Last updated: 4 December 2020. Estimated reading time: 11 minutes
We all remember Tom Cruise’s character in Minority report (2002) successfully spoofing an iris recognition check as he replaced his eye he just bought on the black market.
To top it off, he also tricked his employer’s network access with his old eyeball he brought along.
Sounds impressive, right?
In Hollywood movies, biometrics systems and their liveness detection capabilities can easily be fooled by gelatin fingerprints, fake irises, and special glasses.
As you would expect, the reality is very different.
Those tricks will not dupe today’s technology for a second.
With AI and, more precisely, deep learning - where a system can learn from data - biometric technologies have become measurably more accurate and resilient to attacks.
We’ll come back on this later.
But it is right to say that, as biometrics is increasingly used to identify individuals, security issues and vulnerabilities in un-supervised environments are catching the attention of solution providers, researchers, fraudsters, and users.
The good news is that the resistance of biometric systems to spoofing attacks can increase dramatically, using a series of field-proven and cost-effective techniques.
In this article, we will focus on liveness detection processes and answers these questions:
1. What is liveness detection in biometrics?
2. Why is liveness detection key for biometric systems?
3. What are the known fingerprint spoofs?
4. What are the major methods to counter fingerprint spoof attacks?
5. What are the known face spoof attacks?
6. What are the current countermeasures developed for face spoof attacks?
7. Bonus question: deepfakes – Are they a new threat to face recognition?
So, if you want to go from liveness beginner to pro, this guide is for you.
Let’s begin and start with a definition.
#1. What is liveness detection?
Liveness detection in biometrics is the ability of a system to detect if a fingerprint or face (or other biometrics) is real (from a live person present at the point of capture) or fake (from a spoof artifact or lifeless body part).
It comprises a set of technical features to counter biometric spoofing attacks where a replica imitating a person’s unique biometrics (like a fingerprint mold or 3D mask made of silicone) is presented to the biometric scanner to deceive or bypass the identification and authentication steps given by the system.
Liveness check uses algorithms that analyze data - after they are collected from biometric scanners and readers - to verify if the source is coming from a fake representation.
But why do we need liveness detection?
#2. Why is liveness detection key for biometric systems?
The need for unambiguous and secure identification and authentication has motivated a massive deployment of biometric systems worldwide.
Increased public acceptance, massive accuracy gains, a wide offer, and falling prices of sensors, IP cameras, and software have accelerated these trends.
Here are some examples.
- Today, over 1,2B electronic passports are in circulation. They included a standardized ICAO-compliant holder’s picture and fingerprints in many countries.
- The Indian biometric identification scheme consolidates the biometric and demographic data of over 1.26B residents.
- Many ID schemes integrate an electronic chip with a picture and fingerprints in addition to the biographical (name, date, and place of birth) data.
It’s a windfall for access, travel (self-service kiosks and automatic gates) but also civil identification, eKYC procedures, on-line customer registration and authentication, and more.
Needless to say, that biometric systems are also crucial for critical infrastructures such as border control, immigration and law enforcement, health and subsidies, population, and voter registration.
Failure to prevent fingerprint spoofing attacks may have serious consequences.
This makes sense when you consider these other examples.
- IDENT, the Automated Biometric Identification System, is a cornerstone of the United States’ border management and immigration. The central Department of Homeland Security system stores and processes over 200m identities, including biometric (ten fingers and a portrait) and associated biographic information.
- The FBI automated fingerprint recognition system, named initially IAFIS (now NGI), is the world’s largest criminal history collection (more than 154m individuals) at the end of October 2020.
- The Eurodac biometric system (European Dactyloscopy System) serves 32 countries in Europe.
The importance of spoof detection has been highlighted as early as 2013 by the European Commission’s TABULA RASA (Trusted Biometrics Under Spoofing Attacks) project.
Perhaps unsurprisingly, it has also been a topic of well-coordinated research in the United States since the launch of “Odin” in October 2017.
The Odin program has been initiated by the Intelligence Advanced Research Projects Activity (IARPA), an organization of the US Office of the Director of National Intelligence. Its goal is “to develop biometric presentation attack detection technologies to ensure biometric security systems can detect when someone attempts to disguise their biometric identity.”
The bad news?
Designing a biometric system that protects against current and future spoof attacks represents today a significant challenge for the industry.
The threats posed by fraudsters are as broad as they are serious. They have access to high technology such as 25-micron resolution resin 3D printers and artificial intelligence too.
In response, numerous technological developments have emerged.
First, let’s focus on the fingerprint modality.
#3 What are the known fingerprint spoofs?
Fingerprint spoof attacks (also known as Presentation Attacks or PAs in the technical jargon) have been realized using imitations (Presentation Attack Instruments or PAIs) made of all sorts of easy-to-find materials like glue, wax, plasticine, and silicone.
