Liveness detection is a method that identifies if an authentication attempt is by a real human being rather than via a photo, video, or spoofing attack.
Active liveness detection refers to methods where the end-user is required to interact with the authentication process in some way. Typically, this means the person looking to authenticate is required to perform an action, such as blinking, making facial movements, or keystroking. The advantage of active liveness detection lies in the fact that it can make it more difficult and time-consuming for someone to spoof the system.
Conversely, passive liveness detection methods are invisible to the end-user and require no interaction on the part of end-user. Passive detection is often the preferred option where a frictionless authentication process is required.
Biometric authentication is the use of a person’s unique human characteristics for verifying their identity.
Facial recognition compares many characteristics of a person’s facial structure, not eye or skin color, against a previously stored model of that person’s facial structure to determine a match. Facial recognition works because facial structure is significantly different for each person.
Facial liveness, short for facial liveness detection, determines if a face presented to a facial recognition system is that of a live person or a high-resolution photo, cut out photo, 3D mask, or video.
Typical liveness techniques include asking the person in front of the camera to blink, smile, move their head a certain way, or move the camera itself in some way, all resulting in time and complexity for detecting liveness.
Further, there are known techniques for beating these active liveness methods. Passive facial liveness is the ability to determine liveness without the person’s participation.
Facial liveness is a critical step in the process of accurately authenticating a person with facial recognition technology when the facial recognition system is operating without human supervision, such as authentication on a mobile phone.
Biometric spoofing is an attempt to gain access using falsified biometrics to appear as a real person. For example, a voice biometric spoofing attempt may use a recording of the target person’s voice. Or the spoofing attempt may use a computer to synthesize the person speaking a voice biometric passphrase.
For facial recognition systems, the spoofing attempt may be a photograph, cut out photo, video screen, or a moving video. Spoofing attempts like these are best combated with voice liveness and passive facial liveness detection technology.