Face Recognition For Operator Authentication (Keylemon)

As described here in Operator Using Generic Logons For VMS Access, the problem of multiple operators sharing client workstations presents a number of problems.

Allowing operators to share a single ID has obvious downsides regarding accountability and permissions, but logging in and out can be tedious.

More importantly, nothing prevents one operator from intentionally leaving this session open for another to use, so compliance needs to actively monitored.

But I came across this product called keylemon which uses the webcam to login a user based on face recognition. The basic version is free and let's you create face/login associations.

It took about 3 minutes to register several volunteers and test it out, and it worked without problem for the very limited testing I did. Rejecting unknowns or recognizing known faces in under a second or two without fail.

Moreover it can actively monitor who is sitting in front of the screen and log out if it is not the person who should be there.

Even if you don't have a room full of live operators, imagine how high-tech your proposed VMS will seem to a prospect in a demo. Surely you client will appreciate not having to remember another password.

If IPVM has any bandwidth and thinks there is a need I would suggest they test it out.


Thanks for sharing that. That's clever and interesting.

In general, I think this type of approach would work well. You are dealing with a small number of people and the people are looking right at the camera.

However, I tried to enroll but when I got to the blink test, it repeatedly declared 'authenticated but no sign of life detected.' Could be a lighting issue, could be my glasses...

One logistical concern is that many surveillance operators are using monitors connected to desktop PCs, which would require adding a webcam. Not a huge issue but not as simple as laptops and phones were cameras are already built in.

Are you imagining that a VMS would integrate with this and provide it as a built-in feature/option?

However, I tried to enroll but when I got to the blink test, it repeatedly declared 'authenticated but no sign of life detected.'

It does not work unless you believe...

From my experience, the USB card reader will be better for the described task.

How so?

How does the HID card reader ensure that the person sitting in front of the computer is the person logged in?

What are your primary concerns with using FR in this way?

For someone with a background in FR, I can't imagine why he would not be for FR in this application as one of the demonstrably few scenarios where I think it actually has some merit - today.

This example of a use-case-specific application for FR is far better advertising for the technology than any CSI-we-wish-it-could-do-this-now-and-will-certainly-be-able-to-soon-so-watch-out apologist dogma...

U2

So, what? You mean that I have to be crazy and promote usage of FR in any case? I wrote that for the described task it does not make sense.

No comments on the CSI-bla-bla. Try to read my posts with attention. And if you have to say something on it I am open for the discussion but I would like to talk with the real person. What is the reason to hide your name in this case?

Posting Undisclosed is simply an option that this site makes available. You can like it or not.

As to your comment to me - No, I mean that most of the comments I've seen from you tout the technology and you make repeated claims of 'just wait' and 'people would be foolish to ignore' type of comments about what FR will be able to do sometime in the near future.

So when I see an application where I think that FR could be useful in controlling the issue that the OP listed - today - I was simply curious as to why someone with the posting history you have would be discounting the use of FR for this scenario.

And you didn't say it did not make sense for the described task - you stated what you consider a better solution (with nothing added as to why your solution was better).

I see your comments in response to UD1's inquiry regarding your reasoning as to why your solution is better than what UD1 mentions, and I will continue reading any responses to this string.

As far as you liking whether I post Undisclosed or not, I really don't care.

U1

A control room is usually not a public place and if operator will have to use the same card to enter and to exit the control room then he won't be able to leave the work station open. Thus it solves the task, less intrusive and more reliable. Plus I do not think that you really need in this case to verify the operator all the time (I assume we are not talking about the Pentagon).

There are issues of using facial recognition in a such kind of case:

  • Liveness detection will constantly be challenging operators and they will be frustrated to get these messages (omg, I need to blink again etc.) and in general people do not like to be watched all the time even by computer program. It is just unreasonable for your case.
  • Operator won't be able to leave work station - it will be locked. It is possible to manage the delay but using a card it is immediate and an operator can move freely within a control room.
  • Imagine situation when an external person will need for example to see some footage. It means that the operator will have to be in a view of camera to unlock the station and I do not know how this software will react on the several faces in the field of view.

I can continue but for your case I believe there are better ways to achieve your goals other than FR. Smart cards is one of them, most obvious.

Liveness detection will constantly be challenging operators and they will be frustrated to get these messages (omg, I need to blink again etc.)

Liveness detection is variable sensitivity, including 1 blink or no blink, depending on the needs. In my tests, face logging in was at least 2x as fast as typing, similar to swiping.

Operator won't be able to leave work station - it will be locked

Right, If the operator has left the field of view for more than X seconds it will lock. This is desirable.

[Smart Cards] solves the task, less intrusive and more reliable.

Adding an EAC when one does not exist solves the task but adds significant expense agreed? And if every screen was guaranteed to be manned or off, perhaps some rooms would not need 'swipe on exit' level access control.

