'Facial recognition' covers a lot of ground, and most of the worry around it comes from systems that identify strangers or act on their own. Retail facial recognition, done responsibly, is narrower and a lot less dramatic than the headlines. It compares a face the camera has already seen against a list the retailer built, and it asks a person to check before anything happens. Here is exactly what happens, step by step. The 47-second walk-through shows the same flow.
What a watchlist actually is
A retailer using QuantumEye maintains two lists of its own. A watchlist of individuals previously involved in incidents at their stores, added under the retailer's own lawful basis, and a whitelist of staff, contractors and trusted visitors. Face recognition only ever compares a detected face against these lists. It does not try to identify members of the public against a national or third-party database. If a face is not on your list, there is no match and nothing to review.
How a match is made, step by step
- The camera sees a face. Detection runs on a small edge device in the store, on the CCTV you already have. Only the face is used, not the whole scene.
- The face becomes a number. The image is converted into a mathematical vector, a numeric representation of the face. That vector, not the photo, is what gets compared.
- It is compared to your list. The vector is checked against the vectors of the people on your watchlist, and the system returns a similarity score against the closest entry.
- A threshold decides whether to flag. If the score clears the threshold you set, the system raises a possible match, marked 'review required'. Below it, nothing is raised.
- A person reviews it. The alert lands on the dashboard and on the manager's phone, showing the detected face beside the reference, the score, the store and the time.
- A human decides. They tap Confirm match or Not a match. Only a confirmed match can lead to any action. The algorithm never acts on its own.
- Everything is logged. The alert, who reviewed it, the decision and the timestamp all write to an append-only audit trail.