Tag Archives: facial recognition

Facial Biometrics: Liveness and Anti-Spoofing

Most of us understand how fingerprinting works, where we compare a captured fingerprint, from a crime scene for example, to a live person’s fingerprint to determine if they match. We can also use a fingerprint to ensure that the true owner, and only the true owner, can unlock a smartphone or laptop. But could a fake fingerprint be used to fool the fingerprint sensor in the phone? The simplest answer is yes unless we can determine if the fingerprint actually came from a living and physically present person, who might be trying to unlock the phone. 

In biometrics, there are two important measurements, Biometric Matching and Biometric Liveness. Biometric matching is a process of identifying or authenticating a person, by comparing their physiological attributes to information that had already been collected. For example, when that fingerprint matches a fingerprint on file, that’s matching. Liveness Detection is a computerized process to determine if the computer is interfacing with a live human and not an impostor like a photo, a deep-fake video, or a replica. For example, one measure to determine Liveness includes determining whether the presentation occurred in real-time. Without Liveness, biometric matching would be increasingly vulnerable to fraud attacks that are continuously growing in their ability to fool biometric matching systems with imitation and fake biometric attributes. Attacks such as “Presentation Attack”,  “spoof”, or “bypass” attempts  would endanger a user without proper liveness detection. It is important to have strong Presentation Attack Detection (PAD) as well the ability to detect injection attacks (where imagery bypasses the camera) as these are ways to spoof the user’s biometrics. Liveness determines if it’s a real person while matching determines if it’s the correct, real person.  

With today’s increasingly powerful computer systems, have come increasingly sophisticated hacking strategies, such as Presentation and Bypass attacks. There are many varieties of Presentation attacks, including high-resolution paper & digital photos, high-definition challenge/response videos, and paper masks. Commercially available lifelike dolls are available, human-worn resin, latex & silicone 3D masks, as well as custom-made ultra-realistic 3D masks and wax heads. These methods might seem right out of a bank heist movie, but they are used in the real world, successfully too. 

There are other ways to defeat a biometric system, called Bypass attacks. These include intercepting, editing, and replacing legitimate biometric data with synthetic data, not collected from the persons biometric verification check. Other Bypass attacks might include intercepting and replacing legitimate camera feed data with previously captured video frames or with what’s known as a “deep-fake puppet”, a realistic-looking computer animation of the user. This video is a simple but good example of biometric vulnerabilities, lacking any regard for Liveness.

The COVID19 Pandemic provides significant examples of Presentation and Bypass attacks and resulting frauds. Pandemic Stay-at-Home orders, along with  economic hardships, have increased citizen dependence on the electronic distribution of government pandemic stimulus and unemployment assistance funds, creating easy targets for fraudsters. Cybercriminals frequently utilize Presentation and Bypass attacks to defeat government website citizen enrolee and user authentication systems, to steal from governments across the globe which amounts in the hundreds of billions of losses of taxpayer money

Properly designed biometric liveness and matching could have mitigated much of the trouble Nevadans are experiencing. There are various forms of biometric liveness testing:

  • Active Liveness commands the user to successfully perform a movement or action like blinking, smiling, tilting the head, and track-following a bouncing image on the device screen. Importantly, instructions must be randomized and the camera/system must observe the user perform the required action. 
  • Passive Liveness relies on involuntary user cues like pupil dilation, reducing user friction and session abandonment. Passive liveness can be undisclosed, randomizing attack vector approaches. Alone, it can determine if captured image data is first-generation and not a replica presentation attack. Significantly higher Liveness and biometric match confidence can be gained if device camera data is captured securely with a verified camera feed, and the image data is verified to be captured in real-time by a device Software Development Kit (SDK). Under these circumstances both Liveness and Match confidence can be determined concurrently from the same data, mitigating vulnerabilities.  
  • Multimodal Liveness utilizes numerous Liveness modalities, like 2 dimensional face matching in combination with instructions to blink on command, to establish user choice and increase the number of devices supported. This often requires the user to “jump through hoops” of numerous Active Liveness tests and increases friction.  
  • Liveness and 3-dimensionality. A human must be 3D to be alive, while a mask-style artifact may be 3D without being alive. Thus, while 3D face depth measurements alone do not prove the subject is a live human, verifying 2-dimensionality proves the subject is not alive. Regardless of camera resolution or specialist hardware, 3-dimensionality provides substantially more usable and consistent data than 2D, dramatically increasing accuracy and highlights the importance of 3D depth detection as a component of stronger Liveness Detection.

Biometric Liveness is a critical component in any biometric authentication system. Properly designed systems require the use of liveness tests before moving on to biometric matching. After all, if it’s determined the subject is not alive, there’s little reason to perform biometric matching and further authentication procedures. A well-designed system that is easy to use allows only the right people access and denies anybody else.  

Care to learn more about Facial Biometrics? Be sure to read our previous releases Exploring Facial Biometrics. What is it? and Facial Biometrics – Voluntary vs Involuntary.

About the authors:

Jay Meier is a subject matter expert in biometrics & IAM, and an author, tech executive, and securities analyst. Jay currently serves as Senior Vice President of North American Operations at FaceTec, Inc. and is also President & CEO of Sage Capital Advisors, LLC., providing strategic and capital management advisory services to early-stage companies in biometrics and identity management. 

Meyer Mechanic is a recognized expert in KYC and digital identity. He is the Founder and CEO of Vaultie, which uses digital identities to create highly fraud-resistant digital signatures and trace the provenance of Legal and financial documents. He sits on DIACC’s Innovation Expert Committee and has been a voice of alignment in advancing the use of digital identity in Canada.

