Magic Kingdom now testing facial recognition for theme park entrance in place of finger scanners

18 days ago in "MyMagic+"

Magic Kingdom main entrance Facial Recognition test

Disney has today begun testing facial recognition at the main entrance of the Magic Kingdom.


The new system employs a touchless system that aims to eliminate the need for the fingerprint scanners that have been used for many years at the parks.

Participation is optional, and the testing will be available for the next 30 days through April 23 2021.

To use the system you need to remove any hats and glasses, but masks remain in place.

Here is the full information from Disney on how the system is used and how the data is collected.

At Walt Disney World Resort, we're always looking for innovative and convenient ways to improve our Guests’ experience—especially as we navigate the impact of COVID-19.

With the future in mind and the shift in focus to more touchless experiences, we’re conducting a limited 30-day test using facial recognition technology (length of test subject to change).  The technology we’re testing captures an image of a Guest’s face and converts it into a unique number, which is then associated with the form of admission being used for park entry.  Participation in this test is optional. For those interested in volunteering to participate in this effort, please make sure you arrive with valid theme park admission and a Disney Park Pass reservation.

Note: children under the age of 18 who wish to participate may do so with the consent and in the presence of a parent or guardian.

What to Expect

Step 1: Enter the Facial Recognition Technology Test Lane
When you’re ready to enter the park, simply enter the lane designated for the test program.

Step 2: Remove Accessories, But Keep Your Face Covering in Place
Please take off any hats, visors or sunglasses before you approach the facial recognition test zone. Your face covering must remain on at all times.

Step 3: Face the Camera
Once in the facial recognition test zone, stand facing the camera and then position your valid park admission or MagicBand close to the scanner to activate the technology. The technology will capture an image, which will be converted into a unique number that will be associated with your valid ticket media.
You’re All Set!

If you return to Magic Kingdom park during our limited-time test, consider entering using the same designated entry points. Re-entering through the same lanes helps us better understand how the technology works.

Important Details

The security, integrity, and confidentiality of your information are extremely important to us. We have implemented technical, administrative, and physical security measures that are designed to protect Guest information from unauthorized access, disclosure, use and modification. Please be aware that, despite our best efforts, no security measures are perfect or impenetrable.

Images and the associated unique numbers captured for this technology test will be discarded within 30 days after the test concludes. We will not share the images and unique numbers captured for this test with third parties.

Participation in this test is optional and limited. Guests who have valid theme park admission and a Disney Park Pass reservation may use another line for park entry.

Discuss on the Forums
Article Posted: Mar 23, 2021 / 1:57pm ET
View all comments →

Walt d4 days ago

Its a good time to add prosthetics to your face and change it for the Picture just like Halloween eyeglasses big fake nose sideburns. Its limitless scars. You could have fun with it and make there Secret photo all wacky.. then next time the Computer will explode trying to figure it out!

spock811311 days ago

Ahhhhhhheeeeeeaaaayeeeaaahhhhhhhh, um, er, ah, I dunno

Goulle Fatouille11 days ago

My point was that they CAN'T reconstruct the face back if they know the algorithm. The information currently scanned is far insufficient for that. They can tell the basic shape of the face (oblong, wide, off-center, brow, etc..) but not the face color, eye color, skin complexion, skin type, nose length, wrinkles, bruises, amount of hair, ear shape, etc, and etc... I think I heard that the result of this simple facial scan narrows the owner down to an approx 1 in 2000 facial 'types' - which is enough to make the illegal sharing of a park ticket a rare occurrence. Even Mickey Mouse and the other Disney characters fit into these (approx) 2000 facial types and with the limited additional information Disney keeps, would be just as hard to recreate. All you'd have to go on is 'big eyes' and 'big nose' - which could be a lot of people.

SteveAZee11 days ago

That's one of the nice things about RSA coding and the like. It's nearly impossible to reverse engineer/decode a number if you don't have both of two very large prime numbers that are used to generate the encoded message. To decode it, you need to take a VERY large (200+ digits) number and find the two prime numbers used to generate it, something even VERY fast computers can take years to discover because it requires exhaustive iterations. You can even give someone part of the encoding process, from which they can encode a new message, but without the set of two primes, one can't decode anything. There are papers on the subject; it has been around for... 40 years? Two of my three professors in school came up with it. (R and A, for those scoring at home).

LovePop11 days ago

The fact that it's a number doesn't make it less invasive. All information on the computer is in the end numbers. It just means somebody who has the number can reconstruct the face back if they know the algorithm. But I'm fine with face recognition as long as it works as one might expect. If it takes too long and creates a time consuming entry process, or if it equates me to a criminal and have me arrested, than I wouldn't like it so much.

