BioID Face Liveness Detection
Reliable Anti-Spoofing against Biometric Fraud
With increasing online fraud and identity theft each day, service providers need a way to ensure that their services cannot be compromised. Anti-spoofing liveness detection is required especially in unsupervised authentication situations. Biometric authentication systems need to prevent sophisticated spoofing challenges from replay attacks and determine the user’s presence. Thus, BioID’s presentation attack detection (PAD) is crucial for eKYC onboarding, online login and banking transactions.
BioID is a pioneer and the leading player in face liveness detection for assured user presence. BioID’s patented liveness detection substantially raises the assurance level of any online transaction. With one of the world’s most powerful and complete biometric anti-spoof algorithms you reliably expose a fraudster. BioID can dinstinguish an image or motion mimicked by a photo or a video display from a real person’s movement. In addition, BioID’s AI-based presentation attack detection blocks masks, avatars and other sophisticated spoofing attempts. We don’t need special equipment such as a 3D camera. Instead we simply analyse two selfies taken by any standard camera, making BioID liveness detection extremely flexible and easy to integrate.
How BioID’s patented liveness detection works:
- We capture two face images and check for changes and natural motion. A 3D face moves differently from a 2D photo, and our sophisticated motion-analysis algorithms detect this difference.
- We detect video replays and other copies like an avatar with a special texture-based algorithm that knows when a recaptured version of a person is presented instead of a real person.
- Artificial Intelligence (AI) is leveraged through powerful DCNNs (deep convolutional neural networks) and enables us to detect presentation attacks like 3D masks, videos, etc.
- Optionally, we can guide the user to turn their head a certain way and verify that the head was turned in the specified direction (challenge-response).
BioID Anti-Spoofing Face Live Detection
We want our BioID Web Service (BWS) to generate the same trust as a face-to-face interaction. Therefore, we have developed an anti-spoofing liveness detection mechanism that makes sure the submitted recordings were indeed taken from a live person in front of the camera.
Most recently, BioID has added another patent to its comprehensive face live detection. It is based on optical flow analysis and detects movement between two or more pictures. A 3D face moves differently from a 2D photo, which our technology can distinguish. The capture of the second photo can be triggered with sensitive motion detection, so that an attacker cannot simply present two slightly different photos; the second image would be captured before the attacker’s second photo was in place. This has proven to be an excellent way to detect and block fraud using a photo, and is one of the methods BioID uses in its “fake defender”.
The latest mechanism for presentation attack detection (PAD) prevents forgery through replay attacks like videos or avatars. It is based on texture detection and artificial intelligence (AI). Essentially, image-processing algorithms analyze the texture to differentiate between the texture of skin and that of the paper a photo is printed on. BioID has modified this traditional approach so that the texture of a recaptured image or a video can now be detected for reliable anti-spoofing. This way, even remote-controlled 3D avatars or 3D masks cannot get access.
To avoid a video attack, BioID also offers a challenge-response technique. The basic idea behind it is that the system challenges the user with some random instructions, and then the response is checked to validate whether the instructions where followed. In our BioID Web Service (BWS), we can challenge the user to turn his head and analyse the head movement direction. this way, it is possible to verify whether the user turned his head according to the randomly challenged direction. Such a challenge can be repeated as many times as your security level requires. One could e. g. ask the user to move 5 times in arbitrary directions, and it is very unlikely then that an attacker has a video recording which shows exactly those 5 random head movements in the correct order. The more challenges you use, the higher the security level.
Finally, the use of BioID’s multimodal biometrics generates even higher levels of security and combats replay attacks. More than one biometric trait is captured simultaneously; for instance, BioID offers face, eye and voice recognition which can be combined flexibly, depending on the situation and the desired security level. It is much harder for an attacker to successfully fake multiple biometrics, especially when they must be presented at the same time. Additionally, it is more convenient for the user to choose from different biometric traits when authenticating.
Live detection in biometrics - other techniques
There are various other ways of trying to detect presentation attacks. However, some are more effective than others. If you want to detect a fraudster stealing someone’s identity online, sometimes it’s enough to type image search catfish on Google. For biometric authentication, other anti-spoofing techniques are the following:
Perhaps the most common method seen today is eye blinking detection, measuring intrinsic face movement. This seems reasonable; after all, a photo cannot blink. Or can it? An attacker or catfish can simply take a photo, cut out holes for the eyes, hold it in front of their face and blink. If done carefully this can fool many blink detection systems. A video of the person blinking would also work. Additionally, these systems are inconvenient for users as they take a comparably long time for the liveness detection.
A similar technique looks for pupil dilation, for instance by making the screen dark and then suddenly bright. This can successfully detect fakes but is also vulnerable to a photo with eye holes, or to a well-timed video.
More sophisticated techniques use 3D cameras to look for depth information from a 3D face, or infrared cameras to detect thermal information. However, both require special equipment and so are not compatible with most webcams and mobile phone cameras available today.
Frequently Asked Questions for Liveness Detection
Liveness detection distinguishes live persons from presentation attacks such as photos, videos or masks. The scientific term is presentation attack detection, which refers to fraud prevention for biometrics in general, whereas liveness detection is specifically used for face recognition. The most applicable liveness detection algorithms are hardware independent and require only little user cooperation for optimal user experience.
Liveness Detection is needed to secure biometric authentication systems from fraud. For instance, a fraudster could use a photo, video or mask to attack a facial recognition algorithm and get unauthorized access to accounts or data. Thus, fraud prevention is the main reason why liveness detection is required for a secure facial authentication application.
Liveness detection algorithms analyse images or videos and decide whether they come from a live person or a fake. Methods used are motion and/or texture analysis as well as artificial intelligence (AI). To cope with various presentation attacks, the most promising liveness detection combines these technologies. In addition to software-based solutions, special hardware like 3D cameras can be used for presentation attack detection. If you are interested in how certification of liveness detection works please read our article on PAD evaluation.
BioID makes its face live detection available for integrating and testing. Depending on your interest, click here!