I am very happy to hear these types of questions from my students because it indicates that they have some part of curiosity, restlessness or in certain cases I even like to think that they are a little worried. This question was asked by some students after giving one of our Digital Health workshops, where we talked about the security of our identity and the data that is stored in the devices, as good security measures and advice could help us keep A little safer.
It is true that today facial recognition is one of the most known authentication systems and used by a large number of manufacturers of Tables or mobile devices, its comfort and speed, makes it very attractive for the user. But ... how safe is it?
Not surprisingly, cybercrime is on the rise in our increasingly digital world. Many companies are exploring and working on biometric face recognition as a viable security solution based on machine learning.
But, although facial recognition looks like such a promising and reliable system, it has flaws. Users' photos can be easily found through social networks and used to fake facial recognition software, say using paper photographs, screenshots or even 3D facial reconstruction.
That is why it is important that companies have anti-counterfeit systems to protect confidential data, reduce theft and mitigate fraud. These systems improve existing facial recognition solutions by improving their ability to detect false authentications.
While this theoretically seems easy, it is clear that there are weaknesses.
What prevents someone from using a fake face to gain access to confidential data?
This is where the need for anti-spoofing solutions comes into play, and that word that is increasingly used in the digital world, called Life test. We rely on the detection of life to validate the identity of an individual. These verifications can verify if an individual is really present or is using a photo to fake the system.
Once introduced in the subject, I would like to tell you in this small article some of the techniques that are used to avoid the falsification of faces. In addition, taking advantage of my work in workshops and talks on Health and Digital Security, we developed an example project where we developed a life test based on the blinking of the eyes. You can see it in the video.
The most popular techniques against face counterfeiting
Most face impersonation attacks are known as presentation attacks. These attacks use 2D and 3D (static or dynamic) to fool facial recognition software.
2D static presentation attacks they are based on photographs, flat paper or masks, while dynamic versions use on-screen video repetitions or multiple photographs in a sequence.
3D static attack attacks they can use 3D prints, sculptures or masks, while dynamic versions use sophisticated robots to reproduce expressions, complete with makeup.
Of course, these examples are not the ultimate truth. As technologies evolve, so do presentation attacks.
Examples of anti-spoofing solutions: Life Test
Eye blink detection
In this section I will talk about this life test, which is what we have developed for the Digital Security workshop. Blink detection is a life detection test that is incredibly accurate. Natural flickering is an easy way to determine if a face is alive or not. The average human blinks between 15 and 30 times per minute and the eyes remain closed for about 250 milliseconds during a blink. Modern cameras record videos with much smaller intervals between (50 milliseconds to 30 milliseconds per second), therefore, with the integrated cameras of the devices we could detect this flickering.
The blink detection implementation can use the analysis of face reference points and calculate the surface area of the eyes. This is the case of our practice, since through Python and its OpenCV library we are able to draw the reference of the eyes on one face. Once we have located the eyes, we calculate that threshold that will warn us if the eye blinks.
I am preparing a series of practices where I will teach you to detect faces with Python, in a short time you will have it in the Blog, next to the code of this video practice.
3D cameras are the most reliable means of anti-spoofing. Accurate pixel depth information can provide high accuracy against presentation attacks because we can distinguish the difference between a face and a flat shape.
3D attacks can cause difficulties, but cameras remain one of the most reliable techniques against counterfeiting faces available. And despite the availability of cameras, not all users have them on their computers.
Active flash is an interesting technique, in my opinion I think it can be one of the most promising systems as verification.
This technique allows you to detect fakes using light reflections on one face. The idea involves using a changing light environment provided by the additional light that comes from the screen of a device. White light produces an appropriate reflection on the face.
What awaits us in Anti-Spoofing facial?
I am convinced that the success of facial recognition verification systems will depend largely on deep machine learning, that is, Deep Learning.
But that success will also require the combination of such techniques and the creation of sensible metrics for measuring success.
Anyway, the future is exciting and it is clear that this technology will change the way we approach identity verification.