1HAPPYGHOSTHOST12 days ago

Goulle Fatouille12 days ago

I know that the data messaging, between the gate terminal and the park server(s), is RSA encrypted. The data gathered by the facial-recognition is encrypted differently, by the manufacturer. I don't know what algorithm they use. And the number you refer to is 48 bytes long (not including header(s) and CRC). Just a number I guess, although quite a large one...

Goulle Fatouille12 days ago

I have no insight into what plans, if any, Disney has for the technology but as you point out, major uses of the technology would require a much different (bigger) set of data, more bandwidth and would probably raise many concerns over privacy. Let's see how the early testing works out and then perhaps there will be more news from Disney on this.

_caleb15 days ago

Thanks for outlining how it works! I'm not concerned about this at all, just curious what they'll end up doing with the technology in addition to just trying to cut down on ticket sharing and keeping banned people out. I have not seen Disney comment one way or the other about using the same system for things like Photopass, personalization, etc. I would imagine things like that might require storage of a bit more information (plus a lot more processing power). Any insight into these extended applications?

SteveAZee15 days ago

I wonder if they use RSA encryption on this stuff, if the end result is just a number.

Goulle Fatouille15 days ago

It is my understanding that Disney DOES store an encoded hash of every guest's finger scan that participates. The hash is a simple one, taken from 5 points on the print (there would be no way to recreate your fingerprint from the small amount of information they store). All that is important at the gate is that those 5 points from today's scan match (more or less) the 5 points initially measured. The probability that someone else using your ticket would match your original print measurements is very small, and that's enough for what Disney is trying to achieve here. The same is true for facial recognition. 9 distance measurements are made around points on your face and then those numbers are stored, to be used the next time you enter. Again, there is no way Disney could recreate enough of your facial features to make the stored data useful to a hacker - they just want it to match your new scan every time you enter the park. Currently, and for this test, Disney is storing the entire facial image, as well as the individual measurements. This is a test after all, and they need more information than normal to debug the system and algorithm. Once the test is complete, Disney will erase the full image scans as well as the test measurements. If they decide to put the system into full time use, they will start from scratch using the basic measurements only. In both of the above situations, the stored data is encrypted. The encryption is very similar to that used to store your banking website password (that's why you can't get your human-readable password restored by the bank should you lose it). The original measurements (or banking website password) can not be recreated from the encrypted data - the comparison being done when you re-enter the park are between the data encrypted at the terminal and the stored, encrypted data in the database, making it almost impossible for a hacker to use that data after possibly hacking the guest database (this would be the same for stored credit card numbers, and other sensitive information that you gave to Disney). It's really a one-way street because the original human-readable numbers never directly leave the gate area, only encrypted data. The goal, of course, is to both cut down on guests illegally sharing the ticket(s) and to take CMs out of the security loop (as unreliable). And just like most loss-prevention method, being 100% effective is never really achieved - but Disney will keep trying new things to bring that effectiveness as close as possible to 100% as long as the cost of the system doesn't overshadow the small loss they are trying to fix. Another example of this would be shoplifting. Disney has cameras and under cover security at work to prevent this but they will never catch 100% of the shoplifters. They would need many more security persons ($$$) and many more cameras ($$$) to do that. But as long as they can keep the losses down with the staff they have, it's enough. Side note: WDW security does also have a full featured facial recognition system. It's expensive and operated manually. The only stored data on that system represent those that have been flagged by security for one reason or another (banned guests for example). The stored data is on a system that is not connected to the internet, or to any other internal system, and thus even more impossible to hack. That's my understanding anyway. Sorry I went on a bit long...

GimpYancIent15 days ago

The tech has been in use for a while in a multitude of applications no one disputes that. Yes it is actually very useful to Law Enforcement and Security of sensitive facilities. Airports for instance, absolutely! I have only been posting reference to Disney and the applicability of the tech to what Disney purported purpose / needs are. Obtaining facial images of guests can be done w consent of the guests in a fully welcoming (non-intimidating, non-terminator-ish ) manner. Have you read the disclaimers? There is reason for the disclaimers. No an army of photopass photograhers are not needed as Disney already has automated systems in use already just add them to the park entry points. Amusement parks, hey, make it amusing. Anyway, Disney will do as it wishes, if, the results are not beneficial to Disney it will be abandoned.

_caleb15 days ago

I know that in the past Disney has not stored guests’ thumbprint scan info. It is not clear to me from the info released that they’ll do the same with facial recognition scans after the initial test period. The official statement from Disney reads: “Images and the associated unique numbers captured for this technology test will be discarded within 30 days after the test concludes.” and "We will not share the images and unique numbers captured for this test with third parties.” This is NOT Disney’s policy for future implementation of the technology— just how they’ll handle the data obtained during the test.