As we come closer and closer to the dawn of 2016, it’s time to start considering goals. If not right out New Year’s resolutions, it’s at least prudent to identify areas of focus moving forward. In the identity management industry, there seems to be a strong intention to kill passwords over the next five years, as we saw earlier in our Year in Review coverage. But how do we get there?
Education is a key aspect, but another is moving the conversation surrounding the mass consumer adoption of biometrics away from one-to-one password comparisons and toward full system integrity, a key aspect of which is adequate liveness detection. With anti-spoof measures being integrated into biometric technology of all kinds and thwarting hack attacks, it stands to reason that public confidence in strong authentication tech will increase. Furthermore, the level of security offered by said solutions will be greatly improved without requiring any trade off in convenience via the addition of other factors.
In our 13th annual FindBiometrics Year in Review, we asked over 150 professionals to rate the importance of improved liveness detection for the future of consumer facing biometrics. Here’s what they said:
The results are overwhelmingly in favor of improving liveness detection for the sake of the consumer facing biometrics market. With barely seven percent on the negative side of the equation, a 53 percent majority agree that improved liveness detection is a worthy priority, and that mass is bolstered by another 39 percent of respondents who are even more passionately on the side of anti-spoofing. Very few of our survey questions were so heavily weighted on one side.
So, what does it mean to improve the liveness detection on consumer grade biometrics? Probably most importantly in terms of adoption, it breaks the stigma surrounding the efficacy of certain biometric modalities. After high-profile Touch ID spoofs in recent years and panic surrounding the more recent OPM hack—which saw a 5.6 million fingerprints compromised—there is a certain lack of faith and a fear in some smartphone biometrics. The news this year that iris images can be ripped from photos and used for spoofing in some cases didn’t help the emerging eye-based modalities either, and facial recognition mobile access control is just now getting past its ruinous reputation earned by early iterations of Android’s FaceUnlock.
When I spoke to Todd Mozer, CEO of Sensory, about the launch of TrulySecure 2.0, we spoke about breaking the negative stigma around facial recognition specifically. He said that a big obstacle in promoting face biometrics is the reputation the modality garnered with sub-par tech. The answer lied in the improved system integrity offered in the solution’s ability to measure micro-motions in a parson’s face, making sure photo-spoofs are not effective.
“To combat that we’ve got to get customers to try it,” said Mozer. “You know, usually when people start using it they have the immediate reaction ‘Oh, this seems to really work.’ And then the next thing they do is try everything they can to break it, and that’s where they really get a better understanding of how accurate it is and how unspoofable it is.”
Throughout 2015 we’ve seen numerous innovations in anti-spoofing tech, particularly with the advent of new kinds of fingerprint tech. Notably, however, we’ve also seen a push from the academic community. Professor Stephanie Schuckers of Clarkson University, along with researchers from CITeR (the school’s Center for Identification Technology Research) launched a liveness detection competition series aimed at priming iris recognition for widespread consumer use.
Liveness detection is a key aspect of a robust biometric solution, and with the proliferation of mobile devices supporting said authentication tech, it would seem to be an essential priority for the industry. The survey results corroborate this view, and so hopefully indicate a motivation within and without the industry to advance anti-spoofing capabilities.
December 11, 2015 – by Peter B. Counter