If you think biometric face recognition systems are not vulnerable to spoofing attacks, you’re mistaken. Over the past few years, biometric face spoofing attack have increased significantly all across the globe.
Nowadays, hackers are trying everything possible (from 3D mask to printed photos) to bypass biometric face authentication systems. Even they’re using photos from Facebook and other social media networks to deceive facial recognition systems.
In this post, we’re going to make you familiar with some liveness detection techniques to prevent face spoofing attack or presentation attack (PA). However, before that, let’s find out what exactly is facial spoofing attack.
What is Facial Spoofing Attack?
For those who don’t know, facial spoofing is a process in which a cybercriminal tries to gain illegitimate access to someone else’s rights by utilizing a photo, video, or other material for an authorized person’s face. If the attempt succeeds, the scam artist gains the rights of another person.
There are numerous ways hackers can execute face spoofing attacks. Let’s have a look at some common methods below.
Classifications of Face Spoofing Attack
2D Presentation Attacks:Static 2D attacks are conducted using facial masks, photographs, or flat paper, while dynamic versions use multiple pictures in a sequence or screen video replays.
3D Presentation Attacks: In 3D static presentation attacks, cybercriminals use 3D prints and sculptures, whereas, in dynamic versions, they use advanced robots to fool face recognition solutions.
Of course, these are not the only methods spoofers use. Presentation attacks are evolving with technology. However, due to technological limitations, 2D attacks are comparatively widespread.
It’s true that face recognition systems can easily be exposed to spoofing attacks; it doesn’t mean you can’t do anything to prevent them. Some biometric liveness checks can help you fight against hacking attempts.
Let’s get to know about some techniques to prevent face recognition spoofing.
How to Prevent Face Recognition Spoofing with Liveness Detection?
There are various methods to counter face spoof attacks. They all come under the general term of “liveness detection.”
Liveness detection aims to identify if a face is alive or created by cybercrooks. In short, the technology detects the difference between a real face and a replica.
There are two major approaches when it comes to liveness detection, known as active and passive liveness detection. The active approach needs users to evidence their “liveness” by communicating with a face recognition system. On the contrary, passive liveness detection is hidden to the end-user and doesn’t need any action on its side.
Active Face Liveness Detection
As mentioned above, active face liveness detection is an interactive approach to detect fraud; users have to stand in front of a camera and perform certain actions to demonstrate their rights or privileges with the system.
For example, these actions could be a smile, nod, blink, etc. In some cases, these actions could be randomized to add an extra layer of security to the system. Users won’t be able to gain access until they don’t complete all the required actions.
Passive Liveness Detection
Undoubtedly, active face detection gives robust protection against face spoofing, but since it requires user interaction, it might not be a good choice in every scenario.
In some cases, passive liveness detection proves a convenient protection option. With this type of detection, there is no way for users to find out that they are being tested. The detection devices manage everything on their own.
Let’s find out some of the popular anti-spoofing techniques available nowadays.
Popular Anti-Spoofing Techniques
Now it’s clear that face detection systems based on 2D and 3D images are vulnerable to spoofing attacks. However, it’s also true that such attacks can be prevented using liveness detection techniques based on texture, motion, shape, color, or reflectance.
Check out some popular liveness detection techniques below:
Eye Blink Detection
Eyeblink detection has the highest accuracy. Natural eye blinking is a straightforward way to find out whether or not a face is live. The average human being blinks 15 to 30 times every minute, and eyes stay shut for approximately 250 milliseconds during a blink.
The modern, state-of-the-art cameras are capable of recording videos with far smaller intervals between frames. Consequently, eye blink detection implementation can help you identify and prevent possible presentation attacks. Deep learning can be added to this technique to enhance its effectiveness.
Deep Learning is another effective solution that can help you with anti-spoofing. A convolutional neural network or CNN can be trained to determine the difference between real and spoofed photos. Already a lot of businesses have brought this technology into use to protect their systems.
A challenge-response system validates the identity of a user based on a series of challenges such as head movements, smiles, and facial expressions of happiness and sadness.
3D Cameras are considered one of the most reliable techniques to prevent spoofing techniques. These cameras are capable of determining the difference between a face and a flat shape. Therefore, they provide high accuracy against presentation attacks.
Active Flash reduces the risk of presentation attacks by enabling us to identity spoofing using the reflections of light on a face. It involves using a changing light environment offered by the extra light which comes from a device’s screen. The white light gives sufficient facial reflection.
What’s Next You Can Expect in Face Anti-Spoofing?
There is much more you can expect from liveness detection technologies in the coming years. With the combined use of artificial intelligence and deep learning, face anti-spoofing technology can be made more robust and effective.
iDenfy provides a wide range of advanced identity verification solutions such as face recognition, liveness detection, identity document check, and more. Our proposed liveness detection is patented and certified with iBeta Level 1 and Level 2 in the Presentation Attack Detection (PAD) test guided by the ISO 30107. If you’re looking for a reliable partner for any of these services, contact us.