The use of Face Recognition technology is fast becoming a norm for banking procedures, border crossing, travel, and offshore finance. Whether you have to acquire access, or make a transaction to ensure diligence or verification procedures, all you have to do is just quickly glance once at your webcam or front camera of a smartphone. System will automatically verify the captured image of your face and cross match it with data already available in the repository. Doing this allows real-time services and results. Due to the utility and quick integration of this with the legacy infrastructure companies and public institutes worldwide are actively adopting this mechanism.
To address the market demand there are several key players in the market who are offering their services. Adding up to it there are also variety of ways this is taking place. Despite all the talks there is no single provider which boast a 100% accuracy rate. The reason is that as the face recognition algorithms are evolving parallel to that the “spoof” attacks are also evolving.
What are Spoof Attacks?
Spoof is the term to explain the concept of “disguising one thing as another”. The nature of spoofing is quite prevalent over the internet in shape of IP spoofing, Geo-location spoofing, and such. Face spoofing attacks are meant as tricks to cheat a face recognition software. Seeing that Face is the most recurring Biometric which is adopted by stakeholders during their onboard or security processes, hackers have developed an array of spoof attacks/methods. Here we will discuss the three most common types of hacks.
The most primary nature of a face spoof is by using a print of a picture. During a deck, a picture is displayed in front of the camera or uploaded for verification. The common fallback faced by the technologies is to detect the edges of a picture or during a video verification the inability to analyse the surface shadow movement.
It’s an advanced level of spoof attack, more sophisticated than a Print attack. Unlike a static image it capture a stream of shots or a short video which captures the micro expressions or sensory angles. This is submitted for the verification processes. Due to the movements captured in the video it displays itself as a real human person. The image processing operator working at an AI level detects the movements and successfully passes the request.
3D Mask Attack
Moving forward this nature of Spoof attack is strongest of its category. This alone is the major threat to the face recognition systems. A physical mask depicting the facial angles and look alikeness of a person is worn by a bad actor who appear in front of the camera or capture its video. The main anti-spoofing measure which is in place to fight Replay Attack is “depth perception”. Since the fake mask work is 3D, hence it becomes entirely difficult for the AI level measures to detect the surface area.
Despite an overwhelming nature of spoofing activity, systems are being trained to ensure that a proper security measure in place to effectively deal with above mentioned attacks. The three successful approaches are discussed below.
The most efficient manner of detection tool is a mix of artificial and human intelligence level. It serves as a tool to detect the physical presence of a human face during remote verification processes. It essentially means to make sure that the individual or “biometric” figure under inspection is really live. In order to check whether a person is live or not, the AI level algorithms detects the presence of certain biometric sensors all over the image or video frame. The collected biometric sensors are calculated and a positive or negative attribute is allocated depending upon the results.
Contextual or Texture Analysis
While in Liveness Detection approach, the the checks are performed on the individual or face present in the frame, for contextual or texture analysis the checks are performed on the environment surrounding the face. It detects the depth perception at different angles and points. The surface of an image or video in either digital or print form has a flat surface. As opposed to a live face which will have different depth ratios. Adding up to that the context of the video is detected for edges of a cropped or folded edge to ensure that a fabricated file is not submitted.
The induction of this approach for anti-spoofing measures was done on the basis of legal requirements. As the reports of debunking the previous two anti-spoof measures took place; in order to widely implement the biometrics for sensitive nature of applications like defence, banking and such; stakeholders resorted to using a method which ensure specific gestures, and interactions from an individual. On the basis of this the individual were deemed to have passed or failed the verification test. It could be either in form of following a point on screen with eyes, repeating a random code generated in real-time, or a digital interview where individual is asked specific questions.
Face Biometrics are arguably set to become the standard for authentication and verification. The sophistication of this technology establishes its reputation as an all-encompassing security measure against bad actors and fraudulent activities. Although, an absence of a hundred percent accuracy rate does not entirely makes it everyone’s choice. However, companies are moving steadfastly toward developing a technology which can effectively counteract face spoofing with zero error.