Additional contributions made by members of the DIACC’s Outreach Expert Committee including Joe Palmer, President of iProov Inc.

Exploring Facial Biometrics. What is it?

Contributions made by members of the DIACC’s Outreach Expert Committee

In 2017 Apple unveiled a new biometric sensor in its flagship iPhone X, and the media couldn’t stop talking about “Face ID.” Fast-forward three years: Face authentication has been well received by users, and face scans are now employed to unlock Google’s Pixel smartphones, as well as devices from many other top-tier manufacturers. And now, Governments and enterprises worldwide are looking to facial biometrics to address their need for trustworthy remote identity verification during and after the global pandemic. And it makes sense, we interact with other humans by seeing, being seen, speaking, and listening, so naturally, our interactions with technology will also evolve toward our most selected for modalities.

In some countries, remote face verification is already being used to prove user identity for many important applications. From remote citizenship verification to pension payments to accessing government services, the face modality can provide a secure way for users to prove their identity without the need to appear in person at a specific location. This tailored biometric technology enables unsupervised users to prove who they are remotely with the devices they already own. 

This blog post defines the most common types of facial biometrics and explores the role that face verification and authentication will play in the future of digital identity, in addition to setting the stage for more in-depth posts on topics such as how user data and privacy are managed, the impact of COVID-19 on face verification, new advancements that enable unsupervised remote access and account creation, Liveness Detection, as well as the more technical aspects of this evolving biometric technology.

There are three common uses for facial matching technology:

  1. Verification answers the question, is this person legally who they claim to be? For example, where a business has a need to confirm your existence, a KYC (Know Your Customer) file can simplify the process to identify you by matching your selfie against the photo which is loaded on your passport chip or to the source ID photo stored in a government database. A digital photo of a user-provided ID Document can also be matched against, but since it is not verified with the issuer of the legal identity and high-quality fake IDs do exist, it provides a lower level of assurance and results in added controls used by companies to compensate for this.
  2. Authentication leverages the ability to match one’s previously enrolled biometric data to log into a device, a website, or application. Face Authentication offers the balance of security and user convenience long sought by consumers.
  3. Recognition seeks to match face data from an unknown individual and make their identity known by finding a match in a database of known faces. This has been known to be used in some countries by law enforcement and border patrol where the person may have limited or no awareness that the face scanning is taking place and have not provided their consent.

Regarding the three uses outlined above, the verification process is of high priority to the public and private sectors alike. Verification through facial biometrics is an approved method of the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC), enabling Canadians to open a bank account without physically visiting a branch. Additionally, in July 2020, the British Columbia Government launched their Send Video feature within the mobile BC Services Card to meet the increased demand for alternative ways to verify a person’s identity in order to activate a mobile BC Services Card and, in turn, making it easier for provincial residents to access online government services during the COVID-19 pandemic and in the future. In these instances, the individual is aware and has consented for their identity to be verified for a product (i.e., account opening) or service (e.g., applying for a driver’s license, services card, or passport).

Verification also addresses the justified concerns regarding privacy. A GAO’s report, The International Biometrics + Identity Association’s (IBIA)Principles for Biometric Data Security and Privacy, states that technological constraints around some facial biometric technologies drive a need for all commercial and civil government applications, organizations to protect biometric data retained by using biometric one-way template transformation. New practices will likely require a liveness detection layer as well, especially when the biometric data is captured in an unsupervised environment. In addition, the IBIA’s Best Practices state that it is good practice to maintain a separation between biometric and associated non-biometric personal information.

The impact of large data breaches is both a significant privacy intrusion and direct financial impact to society in covering the losses due to crime and controls to prevent it. Facial Biometrics can dramatically reduce the criminal demand for data when used for both verification and authentication as a replacement of Knowledge Based Authentication (KBA) by limiting the ability of this information to be used for account takeovers and identity theft. It also has a beneficial side effects by reducing the need for customers to provide unrelated personal information. Knowledge questions such as requesting your mother’s maiden name to open a bank account is a direct contrast against the privacy principle of only collecting the information needed for the relevant purpose. With no reasonable expectation that Data Breach frequency will decrease in the future until wide-scale Knowledge Based Authentication has been replaced, biometrics have begun to bridge the confidence gap, while reducing the added friction.

Policymakers, privacy advocates, and regulators understand that new technologies are being added to existing facial biometric matching to render leaked personal data useless and ensure that any leaked biometric data is both isolated and encrypted to reduce the impacts on individuals from an identity fraud perspective. Liveness detection technology, for example, prevents malicious users from reusing biometric data by requiring a 1st generation capture of new data every time for verification of an individual. It is also common practice not to store face images in databases unencrypted; instead, photos are converted into data in a string of numeric values commonly referred to as a biometric template. 

Face matching and Liveness Detection are powerful technologies that, when combined, enable privacy-preserving biometric use cases like replacing easily guessed or compromised passwords and health-preserving social-distancing use cases like remotely opening a bank account. Many are starting to agree that these security and usability benefits are a tremendous improvement over the previous generation of authentication methods.  

In short, for the purposes of allowing a user to positively identify themselves from their own device, only face verification and face authentication are employed. Face verification creates trust, while face authentication maintains it. Both functions are covered in the Pan-Canadian Trust Framework™ that is intended to support a robust digital identity, trust ecosystem that will allow all Canadians to do more online, in a safer, more secure, and confident way.