In a recent WIRED magazine article, published on August 19, 2016, the title states, “Hackers Trick Facial Recognition Logins with Photos from Facebook (What Else?)”. The author explains how computer vision specialists from the University of North Carolina presented an access system that uses 3-D face models based off publicly available photos to defeat facial recognition systems. The article further stated, they successfully spoofed four of the five systems and reiterated, this is a stark reminder to all of the downsides of authenticating your identity with biometric technology.
They did this study with the permission of twenty volunteers, and proved just how easy it was to obtain various facial photos of your identity from social media sites on the web. The study showed how someone can use them to “spoof” or trick biometric technology through impersonation in order to access devices or other personal accounts. It further demonstrated that without proper precautions in place, anyone can take a photo or video of someone and present it to a facial recognition system to gain access. A definite breach of personal privacy and security, and a major setback to the growth of facial recognition as a valued and secure form of biometric technology.
Liveness Detection Prevents Spoofing
Recognizing the vulnerabilities of possible “spoofing” attacks against facial recognition systems, Vigilant Solutions has implemented strong liveness detection countermeasures for true facial authentication, and can easily identify and prevent these types of fraudulent attacks.
Liveness face detection uses multi-modal biometric technologies to confirm that the face belongs to an actual living being, and is not a face captured in a photo or video. Vigilant Solutions Liveness Face Detection web application uses random interactive actions, along with facial recognition technology to validate the person is truly alive, and actually in front of the facial recognition system.
Movements are measured through randomized prompts, and each command is then verified in the system. This is classified as an active facial analysis requiring the user to follow a series of face position commands which are set by the system administrator. These unpredictable commands make it much more difficult to simply rely on canned photos or videos to spoof facial recognition technology. If the user does not comply with one prompt, the application generates a failed identity check. When a user follows all the random and unpredictable face command prompts, the “proof of life” validation process has ended, and a secondary facial recognition verification begins using FaceSearch technology to compare the user against the stored profile image contained in the database.
Two-Factor Authentication Critical
This two factor authentication combines motion verification and one-to-one facial recognition technology, and continues to be the most secure form of identity verification and authentication. When accurately used, it can be used to complement or replace PIN numbers and passwords, or can be used as means to check-in for those who require supervision. Vigilant Solutions constantly seeks to improve upon any vulnerabilities it identifies in technology. It has addressed “spoofing” of facial recognition systems. Make the Liveness Face Detection web application part of your identity verification solution today.