Face authentication and the future of security
Apple’s iPhone X has given us a glimpse into the future of personal data security. By 2020 we’ll see billions of smart devices being used as mobile face authentication systems, albeit with varying degrees of security. The stuff of science fiction for years, face recognition will surpass other legacy biometric login solutions, such as fingerprint and iris scans, because of a new generation of AI-driven algorithms, says Kevin Alan Tussy, CEO of FaceTec.
The face recognition space had never received more attention than after the launch of Face ID, but with the internet now home to dozens of spoof videos fooling Face ID with twins, relatives and even olives for eyes, the expensive hardware solution has left many questioning if this is just another missed opportunity to replace passwords.
Face Recognition is a biometric method of identifying an authorised user by comparing the user’s face to the biometric data stored in the original enrolment. Once a positive match is made and the user’s liveness is confirmed the system grants account access.
A step up in security, Face Authentication (Identification + Liveness Detection), offers important and distinct security benefits: no PIN or password memorisation is required, there is no shared secret that can be stolen from a server, and the certainty the correct user is logging in is very high.
Apple’s embrace of Face ID has elevated face recognition into the public consciousness, and when compared to mobile fingerprint recognition, face recognition is far superior in terms of accuracy. According to Apple, their new face scanning technology is 20-times more secure than the fingerprint recognition currently used in the iPhone 8 (Touch ID) and Samsung S8. Using your face to unlock your phone is, of course, a great step forward, but is that all a face biometric can do? Not by a long shot.
While the goal of every new biometric has been to replace passwords, none have succeeded because most rely on special hardware that lacks liveness detection. Liveness detection, the key attribute of Authentication, verifies the correct user is actually present and alive at the time of login.
True 3D face authentication requires: identity verification plus depth sensing plus liveness detection. This means photos or videos cannot spoof the system, nor animated images like those created by CrazyTalk; and even 3D representations of a user like projections on foam heads, custom masks, and wax figures are rebuffed.
With the average price of a smartphone hovering around £150 (€170.58), expensive hardware-based solutions, no matter how good they get, won’t ever see widespread adoption. For a face authentication solution to be universally adopted it must be a 100% software solution that runs on the billions of devices with standard cameras that are already in use, and it must be be more secure than current legacy options (like fingerprint and 2D face).
A software solution like ZoOm from FaceTec can be quickly and easily integrated into nearly any app on just about any existing smart device. ZoOm can be deployed to millions of mobile users literally overnight, and provides the highest levels of security due to its industry-leading liveness detection.
While many today simply view Face Recognition as a quick way to unlock a phone, the future of Face Authentication is much more far-reaching. It is estimated that by 2020 more than half of the world’s population will use their mobile device as their primary form of ID, and to access their personal information.
With the explosion of mobile devices, the growing security needs for banking, cryptocurrencies, access to personal insurance and healthcare information, and expanding government applications, face authentication stands ready to provide unparalleled levels of security and usability.
The author of this blog is Kevin Alan Tussy, CEO of FaceTec.