Facial Authentication


In the case of Access or Ticketing, it is misleading to refer to the system process as ‘Facial Recognition’ in its traditional sense. Generally, Facial Recognition systems are used by law enforcement or security agencies to identify an unknown individual by running an image through a large database. This process is generally referred to as a ‘One to Many’ or ‘1:N’ system or “in-the-wild.”

Contrary to this practice, Wicket Access and Ticketing are utilizing a ‘One to One’ or ‘1:1’ match. The system is simply verifying the identity of an individual that has already provided consent to be in the system.

Algorithm Bias


The Wicket algorithm enhancements were developed entirely in-house by our team of scientists based in Cambridge, MA, and were designed to address bias. A match or verification is done based on a set of data points converted to a unique identifier and not matching a picture. For this reason, performance is limited only by the quality of the source video or images, which are based on:

a) pose or which way the person is looking, b) occlusion or facial hair, hats, glasses or masks, and c) Illumination or lighting, and are not dependent on age, skin tone, gender, etc.

Data Privacy & Security


In all product cases, all decisions and analyses are made locally (i.e., Edge-Decision) on the device instead of sending data back and forth to a cloud server (i.e., Cloud-Decision). Local decisions help minimize the possibility of information being intercepted. Additionally, all data is encrypted at industry standard levels both at rest and in transit.

Personally Identifiable Information


PII is only used when necessary for the stated use of the Product, and Wicket makes all efforts to minimize exposure and protect Customer and User data at all times. PII is never given, sold, transferred, or otherwise utilized for any purpose other than the Wicket product’s stated use. Additionally, it is possible to use a unique identifier associated with a User image such that the User image is not associated with any other information.

Facial Authentication

All PII is provided by the Customer or User directly and is encrypted at all times while in the Wicket environment.

Audience Metrics

All image analysis is done locally, and data is purged immediately after being analyzed. Wicket has no way to identify or associate an image used for demographic analysis with any individual or their PII.

Crowd Management

No PII is ever captured, analyzed, or stored.

Content Management

Publish does not use any cameras or other operation sensors, so PII is not relevant in this case.



Wicket employs a series of software and hardware solutions to combat spoofing attempts. The system has proven to work against printed and screen images and video.

Presumption of Anonymity


Opposed to traditional CCTV and surveillance camera systems or VMS (video management systems) that exist and record endlessly 24/7, Wicket Software systems do not record any video. No still image captured can be identified as a particular individual without being an opt-in User.



For Facial Authentication Features (Access), all users must actively opt-in after being presented with the privacy policy before uploading their image into the system. Only the faces of Users that present themselves to an Access or Ticketing touchpoint are scanned, and only scanned images are stored. If an image is captured of a person that has not Opted In, there is no way for Wicket to identify that individual, and the captured image is purged within 90 days of its capture. The software is designed specifically to limit the chance that a non-User image is captured, but it is possible. Users can easily opt out at any time, and all records will be purged within 90 days.

Audience Metrics

Any image capture falls reasonably within the bounds of what is already being captured by existing security cameras. All images are purged immediately following analysis, typically within 7 days of capture.

Crowd Management

As no video or stills are captured, and the analysis is based on non-identifiable and non-unique body features (presence of arms, legs, etc., strictly for counting purposes) and done in real-time, an opt-in or opt-out is not applicable.

Content Management

Publish does not use any cameras or other operation sensors, so opt-in and opt-out are not relevant in this case.

Lock and Shield Data Privacy Symbol

Match on Device


While some competitor’s systems rely on a constant flow of data between the camera and a cloud server to make decisions, the Wicket Software systems are designed to ‘Match on Device.’ Beyond the improved speed and efficiency of this architecture, it also dramatically cuts down on the amount of data flowing back and forth, limiting exposure. Additionally, it means that the system can continue to function as usual in the event of a loss of internet connection. The only disruption would be that decision logs would not update in the web dashboard until the connection is restored, at which point all cached decisions would automatically upload.

Video Recordings


None of the Wicket Software products records any video, nor are they designed to be used as a ‘live viewer’ the way typical CCTV systems are set up. Because no video is recorded, it can’t be viewed or shared.

Data Image & Sharing


Wicket does not use, transfer, or sell images or other personal information it collects for any other purpose, including any law enforcement purpose unless allowed or required by law.

Data & Image Retention


Wicket products require that different data and images be captured and held for varying timeframes based on the use case. Wicket policy only captures and holds images and data necessary for product functionality and only for the shortest time possible. Wicket does not have any interest in or incentive to hold and data or images for any purpose other than the stated product usage.

Facial Authentication

Images of the faces of individuals that present themselves to an Access touchpoint are captured and retained for logging purposes. If an individual who is not enrolled in the system presents themselves so that the system deems them a potential User, that individual’s image is captured as well. All non-User images are purged no later than 90 days following the initial capture. No additional data or information is captured, sought, or retained about any individual.

Audience Metrics

Only ‘Crop Images’ of faces are captured for Audience data analysis, and all images are purged immediately following this analysis. Typically, this analysis is completed within 12 hours of the initial capture but could take longer based on computational and other related constraints. All images are purged no later than seven days after the initial capture. No additional data or information is captured, sought, or retained about any individual.

Crowd Management

No data or images are captured or retained.