“Our millions of users know ZoOm is already the best defense against digital identity fraud, but we believe it can become even stronger. We look forward to learning what new, imaginative ideas clever testers will employ to try to spoof ZoOm.” – Kevin Alan Tussy, CEO, FaceTec
FaceTec is once again asserting its leadership in the biometric authentication space by becoming one of the few organizations in the industry to set up a bounty program for potential hacks of its technology. The company is offering a total of $30,000 to any hacker who can thoroughly spoof its ZoOm authentication system.
It’s a tall order for hackers. ZoOm is so far the only biometric authentication system to have attained both Level 1 and Level 2 certification in iBeta’s Presentation Attack Detection evaluation, currently the industry’s gold standard for testing anti-spoofing technology. With its use of three-dimensional facial recognition and sophisticated AI, ZoOm has thus far been spoof-proof – and has seen a number of integrations into other apps and services as a result.
Among those is the cryptocurrency wallet ZenGo, which itself launched a bug bounty program in July, offering a Bitcoin reward to any hacker who could fool its ZoOm-protected security system. No one succeeded, despite ZenGo’s provision of a hi-res image of its CEO’s face to help hackers try to break into his account.
With the price of Bitcoin having hovered around roughly $10,000 during July, FaceTec is evidently upping the ante with its own bounty reward totalling $30,000. But a hacker will have to succeed across all three levels of iBeta’s spoofing framework to collect the full bounty. Getting past Level 1, which entails the use of artifacts like hi-res photos and video, will net an initial reward of $15,000; Level 2 involves the use of things like latex and silicone masks, and carries a bounty of $10,000; and Level 3, which entails ultra-realistic 3D masks and sculptures, will deliver a final bonus of $5,000.
“We’ve worked tirelessly to create Liveness Detection that can be trusted in real-world unsupervised scenarios,” explained FaceTec CEO Kevin Alan Tussy in a statement announcing the bounty program. “Our millions of users know ZoOm is already the best defense against digital identity fraud, but we believe it can become even stronger. We look forward to learning what new, imaginative ideas clever testers will employ to try to spoof ZoOm.”
The bounty program’s launch is a sign of considerable confidence on FaceTec’s part. Clearly, the company does not anticipate a great deal of success on the part of would-be hackers, given the size of the bounty’s sum; but in being willing to face the possibility of a potential successful hack attack, FaceTec is also demonstrating its commitment to ensuring that its solution is as strong as possible, since any potential embarrassment from such a scenario would be outweighed by the progress FaceTec would be able to make in patching the security bug and further reinforcing its industry-leading solution.
October 25, 2019 – by Alex Perala