The importance of passive facial liveness detection is key for digital onboarding and a frictionless user experience.
Liveness detection has become a critical part of the digital identity process for face biometric authentication, onboarding and fraud prevention.
With today's facial recognition systems, there are two questions that need to be asked. Is this the correct person being identified and is it a real person being presented? Facial recognition cannot determine is a person is real or not. Therefore, you now
need to prove that a person is a real human being, particularly in online situations! Hence the term liveness detection. There are two forms of liveness checks, either active or passive.
Unfortunately active liveness solutions on the market today cause friction in onboarding and many ID&V operators are seeing increasing abandonment rates due to the variety of different liveness checks. The end user is presented with a challenge, such as
being asked to blink, smile, nod their head, move the device towards their face or even read out a set of random numbers or text. In some cases, we have seen abandonment rates as much as 50%, particularly in emerging markets.
Sophisticated fraudsters have found ways to exploit onboarding and authentication methods using fake selfies, in which deepfake images, morphing and AI cloning can fool most systems. In some onboarding applications, it is even possible to bypass these processes
with simple photos and video recordings.
The main advantage for passive liveness is the speed. It is much faster than all active solutions. A number of market studies have shown that abandonment rate increases when more time is taken in the onboarding enrollment process. Some active solutions claim
to be frictionless but this is simply not true. Asking customers to do something unnatural is not a smooth method because it is very important to have a good user experience. With the variety of different active solutions on the market today, it is also causing
confusion with customers as it can be difficult to follow the instructions precisely.
Another advantage for the passive method is that potential bad actors do not know there is actually a liveness check taking place, and therefore they would struggle to work out how to defeat it. Current active solutions give the game away. It is all too
easy to replicated blinking, smiling and even moving your head from side to side in a video replay attack or using deepfake screen images. There are many examples on the web! Most remote digital onboarding experiences use one of these active methods and have
shown to be vulnerable.
Fake IDs and fake selfies are causing concern. That is why it is important for all biometric face vendors to have their software properly tested by third party testing labs and to be certified for anti-spoofing to ensure that their solutions can be trusted
and are secure against such possible attacks.
All face biometric solutions are vulnerable to sophisticated presentation attacks. It is important to recognise that passing ISO 30107-3 describes how strong the system is from a security point of view, but it says nothing about the user experience. There
are systems that have passed, but as I say, they have been known to cause abandonment in the customer journey because they can be difficult for the user to follow instructions and execute properly.
With the outbreak of Covid-19, digital identity checks are expected to rise by 20 percent as the outbreak is likely to have an impact regarding authentication for payments and onboarding methods. Therefore, it is essential that all biometrics can be valuated
as being as secure as possible. Compliance with iBeta's anti-spoofing standards are a must. Vendors have to back up their claims that their solutions are robust.