FaceTec has established itself as one of the most prominent leaders in the burgeoning selfie biometrics space in recent years, thanks in large part to its highly sophisticated technology. The company uses 3D imaging to establish its biometric templates, and was early to focus on the threat of presentation attacks by developing advanced anti-spoofing algorithms. And it has put its money where its mouth is, establishing a spoofing bounty program offering up to $100,000 in payouts to any hackers who are able to successfully trick FaceTec’s authentication system.
More recently, FaceTec has further demonstrated its leadership with extremely strong revenue results for the first quarter of the year, and an important new partnership with another biometrics industry leader, Onfido. These items were understandably top of mind for FindBiometrics Editor in Chief Peter Counter in his recent interview with FaceTec CEO Kevin Alan Tussy, who offered his perspective on the company’s successful approach to the market, and on partnerships and M&A in the industry more broadly. The two also discuss FaceTec’s spoof bounty, use cases in crypto, and new features that will be arriving soon on the FaceTec platform…
Peter Counter, Editor in Chief, FindBiometrics: FaceTec recently announced a 321 percent revenue increase for Q1. Congratulations! How much of that success can be attributed to the financial sector, and what financial needs has FaceTec’s technology been serving, and how do you expect those customer demands to change?
Kevin Alan Tussy, CEO, FaceTec: Thank you Peter. Our growth in Q1 came from many banks and fintechs, but we also saw a lot of usage from ecommerce providers. There aren’t many good options out there for secure customer authentication, so our product/market fit is proving to be strong across industries. Our financial industry customer base is steadily growing, particularly through our partner network of integrators around the world. And if you look at how large the user base is for the leading ecommerce companies, they dwarf the employee authentication space. For example, Mercado Libre, with 200 million-plus customers, aren’t going to auth on-device or with hardware keys. They are already using FaceTec software for their end user authentication, and they don’t want special hardware. So we are in a very good place right now.
FindBiometrics: Right now in the biometrics industry we are seeing a wave of collaboration and acquisition, particularly around digital onboarding, which got its foothold in the financial services space. Why is industry collaboration, as exemplified by your recent partnership with Onfido, crucial in the current identity landscape?
FaceTec: Some of these are great pairings, like WorldReach and Entrust, for example. What is typical in industry cycles like this is that some other deals look like rescue missions at worst, and acqui-hire at best. I think when you see a company without much in the way of unique tech and very little revenue, but some good marketing, slick websites, and pretty PDFs, I get the feeling they’re getting bailed out by a company in need of a good PR story to sell to impatient investors.
But in the end, all initial remote identity verifications will have to reconcile with the reality of legal identity issuers performing matching to trusted data, on a government server, and ultimately returning only a yes/no match decision back to the relying party. This process will require really strong Liveness Detection to ensure that the user is indeed present in person for each Identity verification and extremely accurate 3D Face-to-2D photo matching. Privacy will be protected through “identity intermediaries,” and that’s where I see the current crop of eKYC providers ending up; between the user, the relying party, and the legal identity issuer. And that’s going to be a good business for them, managing the access to government APIs and providing the anonymity of the relying party. And I know the eKYC vendors don’t want the party to end, but ultimately digital identity can’t revolve around trusting user-provided ID documents like it does now.
Many eKYC vendors are already preparing for the inevitable physical document-less future. Onfido is a great example of a forward-looking IDV vendor that’s now looking past onboarding to ongoing authentication, and just launched Onfido Face Authenticate with us. Onfido and many of our other partners have realized that onboarding only happens once, but authentication happens countless times over the user’s life cycle, so that’s where the real need and opportunity are at the moment.
FindBiometrics: Something that’s still unique in the industry is FaceTec’s ongoing $100,000 spoof bounty, which includes stipulations for level 4 and 5 spoof threats – template tampering and video injection attacks. Why is level 5-protected liveness detection necessary for onboarding and subsequent authentication in high-risk scenarios?
FaceTec: Defending Level 5 attacks is more important than ever, and with the proliferation of deepfake puppets, augmented reality overlays and virtual camera software, Liveness providers now must secure the camera feed. If they can’t, then it’s just a matter of time before they become the targets of groups like the one in China that used some slick 2D deepfakes to steal $76 Million US.
