BioID® Face Liveness Detection
Reliable Anti-Spoofing against Biometric Fraud
With increasing online fraud and identity theft each day, service providers need a way to ensure that their services cannot be compromised. Especially in unsupervised authentication situations liveness detection is required to determine the user’s presence. Biometric authentication systems need to prevent sophisticated spoofing challenges from replay attacks. Thus, BioID’s presentation attack detection (PAD) is crucial for eKYC, online login and banking transactions.
BioID® is a pioneer and the leading player in face liveness detection for assured user presence. BioID®’s patented liveness detection substantially raises the assurance level of an online transaction. With one of the world’s most powerful and complete biometric anti-spoof algorithms you easily expose a catfish or fraudster. BioID® can dinstinguish an image or motion mimicked by a photo or a video display from a real person’s movement. For this, we don’t need additional equipment such as a 3D camera. More importantly, such detection can be carried out without sending a video stream, making it extremely flexible and easy to integrate. This allows for secure authentication with positive impact on the intended service in terms of convenience, quality and performance.
How BioID®’s patented liveness detection works:
- We capture multiple face images and check for changes and natural motion. A 3D face moves differently from a 2D photo, and our sophisticated algorithms can detect this difference.
- We detect video replays and other copies like an avatar with a special texture-based algorithm that knows when a recaptured version of a person is presented instead of a real person.
- We guide the user to turn their head a certain way and verify that the head was turned in the specified direction (challenge-response).
BioID® Anti-Spoofing Face Live Detection
We want our BioID Web Service (BWS) to generate the same trust as a face-to-face interaction. Therefore, we have developed an anti-spoofing liveness detection mechanism that makes sure the submitted recordings were indeed taken from a live person in front of the camera.
Most recently, BioID® has added another patent to its comprehensive face live detection. It is based on optical flow analysis and detects movement between two or more pictures. A 3D face moves differently from a 2D photo, which our technology can distinguish. The capture of the second photo can be triggered with sensitive motion detection, so that an attacker cannot simply present two slightly different photos; the second image would be captured before the attacker’s second photo was in place. This has proven to be an excellent way to detect and block fraud using a photo, and is one of the methods BioID® uses in its “fake defender”.
The latest mechanism for presentation attack detection (PAD) prevents forgery through replay attacks like videos or avatars. It is based on texture detection. Essentially, image-processing algorithms analyze the texture to differentiate between the texture of skin and that of the paper a photo is printed on. BioID® has modified this traditional approach so that the texture of a recaptured image or a video can now be detected for reliable anti-spoofing. This way, even remote-controlled 3D avatars cannot get access.
To avoid a video attack, BioID® also offers a challenge-response technique. The basic idea behind it is that the system challenges the user with some random instructions, and then the response is checked to validate whether the instructions where followed. In our BioID Web Service (BWS), we can challenge the user to turn his head and analyse the head movement direction. this way, it is possible to verify whether the user turned his head according to the randomly challenged direction. Such a challenge can be repeated as many times as your security level requires. One could e. g. ask the user to move 5 times in arbitrary directions, and it is very unlikely then that an attacker has a video recording which shows exactly those 5 random head movements in the correct order. The more challenges you use, the higher the security level.
Constant development always keeps the comprehensive anti spoofing up-to-date, so that BioID® can distinguish live faces from photos and videos with a high degree of accuracy and secure your customers’ privacy by design.
Live detection in biometrics - other techniques
There are various other ways of trying to detect presentation attacks. However, some are more effective than others. If you want to detect a fraudster stealing someone’s identity online, sometimes it’s enough to type image search catfish on Google. For biometric authentication, other anti-spoofing techniques are the following:
Perhaps the most common method seen today is eye blinking detection, measuring intrinsic face movement. This seems reasonable; after all, a photo cannot blink. Or can it? An attacker or catfish can simply take a photo, cut out holes for the eyes, hold it in front of their face and blink. If done carefully this can fool many blink detection systems. A video of the person blinking would also work. Additionally, these systems are inconvenient for users as they take a comparably long time for the liveness detection.
A similar technique looks for pupil dilation, for instance by making the screen dark and then suddenly bright. This can successfully detect fakes but is also vulnerable to a photo with eye holes, or to a well-timed video.
More sophisticated techniques use 3D cameras to look for depth information from a 3D face, or infrared cameras to detect thermal information. However, both require special equipment and so are not compatible with most webcams and mobile phone cameras available today.