Facial Recognition Systems Fail Simple Liveness Detection Test

By: Brian Rhodes and Charles Rollet, Published on May 17, 2019

Facial recognition is being widely promoted as a solution to physical access control but we were able to simply spoof 3 systems because they had no liveness detection.

The image below is an example of how it works. If a person is in a facial recognition system, often you can trick the system by simply holding up a photo of that person.

IPVM Image

When the 'key' is your 'face', being able to use a photo of a face to copy the 'key' is a significant risk.

In this post, we explain:

  • What the problem is
  • How we were able to spoof them
  • Examples of providers who failed
  • What the risks are of using such systems
  • What methods are used to detect liveness

What The Problem Is

The issue is that many facial recognition systems lack liveness detection: they mistake photos of people for real people.

Photos of people are extremely easy to obtain - whether it is taking it off a person's social media profiles or from your phone's camera, getting a picture of most anyone's face is quite simple.

How It Is Done

The spoof is as simple as showing any kind of high-quality color photo of a person to the camera, whether it's on a printed piece of A4 paper or a selfie on a smartphone. See this WSJ video of a reporter entering a supposedly secure school by printing out a photo of the principal.

Get Notified of Video Surveillance Breaking News
Get Notified of Video Surveillance Breaking News

That WSJ report says the provider Real Networks had the liveness detection 'disabled' on that day but later turned it back on.

UPDATE: Mike Vance, Real Networks senior director, explained to IPVM that the gate's liveness detection function - which is based on someone smiling at the camera - was turned off "for about a week" because a speaker was being installed to let people know that they needed to smile to get in.

Examples

When IPVM visited Secutech Taipei this year, we asked to do liveness detection tests on all the providers offering access control with facial recognition. Three of the four we profiled failed. The only that did not was a company that specialized in liveness detection.

AiUnion: Fail At First Try

IPVM Image

Taiwanese company AiUnion markets itself as an “innovative and advanced AI deep learning” firm, developing its own facial recognition technology for virtually any use (smart city, law enforcement, commercial, etc). Despite this marketing, AiUnion's access control demo failed to prevent a basic selfie from being greenlit on the first try:

In response, we were told this was AiUnion’s “2D” camera - they claim the “3D” one would not have failed.

Shenzhen Sewo Science & Technology Company: Fail At First Try

This Chinese access control manufacturer/OEMer produces low-price barriers, turnstiles, and parking solutions, claiming to be a "Top 10" manufacturer in China. At Secutech, they touted a demo of a face rec pad for access control:

IPVM Image

As was the case with AIUnion, the demo was unable to pass a basic liveness detection test, with a simple selfie being greenlit:

We were told the device above cost about $600. The rep stated that for $680, a device that foiled liveness detection spoofs was available.

Geovision Declines To Test, States It Would Have Failed

IPVM Image

Despite being Taiwan's third largest manufacturers after Vivotek and Dynacolor, Geovision had a very small booth at Secutech, which promoted a demo of an access control device with face verification that a brochure touted as "a solid feature with future potential":

IPVM Image

When we asked Geovision if we could do a simple liveness detection test by seeing if a selfie would let us in, the rep quickly fessed up that the device had "no liveness detection" and did not allow us to test it. We were told the demo device was only a prototype and another, unspecified Geovision device could support liveness detection, although this device was not on display.

The Geovision rep went on to tell us the firm's facial recognition solutions generally had accuracy of 96 to 99.2% and that about 10% of Geovision's business is AI-related at this stage. Needless to say, accuracy percentages are irrelevant if a stranger can spoof your facial recognition by pulling up a photo on his phone.

LIPS: Only Success Case

IPVM Image

Taiwanese company LIPS positions itself as a "3D vision"-specialized company selling camera/software analytics solutions. At Secutech, they marketed software specifically aimed at foiling liveness detection fails. LIPS rep Rebecca Chang showed us that the technology did work to detect spoof attempts, unlike for Sewo, Geovision, and AiUnion:

IPVM tested it as well with a selfie, and the system worked again. The market price of one of LIPS’ access control cameras (the AC770) is $5,000, something Chang said would go down when they switch from Nvidia to Intel processors.

Test Yourself

We recommend you try this yourself for any facial recognition access control live demo to see how 'smart' the system is.

Face Rec Liveness Detection Methods

IR / depth mapping and machine learning methods are the two most common techniques to overcome this problem.

IR / Depth Mapping

Many face readers claiming 'liveness' employ more than a visible spectrum image for analyzing face images.

Commonly, face images are taken in the IR or other non-visible light spectrum and compiled into a '3D Depth Map' (see Apple's implementation) of points on a surface to verify an actual face is being viewed and not a 2D photo.

Machine Learning Methods

Facial Liveness detection can be achieved via a number of heuristic methods, with three of the more pragmatic examples being:

  • Mouth/Lip Movement: For liveness confirmation, users moving their mouth to breathe or speak 'proves' they are not a printed image.
  • Eye Movement: In the same way, human eyes are not stationary, and even subtle movements of eyes indicate subjects are live people and not images.
  • Blink Detection: Photo images do not blink, so visual confirmation faces/eyes are blinking is a common liveness test.

Like other aspects of computer vision, actual result varies depending on image quality and which algorithm is deployed.

