BioFRQ
identity verification · for product teams
We run the AI. You ship the feature.
Under 1 second
to verify a customer
Onboarding flows that took a courier or a manual reviewer now finish before the customer puts their phone down. Pass / fail in a single API call.
Per-execution pricing
no enterprise contract
Pay for the calls you make. No per-seat math, no annual minimum, no per-region multiplier. A free tier large enough to evaluate end-to-end.
Privacy by design
documented for legal
Raw images aren't stored. Right-to-be-forgotten is one API call. Privacy, Acceptable Use, and Security pages published on day one — bring them to your legal review.
privacy · platform · math
Face recognition that won't lose your sales cycle to a 90-day security review, and won't cost your engineering team three months of ML plumbing.
0
raw images stored
We do not persist the image you send. Only a non-reversible mathematical representation for enrolled subjects, isolated per customer.
9
actions, one endpoint
detect, liveness, verify, identify, enroll, attributes, list, get, delete. One HTTPS URL. One auth header.
365
days of audit, every call
Every request: latency, status, cost, requester. Export-ready for your compliance team without a support ticket.
quickstart · sixty seconds
01
Sign in, create a project, copy the API key. Two clicks from a fresh account.
02
One endpoint. One auth header. One JSON envelope. The shape is the same for every action.
03
The envelope never changes; only the result object varies by action. Wire it into your code once.
api.biofrq.com — v1/face/execute
▸ request
curl -X POST https://api.biofrq.com/v1/face/execute \
-H "X-Api-Key: $BIOFRQ_KEY" \
-H "Content-Type: application/json" \
-d '{
"action": "biofrq.detect",
"params": {
"images": [
{ "kind": "image", "bytes": "<base64>", "contentType": "image/jpeg" }
],
"maxFaces": 1
}
}'◂ response · 187 ms
{
"ok": true,
"requestId": "req_8a7c1f3e4d2b",
"action": "biofrq.detect",
"data": {
"results": [
{
"index": 0,
"correlationId": "auto-0",
"ok": true,
"value": {
"faces": [
{ "faceBox": { "x": 142, "y": 88, "w": 196, "h": 244 }, "confidence": 0.987 }
]
}
}
]
},
"errors": []
}Same envelope for every action. read the reference · getting started guide.
how it works · three actions, one envelope
Every BioFRQ action follows the same shape — one HTTPS POST, one JSON envelope back. Watch analyze, verify, and identify run live below: request, response, and what it actually means.
01 · biofrq.analyze
0%
one image · every answer
02 · biofrq.verify
—
two specimens · compared
03 · biofrq.identify
—
the catalogue · searched
biofrq.analyze · one image · every answer
01 · request · biofrq.analyze
POST · application/json
01 · request
0%
02 · response
—
03 · interpretation
—
what builders ship with it
Pick the shape that maps to your product. Compose the actions listed; the API reference has the exact request/response per call.
kyc + onboarding
Replace the manual document review with a live selfie check that runs in under a second. Liveness gates out screen replays before they ever reach a reviewer. Verify compares the selfie to the document portrait and returns a single match decision your pipeline can store.
≤ 1.3 s · selfie + ID match · P95
workforce
Enroll your workforce once. A camera at the entry captures a face, identify ranks it against the gallery, your turnstile fires if the top candidate clears the threshold. Every entry logged against a subjectId you own.
≥ 10 RPS · 1,000-subject gallery
membership
Gyms, lounges, private clubs, ticketed venues. A member walks in; identify returns their subjectId; your front-of-house sees the right name and the right tier. Right-to-be-forgotten is one delete call, processed the same call.
P95 800 ms · scale to 100K members
regulated
Build a regulated-industry watchlist and screen every new customer against it. Documented governance for who can add a subject; identify returns a candidate list with scores; reviewers act on what crosses the threshold. Audit log every request.
365-day request log · audit-export ready
capabilities · nine actions
Four end-to-end flows below, plus five composable actions at the bottom. Together they cover every face-recognition workflow we have shipped. Each row has the actual JSON request and response one click away.
001 · biofrq.analyze
Send one image, get everything back in one call: face detection, liveness verdict, age, gender, and mood. The composite call that gives a frontend a full read on the subject in a single round-trip.
Used when the front-of-house needs every fact about a face at once — onboarding flows, member walk-ins, single-form KYC, attention dashboards.
— One image, four answers.
002 · biofrq.verify
Confirm two faces are the same person. Send two images, get a match boolean, a similarity score, and the threshold the decision used.
