One of the most talked-about concerns for the implementation of facial recognition technology to fully replace human sighting process, is its reliability. The assessment of reliability can be measured in 2 aspects:
- How likely it is to determine a face belonging to the same person as shown in a photo, as negative result. Technically, this is also termed as false negative.
- How likely it is to determine a face that is not belonging to the person shown in a photo, as positive result! Technically, this is also termed as false positive. This can also be an issue of "spoofing attack".
False negative is largely harmless to business risk. User/customer can simply reattempt the facial comparison again, and s/he may succeed in the next try. False negative could also be contributed by ageing of subjects and complex possibilities of lighting conditions.
Facial Recognition as Added Information Security Measure; Not the Only Measure
But false positive (erroneously indicates a given condition has been met when it is not) is the subject that concerns business risk and compliance. When a person can be granted access to one's monetary asset simply through positive match of facial comparison against ID photo, this process itself is already presenting major loopholes even if human sighting is practiced instead of facial recognition technology.
Never the less, facial recognition technology in real-life business use cases is expected to be intelligent enough to identify spoofing attacks, and counter masquerade.
Following are the 3 major types of spoofing attack you should take into consideration, while evaluating facial recognition technology for facial ID verification use case.
1. Face Swapping with Photo Print
The use of facial photographs of a valid user to spoof face recognition is the most common attack method. In fact, this is also the easiest and least complicated spoofing technique among all.
When I was using the Face Unlock feature in my HTC One X in year 2012, my phone could easily be unlocked with a photo of mine.
Facial recognition API is to match 2 facial images, and determine the likelihood of these 2 images representing the same person. Thus, if you are just invoking a facial comparison API (e.g. Amazon Rekognition, Microsoft Face API) to fulfill facial ID verification, your solution is definitely vulnerable to the least sophisticated spoofing attack.
Counter Attack: Liveness check must be incorporated into the client that captures live face photo. The user of selfie camera must proof that he/she is indeed, a live person. The least sophisticated liveness check - is eye blink. But a blink isn't enough. Photo editing software can easily create high resolution and high quality animated image that simulates eye blink.
Sophisticated live face detection should support a series of liveness check, including head movement. Examples: movement of landmark features such as opening of mouth and turning of head from left to right, and nodding.
2. Screen Replay
Screen replay spoofing can be done through recorded video played on a smartphone or any screen panel.
Counter Attack: Liveness check at the client side isn't sufficient to counter this attack. However, realising the fact that screen replay involves the capturing of image from device camera to another display screen, the face comparison API can be incorporated with sophisticated neural network and deep learning to identify every little difference that could be presented by the display screen.
3. Mask or 3D Printed Facial Feature
We are referring to the spoofing attempt with high quality mask. One that you can relate to in CSI.
Counter Attack: Similar to countering screen play spoofing, deep learning and neural networks are required in facial comparison to identify patterns and features of a mask, and isolate them from passing through liveness check. Deep neural network is a key area in machine learning, for complex problems that can't be represented by linear relationships.
Cognitive algorithm with machine learning capability will "learn" continuously, from experience. It can get to a stage where it becomes continently better than human - consistency is the key and main differentiator.
The FaceID product from our technology partner - Megvii Technology Inc, is reportedly isolating hundreds of suspicious transactions for a mobile payment platform. And the blacklist database has accumulated experiences beyond the 3 major spoofing techniques described above.
"Once you stop learning, you start dying" - Albert Einstein. This quote is now applicable to machines too.