We’ve had over 80,000 attacks on our Spoof Bounty Program over the last year-and-a-half. It’s been such a valuable experience for us, because we’ve not only learned a lot and have been able to anticipate where the real world attacks would be coming from, we have also met some great people – really ingenious, creative people – some of whom we have hired, or are in the process of hiring. It’s one of the best things we’ve ever done as a company, but you have to have the goods. You can’t fake your way through a wide-open Spoof Bounty Program, especially in the browser, and that’s why we believe none of our competitors have Spoof Bounty Programs. For decades, biometrics salesmen have made a living by staying willfully ignorant or lying by omission. We reject those tactics completely, and we will always be the first to transparently put our own security claims to the test.
FindBiometrics: As cryptocurrency continues to have its moment, an emerging and fascinating use case for FaceTec is biometric account recovery. How do biometrics fit into the crypto world from your perspective, and are there crossover applications for these emerging use cases?
FaceTec: I love seeing the innovation in the crypto-currency space. It’s been great to watch our customers like ZenGo flourish. But, in fully decentralized systems there are some challenges. Not having a central authority that is able to unwind a transaction can be both a feature and a bug, and it really raises the stakes for user authentication. In crypto, account access is all or nothing. So when these wallets and exchanges need the strongest biometric user authentication, they come to us. We just partnered with a great group called Humanode.io, and worked with them to design a fantastic architecture for an ID verification DAO (decentralized autonomous organization). I think it could be really important in the next-generation of blockchains, where each block can store significant amounts of data and unlocking access needs to be incredibly secure. If it all comes together like I think it can, NFTs are going to get really interesting.
You mentioned earlier how eKYC really got its start in financial services because of anti-money laundering and know your customer laws. Many of these financial services companies don’t actually want to stop fraud or money laundering. It’s kind of an open secret in the industry, but these companies just want the user’s “identity” figuratively verified to make sure the literal box is checked so they have plausible deniability when the DOJ (Department of Justice) comes knocking. You can’t verify the user’s identity 100-percent with a 2D image of a photo ID, but many vendors will play along for $1.50 per new client for onboarding. I’m sure there’s still a lot of wind in the sails of user-provided ID document verifications, but again, it won’t last forever. It’s just too easy to create a photo ID OCR algorithm, and there are no barriers to entry. We built our own photo ID OCR algos in about five months, and we’ll have a lot more news about that in the next 30 days or so.
FindBiometrics: Financial services has been the frontline of biometric adoption for many years – in fact, you and I first met at a Money2020 USA event at the start of the liveness detection trend. In what other markets are you seeing adoption, and what others do you expect to follow suit?
FaceTec: Ha ha – the good old days when we could meet in person! FaceTec did a lot of education back then, and some of our staff still do on www.Liveness.com. But while the day we met does seem like so long ago, I know others have been waiting even longer for the tech to mature to where it is now, providing millions of users secure access every day to their vital apps and accounts. Remember, it was way back in 2001 when Dorthy Denning coined the term “Liveness,” and even our own SVP of North American Operations, Jay Meier, said he’s been waiting 25 years for a “FaceTec” to come along!
FindBiometrics: What can we expect from FaceTec as we enter the second half of 2021?
FaceTec: Lots more coming on the new features front. Our OCR is coming, platform wide support of our free 2D-to-2D Matching is coming, and we’ll be releasing updates to our free Age Estimate algos in the second half of the year as well. But I don’t want to give too many spoilers! I will say this: disruption is coming to this industry, you have seen consolidation start already, but I think that’s just the beginning. We don’t get distracted by it though; we just focus on bringing more value to our partners, customers, and especially our end-users. While it’s true that it’s customers who pay the invoices, our real obligation is to end users. We protect them from bad actors using their identities or accessing their accounts, and to me that’s the ultimate protection of privacy. Keeping critical data safe and secure, yet accessible when needed, that’s what we should all be striving for. I’ve been calling what we do at FaceTec “Positive Identification” because everything about it is a plus for security and usability.
FaceTec is a Platinum Sponsor of the June 23 FindBiometrics Identity Summit. Register now to see this conversation continued on our virtual stage!