Multi-modal Liveness

Similar to the concepts in Multi-Factor Authentication, combining multiple liveness detection methods into a face rec system increases the confidence interval of real faces, not images.

Poll / Vote

4 reports cite this report:

Euklis Presents AI Analytics on May 05, 2020
Euklis presented its AI facial recognition, LPR, and object recognition...
Facial Recognition 101 on Mar 18, 2020
Facial recognition interest, use and fear is increasing. This guide aims to...
Anyvision Facial Recognition Tested on Aug 21, 2019
Anyvision is aiming for $1 billion in revenue by 2022, backed by $74 million...
China Subway Facial Recognition System Examined on Jun 24, 2019
A China city of 6+ million people has installed facial recognition-enabled...
Comments (30) : Members only. Login. or Join.

Related Reports

Exacq "Facial Matching" Facial Recognition Tested on Sep 03, 2020
Exacq is claiming "Accurate Recall of Every Noteworthy Person of Interest"...
Faked Convergint Fever Camera 'Expert' Marketing on Jun 16, 2020
Convergint touts they are "THERMAL CAMERA SOLUTION EXPERTS" while faking...
Dahua, Hikvision, ZKTeco Face Mask Detection Shootout on Jun 19, 2020
Temperature tablets with face mask detection are one of the hottest trends in...
Gait Recognition Examined on Sep 14, 2020
Facial recognition faces increasing ethical and political criticisms while...
Keypads For Access Control Tutorial on Jul 28, 2020
Keypad readers present huge risks to even the best access systems. If...
Face Masks Increase Face Recognition Errors Says NIST on Aug 04, 2020
COVID-19 has led to widespread facemask use, which as IPVM testing has shown...
Herta Facial Recognition Plus Masks Tested on Aug 19, 2020
Masks increase face recognition errors, but facial recognition developer...
Don't Be Fooled By Hot Water Bottle Fever Camera Demos on Aug 24, 2020
Fever camera salesmen like to fool buyers (and themselves) with hot water...
Bias In Facial Recognition Varies By Country, NIST Report Shows on Jul 15, 2020
While many argue that face recognition is inherently racist, results from one...
Anixter Runs Fake Coronavirus Marketing Using Shutterstock Watermarked Images on Jul 24, 2020
Coronavirus faked marketing is regrettably commonplace right now but Anixter...
Facial Recognition 101 on Mar 18, 2020
Facial recognition interest, use and fear is increasing. This guide aims to...
Avigilon Face Mask Detection Tested on Jun 24, 2020
Face mask detection or, more specifically not wearing a face mask, is an...
Access Visitor Management Systems Guide on Jul 22, 2020
"Who are you, and why are you here?" Facilities that implement Visitor...
Hanwha Face Mask Detection Tested on Jul 01, 2020
Face mask detection or, more specifically lack-of-face-mask detection, is an...
Forced Door Alarms For Access Control Tutorial on Aug 17, 2020
One of the most important access control alarms is also often ignored....

Recent Reports

Hanwha AI Object Detection Tested on Sep 28, 2020
Hanwha has added detection and classification of people, cars, clothing...
Favorite Access Control Manufacturers 2020 on Sep 28, 2020
200+ Integrators told IPVM "What is your favorite access control management...
New Products Show Fall 2020 Starts Tomorrow! on Sep 27, 2020
Tomorrow, IPVM's sixth online show will feature New Products from over 25...
OnTech Smart Services Partners With Google and Amazon To Compete With Integrators on Sep 25, 2020
A pain point for many homeowners to use consumer security and surveillance is...
The Future of Metalens For Video Surveillance Cameras - MIT / UMass / Immervision on Sep 25, 2020
Panoramic cameras using 'fisheye' lens have become commonplace in video...
Hikvision Sues Over Brazilian Airport Loss on Sep 24, 2020
Hikvision was excluded from a Brazilian airport project because it is owned...
China General Chamber of Commerce Calls Out US Politics on Sep 24, 2020
While US-China relations are at an all-time low, optimism about relations...
Verkada Disruptive Embedded Live Help on Sep 24, 2020
Call up your integrator? Have someone come by the next day? Verkada is...
IP Networking Course Fall 2020 - Last Chance - Register Now on Sep 23, 2020
Today is the last chance to register for the only IP networking course...
Drain Wire For Access Control Reader Tutorial on Sep 23, 2020
An easy-to-miss cabling specification plays a key role in access control, yet...
Norway Council of Ethics Finds Hikvision Human Rights Abuses "Ongoing" on Sep 23, 2020
Hikvision's involvement in "serious human rights abuse" in Xinjiang is...
IPVM Camera Calculator User Manual / Guide on Sep 23, 2020
Learn how to use the IPVM Camera Calculator (updated for Version 3.1). The...
Installation Course Fall 2020 - Save $50 - Last Chance on Sep 22, 2020
This is a unique installation course in a market where little practical...
SimpliSafe Business Security Launched Examined on Sep 22, 2020
SimpliSafe has launched "SimpliSafe Business Security" that the company...
FLIR CEO: Many New Fever Entrants "Making Claims That The Science Just Won't Support" on Sep 22, 2020
FLIR's CEO joins a growing number calling out risks with fever / screening...