Is it more reliable?, possibly, this is my biggest concern Face Rec is (to me) unproven and manufacturers claims often fall far short of reality. Good point!

...and in general people do not like to be watched all the time even by computer

Ignoring the obvious irony of the surveillance operator being bothered by surveillance, a computer literate operator would likely understand the difference between live sensing and recording. Personally, I would prefer liveness monitoring not having to have a fob to swipe on EXIT.

Anyway, do you think control rooms are never monitored themselves?

And the newest cell phones have gaze detection already.

Imagine situation when an external person will need for example to see some footage. It means that the operator will have to be in a view of camera to unlock the station and I do not know how this software will react on the several faces in the field of view

Insightful! I don't know either, but I can imagine either the software detects another face or doesn't. If it does, and it's unknown or unauthorized it could warn the operator someone is snooping. A simple gesture from the operator could allow it. I don't know if it does this now, but it would be a great feature.

It is just unreasonable for your case.

U1

Liveness detection is variable sensitivity, including 1 blink or no blink, depending on the needs. In my tests, face logging in was at least 2x as fast as typing, similar to swiping.

I do not know how this solution works thus cannot comment on it. But if it verifies an operator all the time (with some interval, when the face was lost etc.) and each time checks whether it deals with a real object - it can be an issue.

Right, If the operator has left the field of view for more than X seconds it will lock. This is desirable.

If your operators do something with the workstations then it is possible to achieve the same result with the software that will track user activity and lock the WS after the predefined period of time.

Adding an EAC when one does not exist solves the task but adds significant expense agreed?

Not sure that it will be more expensive.

And if every screen was guaranteed to be manned or off, perhaps some rooms would not need 'swipe on exit' level access control.

Do not you have valuable equipment and data there? Otherwise what is the point to secure access to workstations?

Is it more reliable?, possibly, this is my biggest concern Face Rec is (to me) unproven and manufacturers claims often fall far short of reality

It is the same as for any other product. Just be sure tha you use the right tool for the right task and it will be fine.

Ignoring the obvious irony of the surveillance operator being bothered by surveillance, a computer literate operator would likely understand the difference between live sensing and recording. Personally, I would prefer liveness monitoring not having to have a fob to swipe on EXIT.

It can sound funny but I base my comment on the similar projects' user reviews. People find it uncomfortable to sit in front of working camera even they know (but do not believe) that nobody watches them.

And the newest cell phones have gaze detection already.

Fun and work are not the same thing.

In fact, if you see that it fits with your needs and requirements then just use it. Nobody knows your situation better than you.

If your operators do something with the workstations then it is possible to achieve the same result with the software that will track user activity and lock the WS after the predefined period of time.

I would imagine a large percentage of operators are only passively observing a large percentage of the time.

Do not you have valuable equipment and data there?

One doesn't need EAC to lock a door.

Otherwise what is the point to secure access to workstations?

As described in the link in the OP, Operator Using Generic Logons For VMS Access the concern was with accountability of operators. Knowing that a PTZ was inappropriately zoomed by "admin" is insufficient. Aside from disciplinary uses, its easier for communication and investigation when the actual operator id is tied to the VMS log. So you know to ask Joe what he might have remembered about X or why Y was done.

People find it uncomfortable to sit in front of working camera even they know (but do not believe) that nobody watches them.

Those people may feel more comfortable in a job outside of the electronic surveillance industry.

In fact, if you see that it fits with your needs and requirements then just use it.

Thanks, I might. But since it don't run a control room currently, I was advancing it as a solution for the industry at-large, and it should be evaluated by that more stringent measure.

One thing that comes to mind since you are actually in the FR business: perhaps you know of these guys or some aspect of their work that you find suspect, but would rather not state explicitly.

U1

One thing that comes to mind since you are actually in the FR business: perhaps you know of these guys or some aspect of their work that you find suspect, but would rather not state explicitly.

I do not know them. There are many companies that have there own FR engines and much more that license it from somebody and create products.

I was advancing it as a solution for the industry at-large, and it should be evaluated by that more stringent measure.

It can be used for this purpose but the biggest advantage of facial recognition, ability to work on a distance, is also a weakness. Let me illustrate my point with video

It is just the simplest example and it is not difficult to record a video with the operator and then substitute the stream from the web camera. Of course, it is possible to detect and prevent these falsifications but it is not easy. Sometimes it can be justified sometimes cannot, depends on the project.

And I can say that for the purpose of accountability it can be easier to record and store frames with the face of operator once in 5 min for example. Or it can be in the event of operator's activity. Ex. an operator changes position of PTZ camera -> the system captures his face and stores it. Advanced logging.

That is a good point about the ability to game the FR for system access.

Maybe a biometric is really the only way to guarantee that credentials match the user?

