What is Liveness + Face Matching checking
Biometric verification involves facial recognition and matching, as well as verifying the mobility and reality of the person in front of the camera. It is a way to prevent unauthorized access to any system.
Introduction
“The Heart of Stone” movie, recently released on the big screen, features a few episodes, in which the main characters use biometric verification. In this spy thriller, heroine Gal Gadot protects a program based on artificial intelligence, which is capable of controlling the entire world. Such a program is fantasy fiction, but access to run the program programmed into a person’s face is a reality. So is a device to open doors by facial identification.
Today, biometric verification is used in a wide variety of industries. It is the process of matching a person’s biometric data with the data in the system. A data match grants access and opens doors for Stone, while a mismatch angers the attacker and leaves him with nothing.
Biometric data can be fingerprints, facial features, iris patterns, voice patterns, or other unique characteristics. Facial recognition is the most popular right now. However, high-quality photos can fool the system, so liveness detection is added to the recognition. This process determines that there is a live, moving person in front of the camera, not a photo or silicone mask.
The advantages of using biometric verification with liveness detection are obvious. It is convenient for the person because there is no need to remember passwords or carry keys. On the other hand, biometric data is very difficult to forge or copy, so today (and as we see in the fictional future) this verification is a strong defense. We’ll talk more about that below.
How Liveness Detection Works
Imagine a security officer in a building. You both have been working in the same venue for a long time, he knows you by sight, and so you pass by every day with a nod of greeting. Suddenly you are kidnapped, a silicone mask is put on your face and here is a spy, imitating you as «you» enter the building. Most likely, the friendly guard will suspect something wrong, but let the intruder through (this usually happens in movies).
The same job is done by an automatic entry system that uses biometric verification. The system «knows» your face and your access rights. But if the bad guy comes instead of you, the system will recognize the attempt at deception thanks to the liveness verification. After all, the mask has no mobility.
Now look at your smartphone. How many services are on it? The smartphone is your virtual front door to banks, financial services, gaming, and many other organizations. Each service has its own gatekeeper at the entrance. The Covid pandemic has driven many companies to move their processes online, which necessitated quality identity authentication procedures.
Chances of being kidnapped by bad guys and having to put on a mask to get into your office are slim. But going online to your payment system account instead of you — that’s possible if the system doesn’t use strong verification. Like the one offered by Verigram, for example.
Verigram’s biometric solutions (Face recognition, Matching + Liveness Detection)
Biometric verification, of which Liveness is a part, includes several algorithms. These are facial recognition, matching to a «reference» face, and liveness verification.
For the end user, the process is very simple and fast. The user only needs to look at the camera for 1-5 seconds. Verigram’s algorithms analyze various factors such as head movement in response to the system’s request, or blinking if a simplified motionless test is used.
Verification is performed by a neural network that can analyze the location of the eyes, nose, mouth, and other features known only to it.
Our team is constantly training its algorithms to ensure that the system is error-free. For example, a common way to cheat is to try to access an online service while the smartphone owner is asleep. Our algorithm will recognize the owner’s face (after all, it’s their face!), but it will notice that the eyes are closed and will deny access because the algorithms consider this behavior suspicious.
Which companies use biometric verification, including liveness
Financial institutions are leading the adoption of online activity detection algorithms.
Finance. Payment and credit companies, banks, and other financial institutions use activity detection to allow users to access their accounts online and verify their identity before making transactions. This helps to prevent fraud and identity theft.
Government agencies. Some government agencies use activity detection to verify the identity of citizens to provide access to their services, such as requesting documents and statements, scheduling medical appointments, and more.
E-commerce. Many e-commerce companies use Activity Detection to verify the identity of customers before they make significant transactions. This helps prevent fraud and protects customers from unauthorized, ruinous purchases.
Social networking. Social networks are increasingly using liveness to prevent the creation of fake accounts. This helps protect users from spam, harassment, and other forms of abuse.
