Liveness Detection: How Biometrics Prevents Identity Fraud

Liveness Detection: How Biometrics Prevents Identity Fraud

Liveness detection is today’s most important tool for preventing identity thieves from bypassing biometrics security checks. Cybercriminals have begun developing techniques for getting around these protective measures as security technology has begun incorporating biometrics identity verification methods such as facial recognition. For example, identity thieves may use photos or videos to fool facial recognition checks. Liveness detection thwarts these criminal efforts by using technology to spot faked images and videos and distinguish them from real people.

This blog will cover the essentials for understanding and using liveness detection to enhance your biometric security measures. We’ll start by explaining biometrics liveness detection and why it’s vital in today’s digital security environment. Then we’ll look at the different types of attacks that liveness detection is designed to stop. Finally, we’ll examine how biometrics liveness detection works to prevent identity fraud and how you can start putting this technology to practical use to protect your business.

What Is Biometrics Liveness Detection?

Liveness detection is a digital security method used to determine whether credentials presented to pass a biometrics identification check represent a live person rather than a high-tech fake. For example, if a security check requires a selfie for facial recognition, a criminal might try to present a photo or video instead of a real-time live selfie. Similarly, if a fingerprint is required, a criminal might use a clay cast of a finger. Other biometrics checks, such as retina scans and voice recognition, can be defeated using similar methods. Liveness detection uses security technology to counter such tactics by verifying that a live person is present.

Liveness detection can be applied to any biometrics security method. In this article, we’ll focus on its application to facial recognition, but we’ll mention other methods in passing to provide context.

Why Is Facial Liveness Detection Important for Biometric Verification Systems?

Facial liveness detection has become a critical security method for several reasons. Since the terrorist attacks of 9/11 in 2001, federal regulations have required financial providers to step up security measures with stronger Anti-Money Laundering (AML) and Know Your Customer (KYC) procedures. This requirement prevents terrorist and criminal organizations from using fraudulent identification to open accounts and launder money.

Meanwhile, the rise of digital banking and eCommerce has inspired new methods of identity fraud, such as fraudulent chargebacks for online transactions. These new risks of identity fraud have required online identity authentication methods to make it harder for criminals to open accounts using phony credentials.

These are some of the major factors which have led to the rise of biometric digital identity verification methods. Among such methods, facial recognition has taken a lead role because smartphone cameras make it easy to implement. Having a customer take a selfie provides a simple basis for comparison with ID photos to verify that the same individual in the ID photo is the one conducting the transaction. Facial recognition now competes with fingerprints as a preferred method of biometric identification.

But because facial recognition has grown widespread, so have efforts by criminals to fool face identification checks. High-tech identity thieves have developed several effective techniques to bypass basic facial recognition software. Countermeasures are now needed to use facial recognition checks without leaving openings for vulnerabilities. This is one of many reasons why facial liveness detection has become so important.

What Is a Presentation Attack?

Presentation attacks are one of the main methods of defeating facial recognition security checks. A presentation attack attempts to bypass a biometric security check by presenting a false credential forged previously, known as a “non-live” credential. In the case of facial recognition, this involves presenting a false facial image using a photo or video.

Presentation attacks fall into a category of fraud called spoofing attacks. A spoofing attack occurs when an identity thief attempts to bypass a biometric security check using a non-live credential such as a photo, video, audio recording, or artificial fingerprint. Spoofing attacks stand in contrast to impersonation attacks, which involve live methods of imitating a person, such as wearing disguises or using surgically altered fingertips. A complete security solution must address both spoofing and impersonation attacks, but spoofing is more relevant to a discussion of liveness detection.

Types of Presentation Attacks

Facial presentation attacks may take a variety of forms. Below are the four main categories:

  • 2D static attacks with flat photographs
  • 2D dynamic hacks with multiple photographs in a sequence
  • 3D static models, prints, or masks
  • 3D dynamic digital doubles and deep fakes

Let’s break down what these methods involve and what’s required to counter them:

2D Static Attacks with Flat Photographs

This attack is made by printing a high-quality picture of a face on a piece of paper. Holes then may be cut in the paper to create a mask. 

This can be sufficient to fool some facial recognition software.

A security solution must be able to detect anomalies that distinguish flat photos from three-dimensional faces to counter this method. For example, patterns of light and shadow may indicate a smooth surface characteristic of a flat mask rather than a real face. This is analogous to how radar imaging or sonar can map the contours of a surface by bouncing radio or sound waves off it.

