Last week, we kicked off Face Biometrics Month with a look at how face biometrics became such a hugely popular – and sometimes controversial – modality in recent years. This week, we’ll focus on one aspect of this modality that was touched on in that first primer, but deserves a lot more attention. Far from being in any sense controversial, selfie-based authentication has emerged as one of the most favored iterations of facial recognition technology today.
The Apple Effect
As we observed last week, Apple played a big role in helping to popularize selfie authentication, thanks to its pivot to face authentication in 2017’s iPhone X. The smartphone’s sophisticated Face ID system started to familiarize Apple’s early-adopter users with the idea of using their faces to unlock their devices, and this approach was quickly copied by rivals eager to get on the bandwagon – even Apple’s arch-nemesis Samsung, despite its efforts to pioneer iris-based biometric authentication on its own devices.
Now, these facial recognition security systems – commonly referred to as ‘face unlock’ – are commonplace across a wide variety of smartphones, and facial recognition is starting to compete with fingerprint scanning as the top biometric modality on mobile devices. What’s more, consumers are getting used to the idea of using selfie-based authentication for other use cases besides unlocking their phones, such as logging into secure apps, and even authorizing online purchases.
Getting On Board
This brings us to the latest big trend in selfie biometrics: selfie onboarding. The idea, applied primarily in the world of financial services, is to let consumers open new accounts remotely by verifying their identities via facial recognition. Typically, a selfie onboarding system will prompt the end user to take a photo of a piece of official, government-issued ID, and to upload it along with a selfie image. Facial recognition matches the user’s selfie to their image on the ID, confirming that it belongs to them. And voila: their identity has been verified without the need for an in-person interaction.
This isn’t an Apple innovation. Rather, selfie onboarding solutions have come from mobile biometrics specialists, and generally take the form of software that can be integrated into a third party’s app. This means that end users don’t need specialized hardware, such as the infrared imaging system of Apple’s Face ID; all they need is a standard smartphone camera, and piece of photo ID.
Defending Against Spoofing
If that sounds like it’s too easy, that’s a legitimate concern. Across the biometrics landscape, the threat of spoofing – in which an authorized user’s credentials are mimicked to fool an authentication system – is real. Hypothetically, all you’d need to fool a selfie onboarding system is a photoshopped image of a driver’s license, and a profile picture of the license holder. But today’s selfie onboarding software systems are highly sophisticated, and feature anti-spoofing technology designed to spot such presentation attacks.
FaceTec, for example, has developed a selfie biometrics solution that is virtually unspoofable. Last year, it became the first vendor to be third-party lab certified to both Level 1 and 2 of the ISO 30107 presentation attack detection (PAD) standard. By looking for subtle signs of genuine human presence in the selfie authentication process, FaceTec’s system was able to detect every spoofing attempt in a battery of attacks that including 3D face constructions and even masks worn by live human evaluators. The company now defends against a constant stream of highly sophisticated spoof attempts thanks to it’s $100,000 spoof bounty program.
Meanwhile, Aware, Inc. has taken another approach with respect to its Knomi selfie biometrics system. In addition to its ISO 30107 Level 1 and 2 compliant face recognition, the company recently added support for voice biometrics to the Knomi platform, allowing users to combine facial recognition with speaker recognition for highly sensitive authentication scenarios. Aware’s speaker recognition also boasts liveness detection, helping it thwart potential playback recording attacks.
The COVID Acceleration
These kinds of technological advances have evolved as financial institutions have seen a growing shift toward web-based and mobile banking among their customers. And that’s why a growing number of banks and other financial services providers have been embracing selfie authentication in recent years, with growing excitement about the opportunity to let customers not only perform daily transactions, but even open new accounts without the need to visit a physical branch.
Needless to say, these trends have only accelerated in the wake of the COVID-19 pandemic, which has pushed vastly more consumers into digital channels. Financial services firms need reliable remote authentication systems more than ever, and are flocking to selfie biometrics solutions in droves. Spain-based selfie authentication specialist FacePhi, for example, reported a 143 percent sales increase in the first half of 2020.
It’s a selfie-centric time, and even after the pandemic ends, there’s no reason to expect the trend toward face-based authentication to reverse. Face biometrics has a rising profile, and selfie authentication is part of the picture.
November 12, 2020 – by Alex Perala