The first spoofing of fingerprint readers was reported in 1998 by NETWORK computing.
These attacks have been the subject of many tests and publications on spoof detection fingerprint methodologies and techniques (also known as Presentation Attack Detection - PAD) in the last decades.
The LivDet (short for Liveness Detection) liveness detection competitions have been running every second year since 2009.
Yes, you read that right.
Anti-spoofing has its own “Hackathon.”
And it’s an international topic of concern.
The International Standards Organization’s ISO/IEC 30107 standard on anti-spoofing and liveness detection techniques provides a foundation for these methodologies (PAD) to evolve through a framework. Attacks during the presentation and collection of biometric characteristics are described and communicated.
The ISO/IEC 30107 standard is designed to solve global challenges related to biometric presentation attack detection (PAD).
Presentation Attacks Instruments (fingerprint)
Here is a (non-exhaustive) list of well-known Presentation Attack Instruments for faking fingerprints conducted either with an overlay or a 3D printed fingerprint.
- Paper: 2D printed (on matt and transparent paper)
- School glue (wood glue, PVA resin-based glue like 3M Scotch gel)
- Clay-like compounds like Crayola Model Magic
- Play-Doh (a well-known water-based modeling compound used by kids)
- Orange Play-Doh (close to natural skin reflection)
- Plasticine (oil-based high precision modeling clay)
- Gelatin (collagen extracted from skin, bones, and tissues of animals)
- Wax (organic or petroleum-derived compounds)
- Silly Putty (a brand - silicone polymers, used by kids)
- Silly Putty with metallic shade (for conductivity sensor)
- Silly Putty and “glow-in-the-dark” paint (conductive because of crystal of silver-activated zinc sulfide or doped strontium aluminate)
- Silicones (like Ecoflex rubbers or Polyvinyl siloxane used for dental impressions and used as a mold)
- Silicone and bare paint (electrically conductive paint)
- Silicone and graphite coating (conductive)
- Silicone with Colloidal Silver (liquid with tiny particles of silver)
- Silicone and nanotips (a conductive polyamide liquid solution that mimics the touch of human skin, used when you have gloves on and want to use your phone)
- Dragon Skin (a brand of high-performance silicone rubber used for skin effects and molds)
- Dragon Skin and conductive paint
- Dragon Skin and conductive paint and nanotips
- Dragon Skin and graphic coating
- Latex (natural rubber used for body paints)
- Latex and gold coating
- Monster latex (a famous brand of liquid latex used for special effects. It can easily be baked in molds.)
The presentation of a biometric spoof to a biometric scanner can be detected by methods broadly referred to as presentation attack detection, PAD.
So, how is liveness detection done?
#4 How to detect liveness in fingerprint presentation attacks?
Technics to overcome presentation attacks on fingerprints biometric systems are divided into static and dynamic methods.
This fingerprint recognition capture shows linear valleys (white) and ridges (black). Minutiae are specific spots such as ridge bifurcations and endings (in yellow and red). The tiny circular dots are sweat pores. (Source Gemalto at Milipol 2017).
Solutions will exploit both counterfeit detection and liveness detection methods.
They compare a single fingerprint capture with others.
- They can detect the lack of details in fake fingerprints such as sweat pores, pattern differences, and unnatural features (such as air bubbles) compared to the real ones.
- Searching for noise and alteration fingerprint marks such as stains has been known for years in forensics. Besides, the skin flexibility is so high that no two fingerprints are ever the same, even when captured immediately after each other. A person may also alter his/her fingerprint pattern intentionally to sidestep identification. Counterfeit detection methods will also detect this type of attempt.
- Extracted from a single fingerprint capture, static features such as skin elasticity, perspiration-based features, textural characteristics such as smoothness (aka surface coarseness), and morphology can be exploited.
- For example, natural skin is usually smoother than materials such as gelatin and silicone polymers made of agglomerated molecules. A live finger will also have more ridge distortion than a fake.
- Interestingly, the spectrum of light reflected by the finger when illuminated is very distinctive of human skin. In the short-wave infrared spectrum, skin reflection is also independent of the skin tone, making it ubiquitous.
- Another “liveness” signature is sweat. Sweat starts from pores and unevenly diffuses along the ridge. In contrast, spoof captures tend to show high uniformity. Let alone the fact that pores are very tiny and challenging to incorporate in artifacts as they are usually not visible in lifted fingerprints.
- Multimodal scanners can also combine both finger vein and fingerprint images.
They process multiple fingerprint frames (aka fusion) and perform a more in-depth analysis to detect life signs in acquired fingerprints.
