Facial recognition spoofing is a problem
Spoofing is a set of malicious techniques, which allow an attacker to pose as someone else or synthesize a completely fake, non-existent person to gain access to sensitive data, target’s money, etc.
Spoofing attacks have become an especially common practice since the advent of the mobile technologies. Internet of Things, face recognition, and other systems are also quite vulnerable in the face of this threat.
Biometric Anti-spoofing is a set of preventive measures, which ensure that original or mimicked biometric authorization data cannot be used by impostors for purposes of theft or fraud.
Anti-spoofing is being actively adopted throughout numerous industries including banking, online payments, medicine, mobile phones, security systems, and state security etc. The need for liveness detection and anti-spoofing was created due to the emergence of numerous techniques and options of identity replacement on the Black market.
These methods range from primitive usage of stolen portrait photos and deepfake videos to highly complex techniques involving hyper realistic human face masks made of plasticine, silicone, latex, and even materials like conductive liquid polyamide solution that is capable of imitating the touch of human skin.
Anti-spoofing plays a major role in today’s security systems, as it is able to differentiate real humans and their body parts from artificial replicas. Therefore, it has become a necessary tool to raise the effectiveness and reliability of biometric security systems.
Types of anti-spoofing
Anti-spoofing covers a broad spectrum of practical applications including handwriting recognition, fingerprint verification, iris and retinal scanning etc. On the other hand, liveness detection is mostly limited to facial recognition, voice identification, and, a certain level of behavioral characteristics.
What is a presentation attack?
A Presentation attack takes place when a spoofing tool is presented to a biometrical system. Presentation attack (PAD) is a type of attack, during which a spoofing artefact is presented to the sensors of a targeted system. These artefacts include a vast repertoire of crime tools: fake fingerprints made from gelatine, printed photos, elaborate silicone masks, [[Facial Deepfakes|facial deepfakes]], artificially synthesised voice recordings, etc. Anti-spoofing solutions are designed to combat these attacks. They analyze whether the presented biometric data — eye retina, fingerprints, human voice or face — are genuine or not. Sometimes presentation attacks are accompanied by indirect attacks.
According to Data Science, facial recognition is the second most popular identification technique, next to fingerprint scanning.
There are two main facial recognition attack types: indirect and presentation. While the indirect attack requires a perpetrator to access the interior of the system, presentation attack aims at the sensor level.
Presentation attacks are seen as the primary source of threat when it comes to spoofing a biometric system. Attackers can carry out a PAD using the following methods:
Printed Photo. An impostor simply shows a targeted person’s photo to the recognition system. The picture quality may vary.
Display Attack. A clip containing the image of a user (or a single image) is shown to the camera of the system.
2D Mask. The method involves a mask cut out of paper with a face texture
3D Mask. A more elaborate method involves a silicon mask, 3D head sculpture, or wax figure, which mimics the user’s face.
Other. State-of-the-art makeup and plastic surgeries are used as possible attack tools.
To combat these types of spoofing, various methods are suggested. In general, these methods are classified as Active and Passive Facial Anti-spoofing.
Passive methods include frequency and texture-based analysis, Fourier spectral analysis, variable focusing which relies on Depth of Field and Sum Modified Laplacian values, monitoring of eye movement and shape variations through sequential photos, and optical flow analysis (combination of eye movement patterns) etc.
In addition to these methods, solutions based on artificial intelligence and deep learning are also used. They include residual neural network, high frequency, and local binary pattern descriptors, and other similar techniques.
Active Facial Anti-spoofing methods take a more active approach, as a person is asked to do a certain request — smile, blink, raise eyebrows — to double-check the person’s identity.
When combined, these methods form a Presentation Attack Detection (PAD) system which can be integrated into the existing biometric security systems.
Standards & certification
ISO/IEC 30107 standard was accepted by the International Organization for Standardization together with the International Electrotechnical Commission in 2016.
The ISO/IEC certification pre-defines how attacks and system vulnerabilities should be classified and assessed. It also dictates algorithms and countermeasures for tackling these attacks.