Liveness detection is a technique where an algorithm securely detects whether the source of a biometric sample comes from a fake representation or is a live human being. The biometric sample is a facial photo taken by a user. The algorithm is able to recognize a live person from presentation attacks, for example, masks, photos, or videos.
An AI-based liveness detection algorithm distinguishes live human beings’ (real fingerprint, real iris, or real face) approaches from fake approaches (spoof attack, presentation attack) to the system.
The term liveness detection was first used in 1950 by a British scientist, Alan Turing. The experiment was called the Turing test, where he tested the intelligent behavior of a machine and its ability to generate responses similar to a human. The test consisted of an evaluator, aware that one of the conversation subjects is not a human. They communicated by typing on a keyboard, and if the evaluator was not able to recognize a human from a machine, the machine passed the test.
Later on, in 2000, the first liveness check was performed similarly to the ones we know nowadays. The users were prompted to perform some actions on a video, but the liveness check technology back then was very slow and not accurate. The first generation was an active liveness check.
Recently, we can observe some tech providers offer so-called semi-passive liveness detection checks. Within their liveness detection, they aim to combine the best of both types of liveness detection – high security with a positive user experience. For example, during so-called Smile Liveness users are asked to just smile.
Liveness detection, in general, is part of the identity verification process that is mostly used in banks, telcos, eGovernment, and the sharing economy.
Passive liveness detection is an innovative method of liveness detection running in the background of the biometric facial verification process. Passive liveness check is a crucial part of identity verification. Unlike active liveness check, where the user is prompted to do some steps like follow a moving object on the screen or perform some movements with the head, passive detection does not give any indication to a user that they are being tested. Passive detection is therefore a more seamless way on how to detect a presentation attack. A passive check is also more difficult to spoof than an active check.
Passive liveness detection runs in the background, and the neural networks analyze the content of the biometric sample – a photo taken by a user such as light, shadows, the texture of the skin, and other significant factors. This process usually does not finish with an alert of sufficient liveness check or not, which will make it more immune against spoof attacks.
As in some types of use cases, a certain level of involvement of the user is required during the liveness check, so-called semi-passive liveness detection can be used. To enhance the security of the onboarding process while still maintaining the best possible user experience, semi-passive liveness prompts the user to perform a simple task such as smile.
Active liveness check is historically the originator of liveness detection. It is a way to verify whether the source of a biometric sample comes from a human or if it is a type of presentation attack. Liveness is being detected by prompting a user to perform a simple task like watching a moving object on a screen or performing some simple movement with one’s head.
The first active check consisted of a video where a user was prompted to show their ID or do some movements while recording themselves. Currently, the active liveness check lasts only a few seconds and there is no need to take a video. The technology behind it captures the movement of the pupils while following the subject, analyzing whether the action is a spoof attack or not.
There are multiple opinions on whether an active check is less accurate than a passive check. In general, by providing users with instructions, technology could be misused to defeat the liveness check.
Liveness detection is a process performed to detect a presentation attack. The technology verifies the source of a biometric sample and its critical features. It then decides whether it’s a live person or a spoof such as a silicon mask, a photo, video, etc.
The detection is performed by a person taking a selfie as a part of an identity verification process or digital onboarding. The detection usually takes only a few seconds, depending on whether it is being performed as an active liveness check or a passive liveness check. Passive liveness can take only 1 or 2 seconds, while active liveness check can take more time.