- Skin distortion analysis: Skin turns whiter under pressure. This effect becomes visible when a fingertip is pressed against a surface, and the blood flow is held back due to tissue compression. Besides, the user may be asked to move the finger while pressing it against the scanner surface, thus intentionally amplifying the skin deformation.
- Blood flow detection. The idea here is to capture the blood movement beneath the skin to differentiate live fingers from artificial ones.
- Active sweat pore detection: Active pores with ionic sweat fluid are only available on live fingers and are tough to replicate.
But there’s more.
Today, anti-spoofing measures are leveraging deep learning convolutional neural networks (CNN), most commonly applied to visual imagery analysis.
CNN models can be trained to distinguish a live finger from a fake. They can, for instance, identity forged fingerprints with known materials.
Think about it this way:
Artificial neural network algorithms are helping liveness detection algorithms to be more accurate.
As a result, tricking fingerprint scanners and readers now requires a markedly higher level of expertise that goes far beyond rudimentary silicone spoofs.
Most of all, creating a high-quality artifact from a latent fingerprint requires skill and knowledge similar to that of a forensic specialist with the appropriate lab equipment.
So, what’s the magic formula to counter fingerprint spoof attacks?
Sorry, but there’s no magic formula nor silver bullet.
A single method can never provide all the security you'll need. The real solution lies in combining the right number of different features.
The irrefutable answer also lies in results: i.e., the device capacity to resist attacks today and over time.
Beyond vendors’ references and technical claims, it’s certainly hard to make the right choice between all the devices available on the market.
New test methods for devices to assess conformance with the ISO standard can undoubtedly help.
Their results could be an appropriate benchmark.
Today, independent accredited laboratories can provide ISO Presentation Attack Detection testing services.
During the tests, the systems are challenged with different presentation attacks. If successful, the vendor will receive a testing report.
In accordance with the ISO/IEC 30107-3 standard (Testing and reporting, introduced in September 2017) and 30107-1 framework, the results offer excellent guidance both for the supplier and its customers.
Thales Cogent DactyID20 scanner Dactyl20: A first in the market in 2020
In December 2020, DactyID20 become the first PIV FAP20 certified scanner ISO 30107-3 compliant.
The Thales Group anti-spoofing capability was tested by iBeta to the ISO 30107-3 Biometric Presentation Attack Detection Standard and complied with Level 2.
At the end of the tests the number of fake fingers classified as real (APCER rate) was equal to 0 (0%).
A patented illumination system inside the scanner detects if the finger placed on the prism/scanner is human skin or artificial materials are involved. In case of a spoofing attempt, the system can be configured to return a message “FAKE FINGER DETECTED.”
Built-In HW-based Liveness Finger Detection (LFD) patented technology resists spoofing attacks with all known materials, significantly increased the security for all unattended applications.
The iBeta laboratory is accredited by NIST NVLAP as an Independent Test Lab.
iBeta Quality Assurance conducted Presentation Attack Detection (PAD) testing following ISO/IEC 30107-3. iBeta is accredited by NIST/NVLAP (NVLAP Lab Code: 200962) to test and provide results to this PAD standard.
#5. What are the known face spoof attacks?
Let’s move on to facial recognition.
The face detection, face capture, and match processes are detailed in our web dossier (How facial recognition works).
We will specifically focus here on facial liveness detection.
They are many similarities between the two modalities.
Face liveness detection methods also use texture and motion analysis as well as artificial intelligence.
The most advanced techniques combine these features.
They also heavily rely on facial detection algorithms’ accuracy to spot alterations such as variations in pose and expression, remove noise (brightness, background).
Presentation Attack Instruments (face)
Here again, we present a (non-exhaustive) list of artifacts (PAIs) displaying human traits used to conduct face spoofing attacks either with 2D, 3D models on a screen (2D) or 3D objects.
- 2D static attacks are made with high-definition face pictures on flat paper, simple flat paper masks with holes.
- 2D dynamic hacks are carried out with multiples photographs to be used in a sequence or a video replay via a low or high quality (4K) screen. The high definition screen is used to spoof low-resolution cameras. A video sequence with pictures can be used to answer basic challenge/response methods. The holes, in particular, allow for the eyes to blink. These 2D attacks are well documented.
- More recent 2D dynamic potential attacks can include 3D digital doubles or avatars (on a 2D screen) and deepfake puppets so-named because they leverage deep learning processes.
- In 3D static attacks, impersonators use 3D prints, wax heads, or sculptures.
- IN 3D dynamic attacks, fraudsters can use masks in resin, latex, or silicone with holes for the eyes and other specific areas such as the mouth, lips, and eyes brows.
Passive liveness detection does not require any action to be taken. It’s used by Thales ID verification suite and its Live Selfie Verify module for assured user presence during enrollment.
