UFME is an open-source biometric face matching engine built for real-world deployments. Sub-300ms 1:N search, ISO-compliant quality assessment, and presentation and morphing attack detection — in a clean hexagonal architecture you can reason about.
# Enrol a subject
curl -X POST https://api.ufme.dev/api/v1/enrol \
-F image=@passport.jpg \
-F 'metadata={"subject_id":"SUB-001","partition":"border"}'
# 1:N search — returns ranked candidates in <300ms
curl -X POST https://api.ufme.dev/api/v1/search \
-F image=@probe.jpg \
-F 'metadata={"partition":"border","top_k":5}'
# XML response with ranked candidates and similarity scores
<response version="1.0">
<status>SUCCESS</status>
<result><candidates>
<item>
<subject_id>SUB-001</subject_id>
<score>0.9847</score>
</item>
</candidates></result>
</response>UFME bundles the full biometric pipeline in one cohesive system — not a collection of scripts.
IVF-PQ with M=64 compresses 2,048-byte vectors to 64 bytes. Scatter-gather across 4–6 Rust shards with exact reranking recovers Recall@1 to 97%+. Runs on commodity hardware — no GPU required.
MiniFASNetV2 (PAD) detects print, replay, and 3D mask attacks. HRNet-W18 (MAD) detects morphed document photos at enrollment. Both are composable pipeline stages — disable either without touching domain logic.
eDifFIQA(T) provides inline quality gating. OFIQ adapter available for offline ISO/IEC 29794-5:2025 compliance audits. Quality measurement and accept/reject policy are cleanly separated.
Core domain has zero external dependencies. Every infrastructure concern — FAISS, ONNX, gRPC, event log — is an adapter behind a Protocol interface. Swap any component without touching business logic.
Mutations are append-only events via EventLogPort. FAISS indexes are immutable epochal snapshots rebuilt by a Rust compaction worker. No in-place index mutation — safe to read while writing.
Ten dict-in/dict-out stages connected by async queues. Each stage declares what keys it requires and produces. Gates are pure closures with thresholds injected at construction — no embedded policy.
High-throughput 1:N search against national watch-lists. PAD and MAD stages reject spoofed documents before any match is attempted.
Detect duplicate identities across a national register. Event-sourced gallery with compaction ensures consistent state at any scale.
Fast 1:1 verify at turnstiles or 1:N search across site partitions. Quality gate prevents low-quality captures from degrading the gallery.
Morphing attack detection at KYC enrollment protects against synthetic identity fraud. ISO 29794-5 compliance for regulated markets.
Configurable partitions segment galleries by jurisdiction. Scatter-gather across shards returns ranked candidates with similarity scores and full audit trail.
Swap any model adapter without changing orchestration. Built-in accuracy benchmark compares IVF-PQ vs brute-force recall at configurable gallery sizes.
Strict hexagonal architecture. The core domain has zero external dependencies — every infrastructure concern lives in an adapter behind a Protocol interface. Swap any component without touching domain logic.
UFME is under active development. Join the waitlist to be notified when the hosted API, Helm chart, and benchmarked model weights are available.
No spam. Unsubscribe any time.