U2

Maybe a biometric is really the only way to guarantee that credentials match the user?

Sometimes it can be biometrics, sometimes combined systems. Depends on the situation.

It is just the simplest example and it is not difficult to record a video with the operator and then substitute the stream from the web camera.

though it's a little more tricky to hold your tablet up to the screen and try to actually do something with the computer the whole time. Advice, try to disable keylemon quickly, if you have the privileges and hope it's not boobytrapped.

Of course, it is possible to detect and prevent these falsifications but it is not easy. Sometimes it can be justified sometimes cannot, depends on the project.

It's $29.00 one time fee. Challenge response. Speaker detection as well. Follow the dot.

And I can say that for the purpose of accountability it can be easier to record and store frames with the face of operator once in 5 min for example.

Is there any particular reason my operators object to live automated detection, yet your operators are ok with snapshots being saved (and possibly shared with staff) every 5 minutes?

"Hey, does anybody know if is this the new 3rd shift guy or is that just you Joe on a bad hair day?"

U1

I do not want to spend a lot of time on the unknown product and just used it to illustrate the weakness of facial recognition for the access control in general. As I said there are ways to prevent such kind of things but it is not easy and it is not always convenient.

$29 is the reason to choose something? You can find free open source products on the market or you can force operators to record their attendance somehow and charge them hugely for any mistake or misrepresentation.

Is there any particular reason my operators object to live automated detection, yet your operators are ok with snapshots being saved (and possibly shared with staff) every 5 minutes?

"Hey, does anybody know if is this the new 3rd shift guy or is that just you Joe on a bad hair day?"

I have no operators. You have mentioned accountability as an issue - this was just an option and "..." is an attendance control task.

We are way too deep into the discussion and I think that it does not make sense to go further. Personally I do not see facial recognition as a generic, stand alone logical access control solution. It is used and in some cases it is the only way but as the solution with the constant verification for the industry at-large, do not know, looks complex.

$29 is the reason to choose something?

Is $29 the reason NOT to choose something?

I think that it does not make sense to go further.

Agreed. Though going back might make sense, I said

As described here in Operator Using Generic Logons For VMS Access, the problem of multiple operators sharing client workstations presents a number of problems. ...I would suggest they test it out.

You said

It is just unreasonable for your case.

If you're ok with that statement, then we can we can leave it at that.

Agreed. Though going back might make sense, I said

As described here in Operator Using Generic Logons For VMS Access, the problem of multiple operators sharing client workstations presents a number of problems. ...I would suggest they test it out.

You said

It is just unreasonable for your case.

If you're ok with that statement, then we can we can leave it at that.

This task can be solved with almost any biometric modality or type of credentials. In general, I see neither any special advantage of FR in this case nor need in a constant ongoing biometric verification (that can produce more problems than advantages).

Konstantin, really? Did you read the discussion?

I see neither any special advantage of FR in this case.

Face facts:

Your solution to the problem of sharing user accounts and people not logging out was to install a multi-thousand dollar access control system and require everyone to swipe on entry, at their pc and on exit.

Yes/No?

This task can be solved with almost any biometric modality or type of credentials. In general, I see neither any special advantage of FR in this case nor need in a constant ongoing biometric verification (that can produce more problems than advantages).

I need urgently sign a sales rep with some access control vendor. I feel like I am selling something to you.

If you want it cheap and efficient then this task can be solved with such simple thing as user accounts and passwords. The mentioned issue of operators who used the root credentials is an administrative issue. And if they do not like it then let me quote you:

Those people may feel more comfortable in a job outside of the electronic surveillance industry.

But if you do not want to deal with accounts and passwords (otherwise why do you need FR) then it is obvious to use cards/fobs to switch from "Know something" to "Have something". HID on a picture is just because it was easier to find relevant image.

You can find above, in my posts, reasons why I think that facial recognition, especially with an option of constant verification, is not a good choice. And BTW, I know nothing about this company and maybe they have the best solution but if you will try to contact current leaders in the FR development area I am sure you will change your opinion on what can be expensive.

And FR is not something for the future only if you try to think about something else other than preventing terrorist attacks.

Or authentication.

Funny, you would prefer to hear "Yes, it is a great idea!" and find that there are some drawbacks after you would spend some efforts?

FR is good enough for the authentication. I was a part of such kind projects and now I work with a partner on a project that includes more than 100K access points and identification (not verification) on the more than 150K employee list. And it is reasonable to use FR for that project because of the customer conditions and requirements.

Your idea to use FR for the auto-authentication and constant verification of operator is not something new and it is complex, more complex than just authentication. I doubt that right now it is reasonable to use it for the described issue when you can simply force employees to follow instructions or often can use already exist access control system.

Maybe you just wanted to promote this company? Anyway, good luck with the implementation.

Maybe you just wanted to promote this company?

Maybe you just don't like other companies?