2D Dynamic Hacks with Multiple Photographs in a Sequence

This more sophisticated 2D method uses 2D images like film frames to simulate movement. Some facial recognition programs require users to perform actions such as blinking to prove they’re real people. Hackers can mimic this type of movement by showing a series of 2D images in sequence or replaying them as a video. This is done on a high-resolution screen, which can fool low-resolution cameras.

Countering 2D dynamic spoofing takes more sophisticated detection methods than detecting static 2D attacks. Software must look for anomalies not characteristic of real faces that are moving, such as sudden reflections caused by warped or glossy surfaces, shaking caused by a hand holding a photo or a device moving, or other phenomena known as dynamic texture features.

3D Static Prints, Models or Masks

This method involves three-dimensional presentations rather than flat images. For example, the identity thief might use a 3D printer to print a replica head, build a head model out of a material such as wax, or create a latex mask that the thief can wear.

3D static attacks are more difficult to detect than their 2D counterparts because they involve three-dimensional objects. Security software must use more sophisticated algorithms to detect nuanced differences between real and fake faces, such as subtle differences in color between skin and wax surfaces. This typically requires using big data analytics to review pictures of real and fake faces to compare and identify distinguishing characteristics.

3D Dynamic Digital Doubles and Deepfakes

This method uses moving 3D images to spoof user identities. One version of this type of presentation attack is a 3D avatar which can simulate a real face being viewed from multiple angles.

Another version is a deepfake puppet. This is an animated simulation of a person’s video created by filming an actor or using an animated model and then layering an animated face over the original image. The animated face can then be controlled digitally, like pulling the strings on a puppet. Deepfakes are finetuned by artificial intelligence to lend them realism.

3D avatars and deepfakes can be the most difficult presentation attacks to detect because they closely mimic real life to the naked eye. Software must spot anomalies such as unnatural blinking patterns, eye pupil movement patterns, or poor lip-syncing to detect a deepfake. Artificial intelligence is typically required to detect deepfakes.

How Does Biometric Liveness Detection Work?

So how do security teams counter presentation attacks? Liveness detection methods fall into two main groupings:

  • Traditional liveness detection methods
  • Artificial intelligence-powered (AI-powered) liveness detection methods

Let’s break these down further:

Traditional Liveness Detection Methods

Traditionally, liveness detection employs two main methods:

  • Active methods
  • Passive methods

Active methods require users to engage in some action to verify their liveness. The action is designed to be difficult to spoof. For instance, users may be asked to blink to show their selfie is live and not a photo. Other typical actions include moving heads and speaking passwords.

Passive methods automatically detect non-liveness indicators rather than prompting users to perform any action. For example, a software algorithm may review a photo for signs of involuntary eye movements instead of requiring the user to blink deliberately. Another method is checking photo light patterns to determine whether an image is three-dimensional.

AI-powered Liveness Detection Methods

Artificial intelligence liveness detection methods enhance the power of traditional methods by leveraging the ability of computers to spot mathematical patterns which measure liveness. For example, an AI-powered facial recognition algorithm can extract data points from a photo and automatically compare it with other photos in a database to look for signs of spoofing. The AI will weigh the results on a scoring system to evaluate liveness.

Conventionally, AI takes a long time to run over the Internet due to the amount of data processing involved. However, today’s cutting-edge AI can be run locally on the edge of cloud networks, speeding up liveness detection.

NIST Certification

Liveness detection technology can qualify for certification by the National Institute of Standards and Technology (NIST), a branch of the US Department of Commerce dedicated to scientific measurement. Incode’s passive liveness detection technology is certified by independent testing to adhere to NIST standards.

Protect Your Business with the Best Liveness Detection in the World

Liveness detection protects your company against 2D and 3D presentation attacks, which are increasingly sophisticated as criminals seek to outpace security technology. To stay ahead of them, you need cutting-edge liveness detection.

Incode Omni includes up-to-date liveness detection tools as a comprehensive digital ID verification toolkit. Our passive liveness technology is independently certified to comply with the ISO/IEC 30107-3 Presentation Attack Detection standard following NIST guidance.

Incode liveness detection forms one component of our end-to-end identity platform, powered by AI and designed to provide your customers with frictionless but effective security across multiple channels. Contact our team today to request a demo and see how liveness detection can help you protect your business.