Continued NIST testing is certainly valuable, but (as Zach noted) tests are...tests. I recently observed that some agencies/customers may choose to perform tests using their own data, rather than a third party's (NIST's) data. Of course, many agencies aren't going to have millions of pictures that are going to be used for such tests.
I'm curious about the usual database size that is maintained by IPVM readers. Are your clients' database sizes in the hundreds? Thousands? Millions? This could potentially impact the threshold settings that you use.
I hope that NIST continues to update these test results, in the same way that it is updating other FRVT test results. Perhaps in the future NIST may incorporate some other measurements into the mask tests, such as required processing power.
NIST has access to some pretty labeled and extensive data courtesy of the State Department and other government organizations. They don't even need to do "10-year challenges", because visas, passports, and drivers-licenses all need to be renewed.
But they do lack surveillance style footage: taken from above head height, possibly at a distance, with various lighting conditions, etc. One big question is how well the tests predict performance taken from above with a large vertical angle.