#6. What are the current countermeasures developed for face spoof attacks?
Active and passive methods
They can rely on passive and active detection methods.
- We’ve said it before for fingerprints. But it’s worth repeating. Count on facial recognition algorithms first. Today, with advanced analytics using AI, alterations like changes in facial hair, glasses, or even partially hidden faces are less likely to prevent user identification. According to NIST, in less than five years, the accuracy of the best facial recognition systems has increased by 20 on average.
- We mentioned texture and motion analysis as methods used by liveness detection systems with 2D cameras. Active flash will help identity face spoofs due to specific reflection patterns on a face.
- Involuntary and reflexive signals. Head and eye movements, blinks are very spontaneous. We naturally blink between fifteen to twenty times a minute, and a good 2D camera can spot that. Pupil dilation can also be intentionally generated. For instance, to make pupils dilate or constrict, an information screen can suddenly turn darker or brighter. With an infrared feature, cameras can also gather thermal information.
- Challenge/response or active detection techniques. The idea is to ask the user to blink intentionally, smile, turn head, nod, make random faces, speak random numbers, and more. The response is validated if this instruction has been followed. It’s a simple way to dodge video attacks mimicking randomized movements. As these techniques need user interaction, it does not work in every scenario.
- New 3D camera systems can detect slight changes in a person’s face and look for depth information. Depth and motion detection will detect 2D attacks.
- The combination of several biometric modalities such as face, iris, and voice recognition will boost security levels. This association is known as multimodal biometrics and makes life very tough for attackers.
It was not until 2018 that liveness detection certification started to appear in the face recognition industry. The certification and performance tests are now carried out by accredited organizations.
Face recognition systems are challenged with different presentation attacks such as printed photos, masks, or videos.
For a buying decision, the vendor’s research strength, experience, and the ability to mobilize experts to support your project are key decision factors.
We’re not through yet, because with technology, we are in a never-ending battle.
#7. Bonus question: deepfakes – Amusing or threatening?
Advanced editing software can create realistic 3D digital doubles.
The machine learning methods and their related deep learning algorithms used to boost biometric system accuracy are also being leveraged to create high-quality synthetic images and videos known as deepfakes.
Their potential to deceive the human eye is so high that it is challenging to tell the difference between what’s real and what is fake.
We know what you think.
That’s the exact definition of liveness detection, and that’s scary.
To such an extent that the topic is now on the US government's radar, according to CNN business, both on the technical and legal aspects.
Tech giants such as Amazon, Facebook, and Microsoft are working together along with MIT and Cornell to fight the spread of misleading deepfakes.
And the answer might not surprise you.
The same tools are now being used to counterattack and detect deepfakes.
Systems are trained to recognize minor inconsistencies such as unexpected shadows, too much glare on glasses, unnatural facial moles, blinking (too many times or not enough).
To accelerate the development of detection algorithms, Facebook created the Deepfake Detection Challenge in 2019.
Even better, several vendors are offering spoof bounties to hackers.
Today, the creation and detection abilities are progressing hand in hand.
Where do we fit in?
Thales Cogent facial Recognition Platform uses different liveness detection mechanisms, including thermal cameras.
Thales has specialized in biometric technologies for 30 years.
The company has always cooperated with the best players in research, ethics, and biometric applications.
- Our document readers are a familiar sight at border control desks around the world.
- Our fingerprint scanner models can capture a single flatbed, single rolled, dual flat fingerprints, slaps, and palm prints.
- Our identification systems are deployed to over 200 applications in more than 80 countries. Our systems are used to investigate, identify, and verify in civil and border identification and law enforcement applications.
More resources about liveness, biometrics, and authentication
- The term liveness is relatively new and was coined by Dorothy Denning in 2001.
- Discover one of the earliest academic papers on spoofing and anti-spoofing measures (December 2002).
- NIST Digital Identity Guidelines - June 2017
- Learn more with the Biometrics institute guide on presentation attack detection and liveness - August 2019
- See how Hollywood has been reinventing biometrics since the 1960s.
- Biometric identity verification markets by 2025
- Is that video real? CNN - October 2020
- Deepfakes, explained – MIT 21 July 2020
- Using AI to detect deep-fake videos – Standford University 13 October 2020
- Thales launches biometric Identity Verification Suite with passive liveness
- Thales Cogent Automated Biometric Identification System (CABIS 7.0)
- Thales Life Face Automated Detection System (LFIS)
- Learn more about Thales range of biometric scanners
- Discover our position paper on face recognition ethics
Now it's your turn
If you've something to say on liveness detection in biometrics, a question to ask, or have found this content useful, leave a comment in the box below.
We'd also take any suggestions on how it could be improved for future articles.
We look forward to hearing from you.