentially, this method finds a potential identity match with a narrower search range than 1:N matching, and then verifies identity as in 1:1 matching. 1:Few matching asks two questions: “Which one of these individuals is you?” and “Are you really that person?”

How It Works

This method is used when there’s a known group of people who might be authorized, and the system must determine if the given credential belongs to any of them. For instance, in an office building, the access control system may contain a list of scheduled work hours for each employee. When an employee arrives at work, they scan their fingerprint to gain entry. Rather than comparing the fingerprint against all registered fingerprints, the system checks it against the list of people scheduled to be on duty at that time. If the system finds a match within this subset, it then compares the fingerprint against the one in the matching entry. If these fingerprints match, the employee is allowed in.

Advantages & Disadvantages

1:Few matching not only finds a potential identity match for the person, but also checks the validity of that match. Because the matching process is restricted to a defined group of users, it’s faster and more accurate than 1:N matching. At the same time, since it compares the credential against more than one record, it offers more flexibility compared to 1:1 matching, which requires an exact match to verify identity. However, this method relies on clearly defined subsets of users, where individuals can be grouped by specific criteria like department, role, time interval, etc. Due to this, 1:Few matching may not be suitable for all situation, particularly those without predefined subsets.

Contact 2M Technology for Access Control Solutions

Access control systems use different matching methods to verify whether a person is authorized to enter based on the credential(s) they present. Each has its own advantages and disadvantages, so it’s important to understand them when selecting the right access control system. If you need guidance in finding an access control solution or have questions, reach out to the experts at 2M Technology today. You can contact us by phone at +1 (877) 926-2288 or email us at

Call now