EyeDetect, developed by Converus, is the most widely deployed alternative to polygraph in security screening contexts. It measures ocular-motor responses — pupil dilation, blink rate, reading patterns — during a structured computer-based test, arguing that deception produces measurable differences in these parameters. It is peer-reviewed, non-contact, and has been adopted in several law enforcement and government screening programmes internationally. EchoDepth is a different category of tool. Understanding the distinction matters for procurement decisions.
The Core Difference: One Channel vs Forty-Four
EyeDetect's measurement basis is pupillometry — specifically the observation that cognitive load and deception produce measurable changes in pupil diameter and eye movement patterns. This is a genuine physiological phenomenon supported by research. The limitation is that it is a single channel: pupil response is sensitive to lighting conditions, medications, fatigue, and many factors unrelated to deception.
EchoDepth analyses 44 FACS-compliant facial Action Units simultaneously — 44 distinct channels of facial muscle activation, each corresponding to a specific muscle or muscle group. AU combinations provide redundant, cross-validating evidence for emotional and cognitive states. A stress response that suppresses on one AU channel typically shows on several others. This multi-channel redundancy is significantly more robust than single-channel pupillometry for detection in adversarial conditions.
| Capability | EyeDetect | EchoDepth |
|---|---|---|
| Measurement channels | 1 — pupillary response | 44 FACS Action Units simultaneously |
| Hardware required | Proprietary infrared eye-tracking camera + controlled lighting | Standard RGB camera at 720p minimum — existing CCTV or webcam |
| Test protocol | Structured computer test — subject must complete specific question sequence | Any interaction — interview, training, routine access — no structured protocol required |
| Cloud dependency | Yes — results processed on Converus servers | None — fully on-premise, zero external transmission |
| SCIF / air-gap deployable | No — requires external connectivity for result processing | Yes — Docker on-premise, no outbound calls |
| UK data residency | ⚠ US company, cloud processing | Yes — default; all data in UK |
| Real-time continuous output | No — session/test only | Yes — ~700ms latency, continuous AU stream |
| Works during natural interaction | No — requires dedicated test session | Yes — interview, review, access session |
| Countermeasure resistance | ⚠ Pupil suppression documented in literature | Higher — 44 channels, temporal sequencing, micro-expression detection |
| SIEM integration | No | Yes — REST API, WebSocket, Splunk, Sentinel, QRadar |
| Insider threat / continuous vetting | No — point-in-time only | Yes — baseline + continuous anomaly scoring |
| UK-developed and hosted | No — US (Converus, Lehi Utah) | Yes — Cavefish Ltd, Cardiff, Wales |
When EyeDetect Is the Right Tool
EchoDepth's position is not that EyeDetect is without merit. It is a peer-reviewed, non-contact alternative to polygraph that measures a genuine physiological signal. In environments where a structured computer-based test protocol is operationally feasible, where external cloud connectivity is acceptable, and where the measurement of a single cognitive channel is sufficient, EyeDetect is a reasonable choice.
The specific use cases where EyeDetect works well include pre-employment screening in non-classified environments, customs and border screening programmes that can accommodate a structured protocol, and law enforcement applications in jurisdictions where it has been validated.
When EchoDepth Is the Right Tool
EchoDepth addresses a different set of operational requirements. For environments where SCIF or air-gap deployment is mandatory — EyeDetect cannot operate there. For continuous vetting and insider threat monitoring — EyeDetect's structured test protocol makes continuous monitoring operationally impractical. For integration with existing SIEM infrastructure — EyeDetect has no SIEM integration capability. For deployment on existing camera infrastructure without specialist hardware procurement — EyeDetect requires proprietary cameras.
For UK defence and intelligence procurement, the sovereignty question is also relevant: EyeDetect processes results on US-based servers. EchoDepth is developed, hosted, and processed entirely within the UK.
Both tools are also measuring different things. EyeDetect measures one channel of ocular-motor response during a structured test. EchoDepth measures 44 channels of facial muscle activation during any interaction, providing both point-in-time credibility assessment and continuous longitudinal monitoring. These are complementary capabilities, not equivalent alternatives.
The right question for procurement
If you need a structured, discrete credibility screening session in a non-classified, cloud-connected environment: EyeDetect is a viable option. If you need SCIF-compatible deployment, UK data residency, continuous vetting, SIEM integration, or monitoring during natural interactions rather than structured tests: those requirements point to EchoDepth.