Face Spoofing Attacks: A Threat To Face Verification

In today’s ever-advancing digital world, it is no wonder that cybercrime is continually on the rise. Digital verification solutions provide a supplementary layer of security to an individual’s information, personal data, and accounts. Biometric Identification solutions provide a more advanced and guarded method of providing security.

In the recent past, a number of organizations and enterprises have integrated face verification software with their security measures to prevent fraud and identity thefts. Facial verification provides a great deal of security to the user, but it does have some flaws. Photos can be found quite easily on social networks in no time and these can be used to trick face verification software.

Face Spoofing Attacks

Face spoofing attacks are becoming quite common these days. A facial spoof attack is done when a fraudulent individual tricks the facial recognition system by impersonating a registered user. This allows the fraudulent user to gain illegitimate access and services. In order to protect sensitive data and mitigate fraud, it becomes crucial for organizations to have anti-spoofing systems in place.

Types of Face Spoofing Attacks

Face Spoofing can be done through different methods. Some of the most common methods of face spoofing attacks are listed below

• Print Attack

In this type of attack, the hacker utilizes someone else’s photo either displayed on a digital device or as a print image. This is the most popular type of attack since pictures can be simply downloaded from the internet.

• Eye-cut Photo Attack

This is a more creative type of attack in which the eye regions of a printed photo are cut off to manifest the blinking behavior of the imposter. This is done to thwart more advanced features of some Face Recognition Technology.

• Warped Photo Attack

Warped photo attack includes turning a printed photo in any direction to simulate facial movement. This is also done to give the illusion that the hacker is in real-time.

• Replay/Video Attack

This type of attack is a more advanced way to trick the system. In this attack, a looped video of the victim’s face is used to circumvent face recognition software. Through this, the behavior and facial motions look more natural contrasted to utilizing just the photo.

• 3D Mask Attack

In this attack, a mask is used to spoof the face verification software. 3D Masks act in such a way that mimics the facial features of the victim which in turn tricks the face recognition system.

How to Detect Face Spoofing Attacks?

In order to successfully detect the different kinds of face spoofing attacks, more advanced technologies like Liveness Detection. Liveness detection verifies the live physical characteristics of a person in real-time at the time of authentication. If someone is using a picture of an individual, it can easily be detected using liveness detection.

Liveness detection can be done in two ways – active and passive. In the active method, the users interact with the system to authenticate the liveness. In the passive approach, the user is not required to perform any action and it is inconspicuous to the user.

Face Flash Liveness

There is another type of liveness detection which is based on reflectance – flash liveness. It is used on devices that have cameras positioned close to their screen, like smartphones, tablets, etc. In this method, the screen can ‘flash’ the face which allows the camera to capture how the light reflects on the face from the screen. The algorithm of the technology then determines if the flashed face belongs to a live person or if its a duplicate photo or video.