Biometric technology continues to advance, and many of us rely on biometric technologies like facial recognition on a daily basis. But as technology advances, it’s essential to realize that security risks are also advancing.
When technology moves forward, hackers become smarter and more innovative in the ways they steal identity information. They learn the new systems and how to work around them, meaning that despite more advanced biometric technologies on the market, companies using them still face risk today. With regular news of data breaches across some of the biggest companies in the world, it’s essential to ask yourself what more you can be doing to make sure you and your customers are protected from cybercriminals.
Think your biometric facial recognition system isn’t vulnerable to cybercriminals? Think again! Over the past several years, attacks known as biometric face spoofing have increased significantly across the world. Hackers try everything they can these days, from printed photos to 3D masks, in order to get by facial authentication systems. They even grab photos from social media networks like Facebook and use them to attempt to deceive facial recognition technology.
With security issues becoming more prevalent, security companies now have to up their game, too. They’re doing so by enhancing security features to improve security while also keeping technologies easy for customers to engage with. One of the more common capabilities is liveness detection for facial recognition. This detection however requires the end user to look into the phone and perform movements such as move left, move right, blink, or even zoom the phone in and out to prove liveness. This method causes an unfriendly user experience and can lead to significant onboarding abandonment. A more robust method is utilizing a solution that does not require any such movements as above, but rather just “point and shoot”. This is called passive liveness detection.
What is passive liveness detection? Why is it so much better than active liveness detection? Here’s a closer look at passive liveness detection, how it differs from active liveness, and why it’s such an important breakthrough for your business needs.
Facial liveness detection is a technology used to determine if a real face is being presented to live facial recognition systems instead of a 3D mask, a video, high-resolution photo, or cut out photo. Sometimes people try to trick the facial recognition system into thinking it sees the face of a user, and today biometric data is easy to find with a search on social media channels or Google.
Liveness detection offers protection against this potential problem. It offers a way to determine if a face is truly ‘alive’ or something that’s been created by cybercrooks. Simply, this technology works to detect the difference between real faces and replicas.
Two different types of liveness detection exist: active liveness and passive liveness detection. The active approach to this technology involves users having to perform key movements to prove they are alive. Doing this requires video versus a still shot as well as very unfriendly user experiences such as moving your head to the left, righ, or up and down. Some vendors may require you to blink or zoom the phone in and out to prove liveness. On the other hand, passive liveness detection doesn’t require and makes for a much faster and friendly user experience.
A new, innovative method of liveness detection is known as passive liveness detection, and it’s an AI (artificial intelligence) based form of ensuring a face presented to a facial recognition system is live. Passive liveness gives no indication to users that they’re being tested and users are not required to perform any additional motion tasks.
Passive liveness detection occurs in the background and the technology relies on algorithms that identify and assess parts of an image indicating its content, such as skin, borders, texture, if masks or cutouts are present, and any additional indicators that a false representation of a user’s face is being used. Since the process doesn’t alert the user in any way, it’s tougher for fraudsters to figure out how to circumvent this technology.
IDmission is one of the few biometrics companies in the world offering passive liveness capabilities today that meet ISO 30107-3 standards. These standards are the industry guidelines for Presentation Attack Detection or PAD. Just a few of the benefits of using passive liveness detection include:
Of course, with any facial recognition system, one of the main security worries is “face spoofing.”
Face spoofing is a process in which cybercriminals attempt to achieve illegitimate access to another individual’s rights by using videos, photos, or other materials for the authorized person’s face. For example, if you use a bank that requires facial recognition technology to identify you when you log in, cybercriminals could use a photo or video of your face they find online and use it to fool, or ‘spoof,’ the facial recognition system so they have access.
Most face spoofing attacks are considered presentation attacks, and these types of attacks use two-dimensional or three-dimensional objects in order to fool facial recognition software. A 2D attack may be done with a photograph, flat paper, or face mask, and dynamic 2D attacks include using screen video replays or using multiple photos in a sequence. For 3D static attacks, sculptures and 3D prints may be used, while dynamic 3D attacks may involve the use of robots.
While 2D presentation attacks are the most common because of technological limitations, as technology evolves, more advanced attacks are being used. It’s the prevalence of face spoofing that has led to the creation of liveness detection, and ultimately, passive liveness detection. While it’s true that facial recognition systems are vulnerable to spoofing attacks, you can do things to prevent them. By implementing solutions that meet ISO 30107-3 and ISO 30107-2 PAD (Presentation Attack Detection) technologies as a part of your facial recognition systems, you’re better equipped to fight hacking attempts.
According to FinExtra, the continuing Covid-19 pandemic is expected to increase the number of digital identity checks by 20% as the outbreak continues to impact onboarding methods and authentication. This means it’s more important than ever to be able to offer your customers facial recognition technology that’s convenient and secure, preventing spoofing attacks and focusing on a positive user experience. Passive liveness detection is the answer as we continue to see greater use of facial recognition, providing a user-friendly way to prevent fraud.
IDmission is one of the few global companies that offer passive liveness detection, and we’re here to help you offer the best in security to your customers. Passive liveness detection is quick and easy for consumers to use, reducing the rate of abandonment. Its frictionless design ensures consumers are moved through to the end of their journey as quickly as possible, improving user experience. No movement is required, there’s less of a chance of an error message, and it prevents the most common spoofing attacks used on facial recognition systems that only use active liveness detection.
Whether it’s logging in, payment authentication, or on-boarding, the passive approach to liveness detection offers the most secure way to authenticate identities while speeding up the customer journey and avoiding the disruption of the user experience. Face spoofing has become a serious problem today, and you can’t afford to let cybercriminals get into your system.