Access control for buildings and offices. Our example from the movie. In reality, more and more secure buildings and facilities are using activity detection for access control. This helps prevent unauthorized access and protect people and property.
Liveness detection is an important security measure that can help protect people and organizations from fraud, identity theft, and other threats.
How much does Biometric verification software cost
The cost of biometric verification software can vary greatly depending on the company’s requirements, the vendor chosen and the number of checks.
There are two types of software available to organizations:
- Purchase under license for closed-loop installations. For example, for internal physical access control systems or in organizations with complex data security requirements.
- SaaS, a service model where all hardware costs are borne by the solution provider. Typically, fees are based on transaction volume and technical support and upgrades are included in the cost.
As an algorithm developer, Verigram offers both types of solutions to our customers. We use a flexible pricing approach where the cost is based on transaction volume each month. We also have basic monthly and semi-annual packages where there is no transaction calculation, but there is a limit on the number of transactions within the plan. Get a pricing calculation for your business from our expert.
What product metrics are affected by Liveness
The goal of verification is to keep fraudsters out of the service. To do this, algorithms need to recognize the right person quickly and accurately.
Here are a few key metrics for product owners:
Verification time. Typically, the automated Facial recognition and matching + Liveness process takes 1-5 seconds. This is sufficient time for the system to detect, recognize, match the face, and verify that it is a real person. Verification via video chat or meeting with an operator in the office takes approximately 15-20 minutes.
Conversion. The higher the quality and reliability of the algorithm, the higher the conversion rate at the customer verification stage. If the facial recognition algorithm and liveness do not work well, they will prevent a certain number of customers from accessing the product. The conversion rate directly affects the financial performance of the product.
Cost. Compared to the cost of manual verification, operator time. Automating the process tends to reduce the cost significantly.
Biometric verification can be used in a variety of scenarios where a customer can quickly confirm his/her identity. The entire process is fast and user-friendly, and this verification serves as a strong defense against fraud that is extremely difficult and expensive to defeat.
For more information on our proprietary Liveness algorithms, please contact our experts for a free consultation.
Challenges in Security and Authentication
As the digital economy and the use of e-platforms grows, so does the volume of online transactions. According to Online Payment Statistics, global revenue in the digital payments sector is expected to reach approximately $14.79 trillion by 2027. This creates more opportunities for cybercriminals to attack.
Cybercriminals are refining their techniques through phishing, virus and malware scams, and attacks on network infrastructure.
To prevent massive attacks and protect the interests of customers, many countries are introducing regulatory requirements. These are the well-known AML («Anti-Money Laundering») requirements, which include KYC (Know Your Customer) procedures. These procedures include document verification, face verification against the photo in the document, and physical presence verification as proof of the person’s reality.
A company that fails to comply with these requirements may face the following consequences:
Fines: Regulators and supervisory authorities have the right to impose significant fines on financial institutions if the company has not complied with KYC/AML requirements in advance to protect its customers.
Restriction of activities: Violations of KYC and AML requirements may result in temporary or permanent restrictions on certain types of banking or financial services.
Revocation of license: In some cases of serious violations, regulators may decide to revoke a financial institution’s license to operate.
Litigation: Failure to comply with KYC and AML requirements can result in lawsuits and civil claims by customers, as well as possible criminal charges, especially if the financial institution knowingly participated in fraud or money laundering.
Loss of customer trust: Violations of KYC and AML requirements can lead to loss of customer confidence and damage to the organization’s reputation. This can lead to loss of business and customer base.
Reduction in shareholder value: Financial irregularities and legal issues can adversely affect the financial institution’s share price in the market.
Additional expenses: Financial organizations may have to invest additional funds and resources to remedy the situation, address the irregularities, and implement necessary KYC and AML compliance measures.
Conclusion
If your business has processes that require you to verify that an action is taken by a real customer and not someone else, you need to implement an automated service. This successful strategy protects your customers and your business from financial loss, makes the process simple and convenient, and opens up new opportunities for scalability.