Biometric technology company IDmission recently published a blog post on its website espousing the importance of its passive liveness detection solution in combating the increasingly sophisticated hacking attempts employed by fraudsters.
Specifically, the post looks at how masks are used to test the algorithms behind passive liveness detection systems, noting that hyperrealistic silicone and rubber masks are readily available online to cybercriminals looking to commit identity fraud.
Before getting into the details of how this is done, the author of the post makes sure to note the difference between active and passive liveness detection. Active liveness detection usually involves prompting the person wishing to be authenticated to do something like move their eyes or lips, or turn their head. On the other hand, passive liveness detection is far more reliant on an algorithm’s ability to spot subtle cues — using artificial intelligence and machine learning methods — that allow it to know that a face is real, and without feedback from the user (who isn’t required to do anything).
In the post, Colorado-based IDmission outlines how passive liveness detection tests are conducted in order to ensure a system is capable of recognizing the difference between a real face and a fake.
Due to the rise in online activity and remote work that has resulted from measures taken to slow the spread of the COVID-19 virus, cybercrime has grown at an alarming rate recently and has led to an increased demand for remote authentication solutions. As a result of this increased demand, biometrics have emerged as a preferred method for remote identity verification due to their ability to adjust to evolving hacking attempts far more quickly than outmoded methods like traditional PIN/password setups.
IDmission’s own passive liveness detection solution recently celebrated a major milestone, achieving the ISO/IEC 30107-3 Level 2 biometric Presentation Attack Detection Standard (PAD) in tests conducted by an independent third party lab.
In a recent interview, IDmission CEO Ashim Banerjee discussed in greater detail the work that goes into achieving compliance with PAD assessments.
“[S]ecurity typically comes from the biometrics and the biometrics typically come from your face,” said Banerjee. “Which is all great, except that you have to be able to tell the difference between somebody’s face as being physically present versus somebody presenting a printout of a picture, a high quality picture, or a low-quality picture, or a mask, or an electronic image captured on a desktop or on a phone or a video or different kinds of busts, 3D printed busts, and so on.”
The author notes that during these tests, false faces are referred to as ‘species’, and can include everything from a photograph on a smartphone or a 3D printout, to one of the aforementioned silicone masks.
During the tests, algorithms are presented with a species 150 times, and a real person 50 times. If a species is authenticated then the algorithm has failed the test and adjustments need to be made.
November 12, 2020 – by Tony Bitzionis