To kick off ID Evolution Month at FindBiometrics, last week we brought you a special feature outlining the rise of selfie-based authentication. But just as selfie authentication has become more sophisticated through the pursuit of greater biometric detail, this week we’re going to sharpen the picture with an in-depth look at the cutting-edge of facial recognition authentication systems today.
The Spectre of Spoofing
Last week’s feature highlighted Apple’s outsized contribution in shifting the biometrics industry toward selfie-based authentication, but such technology predated Apple’s launch of Face ID by several years. Google’s Android Lollipop operating system, for example, already supported a ‘face unlock’ feature back in 2014; and in 2015, Daon started to make a big splash with its multimodal biometric authentication software for mobile devices, which also supported facial recognition.
Apple’s contribution was to catalyze a larger shift, prompting many smartphone brands to embrace selfie-based authentication more prominently in their own devices in 2017 and beyond. But problems emerged, as not all selfie-based authentication systems are equal. The risk with less sophisticated two-dimensional facial recognition systems is that they can be susceptible to spoofing – also known as presentation attacks, in which fraudsters try to mimic biometrics in order to fool an authentication system. To take one particularly egregious case, a OnePlus smartphone from 2018 had its facial recognition system fooled by a black-and-white printout of a user’s face.
This poses a problem, not just with respect to unlocking smartphones, but especially in terms of using facial recognition to match users against official identity documents.
Fortunately, there is a growing recognition of the need for advanced face-scanning systems to counteract spoofing attempts. Part of the reason that Apple was able to make such a strong impact with the introduction of Face ID in 2017 was that its solution was a 3D face-scanning system, using an infrared grid to map end users’ faces in detail. This provides an obvious safeguard against the threat of spoofing posed by 2D printouts, and high-profile rivals proved keen to follow suit with their own 3D face-scanning systems.
This has led to considerable security for the proud owners of devices like the iPhone 11 or the Google Pixel 4, but it doesn’t address the threat of spoofing to the majority of end users who are relying on smartphones without the advanced hardware needed to power that kind of face mapping. Fortunately, sophisticated software-based approaches are emerging. Advanced AI algorithms can look for subtle signs like the micromovements of a user’s hair, for example, in order to determine user liveness. And other innovative approaches take advantage of video to enhance security and reliability, such as the Onfido Liveness system in which users are asked to perform specific movements and recite randomly generated numbers during a face scan.
When it comes to matching end uses to official identity documents, these software-driven approaches can add a considerable amount of certainty to the authentication process, enabling groundbreaking use cases like remote account opening for banking customers, or citizen enrolment in e-government programs. Such technologies have come a long way from the simple 2D selfie, illustrating the advances of the ongoing ID evolution.
ID Evolution Month is made possible by our sponsor: Onfido
April 9, 2020 – by Alex Perala