BioID Liveness Detection compliant with ISO/IEC 30107-3
German accredited laboratory TÜViT successfully audits BioID PAD on level A and B attacks
Nuremberg, Germany – February 1st, 2021
Biometrics-as-a-Service provider BioID GmbH today announced the official PAD evaluation report by TÜV Informationstechnik GmbH (TÜViT) was issued. BioID Liveness Detection was successfully audited both on level A and level B attacks and is compliant with ISO/IEC 30107-3.
The FIDO accredited biometric laboratory TÜViT tested against criteria based on FIDO Biometric Certification Requirements v1.1 (FIDO1.1) and ISO/IEC 30107-3:2017. The applied criteria are considered by TÜViT to be stricter than FIDO1.1, so as the test was successful, the FIDO criteria are also regarded as being met.
In 1000 spoofing attempts, various photos, paper masks, and moving videos on different displays were used by TÜViT to challenge the anti-spoofing system. In addition, a bona fide test with live people, designed for auditing correct live classifications, was performed. The bona fide test validates that the presentation attack detection mechanism, while being secure, is also appropriate for its intended application. Both tests were passed successfully.
ISO/IEC 30107 for PAD
ISO/IEC 30107-3 is the international standard for presentation attack detection. It includes methods for the performance assessment of PAD mechanisms. It gives guidance on how to report testing results from evaluations of presentation attack detection mechanisms. Also, the ISO standard includes a classification of known attack types. The attack classes can be grouped into levels A, B, and C, or are called levels 1, 2, and 3. For an overview of different presentation attack classes, go to this article on “Liveness Detection Certification”.
Europe’s first issued FIDO biometric certification relies on BioID PAD
In addition to the independent testing procedure conducted by TÜViT, BioID’s liveness detection has also been validated during a customer’s FIDO biometric component certification in 2020. This certification is based on the standards ISO 19795 and ISO 30107. BioID PAD is one of the first solutions in the world to achieve this certification. During the certification process, the accuracy of the BioID Liveness Detection was evaluated with hundreds of spoofing attacks carried out using a variety of materials, including photo prints on different media and materials, 3D avatars, and video projection. An overview of the different testing metrics, certifications, and evaluations available can be found here.
Liveness Detection for anti-spoofing in identity verification
BioID Liveness Detection requires only two selfies and ensures they are captured from a live person in real-time. Fakes like photos, video deepfakes, or masks of various materials are reliably detected to ensure the integrity of a registration or authentication process. The BioID Liveness Detection works with any standard RGB camera and does not require special sensors. It is used by customers worldwide in the private and banking sectors, as well as by government service providers. In addition, it is a security mechanism for work-from-home authentication.
“As a pioneer for liveness detection since early 2000, BioID is proud of two different independent accreditations for our PAD technology. As we are working with multiple government suppliers, such objective third-party measurement is of great value. It complements the real-life approval from multiple years of efficient fraud prevention for our customers worldwide,”, says BioID CEO Ho Chang.
About TÜViT Informationstechnik GmbH
TÜV Informationstechnik GmbH is focused on the testing and certification of security in information technology. As an independent testing service provider for IT security, TÜV Informationstechnik GmbH is an international leader. Numerous customers already benefit from the company’s tested security. The portfolio includes cyber security, evaluation of software and hardware, IoT/Industry 4.0, data protection, ISMS, smart energy, mobile security, automotive security, eID and trust services, as well as testing and certification of data centers with regard to their physical security and high availability. TÜV Informationstechnik GmbH, founded in 1995 and headquartered in Essen, is a company of the TÜV NORD GROUP, which operates as one of the largest technology service providers with more than 14,000 employees and business activities in 100 countries worldwide.
TÜViT is the umbrella brand of the business unit IT, one of the six globally positioned business units in the TÜV NORD GROUP. The business unit IT is represented by the companies TÜV Informationstechnik GmbH and the consulting company TÜV NORD IT Secure Communications GmbH & Co. KG, which is based in Berlin.
+49 911 9999 898 0