Used for KYC selfie-to-ID matching, login face-check against a stored enrollment, change-of-account verification.
— Two specimens, compared.
003 · biofrq.identify
Match a face against your gallery. Send an image and a group name, get back the top-K candidates with their subject IDs and scores.
Used for employee attendance, member recognition at entry, watchlist screening, lost-and-found reunification.
— The catalogue, searched.
004 · biofrq.enroll
Add a face to your gallery. Send an image, a subject ID, and optional attributes; the face becomes searchable via identify and verify-by-subject.
Used for onboarding employees, registering customers, building a watchlist from scratch.
— A new specimen, typeset.
also in the API
biofrq.detect
Find faces in an image. Bounding box and confidence per face, nothing else. The cheapest call — use it as a gate before liveness, verify, or identify.
biofrq.liveness
Decide whether a face is genuine or a presentation attack. Rejects screen replays, printed masks, and photos of photos. Gate user-submitted selfies on this.
biofrq.attributes
Estimate age, gender, and mood from a single face. Use for anonymous analytics, attention measurement, demographic-blind dashboards.
biofrq.update
Replace the stored face representation or attributes for a subject already in the gallery. Refresh an enrollment without a new subject ID.
biofrq.deleteSubject
Remove a subject and every face representation associated with them. Idempotent. The right-to-be-forgotten path in a single call.
why builders pick biofrq
The two realistic alternatives, and where BioFRQ sits. No chart-junk, no asterisks.
performance · published baseline
0 RPS
sustained throughput
single face per request · production load
0 ms
p95 latency
single-face execute · cold cache
0.0%
uptime SLA
scale tier · billed against
Numbers from a single production node under sustained load. These are the minimums every release ships against — a slowdown below them is a build-blocker. Scaling horizontally is a straight multiply.
| action | sustained RPS | p95 latency | notes |
|---|---|---|---|
| biofrq.detect | ≥ 25 | ≤ 250 ms | single face per image |
| biofrq.liveness | ≥ 12 | ≤ 700 ms | passive · single frame |
| biofrq.verify | ≥ 15 | ≤ 600 ms | 1:1 match |
| biofrq.identify | ≥ 10 | ≤ 800 ms | 1:N · 1 K gallery |
| biofrq.identify | ≥ 6 | ≤ 1200 ms | 1:N · 10 K gallery |
| biofrq.enroll | ≥ 8 | ≤ 900 ms | with dedup gate on |
questions
No. Raw input images are not persisted. For enrolled subjects we store a mathematical face representation (not the image), isolated per customer and not reversible to a picture. Right-to-be-forgotten removes it in a single API call.
BioFRQ is engineered for GDPR. Face embeddings are special-category biometric data under Article 9; the lawful basis is the customer's (consent, contract, legitimate interest). Right-to-be-forgotten is a single deleteSubject call. The Privacy and Acceptable Use pages document the full posture for your legal review.
Accuracy is benchmarked against standard public face-recognition datasets and tracked release-over-release. We don't publish specific model identities — that lets us upgrade to better models without breaking your contract. What we do publish: the latency you can expect, the API behaviour, and the accuracy posture for each action. The contract is the API.
The Scale and Enterprise tiers include dedicated infrastructure options. Full on-prem with our model bundle is on the Enterprise tier; contact us with the operational shape and we'll cost it.
Under sustained load: detect P95 ≤ 250 ms, liveness ≤ 700 ms, verify ≤ 600 ms, identify (1K gallery) ≤ 800 ms. These are published minimums each release must hold. See the Performance section above for the full table.
Acceptable Use enumerates the boundaries: mass-surveillance scraping, covert identification without lawful authority, profiling for legal-effect decisions without review. Reports go to abuse@biofrq.com; substantiated misuse results in enforcement action up to termination.
Today the API is per-image. For video you typically sample frames (5-10 fps) and call detect / liveness / identify per frame on your side. Native streaming support is on the roadmap for Enterprise customers with a documented use case.
Different question? Write to hello@biofrq.com — we reply within one business day.
ready when you are
Two clicks to an API key. One curl to your first response. The first 10,000 calls are on us, no card required.
no contract
Pay per call. Cancel by stopping the calls. No annual minimum, no per-seat math, no per-region multiplier.
privacy by default
Your images are not stored. Subject deletion is one API call. Privacy, Acceptable Use, Security pages published.
answers, not tickets
Write to hello@biofrq.com. We reply within one business day.