SensibleVision: The Cure for the Common Spoof (or Why Liveness Detection is Really Dead)

SensibleVision: The Cure for the Common Spoof (or Why Liveness Detection is Really Dead)

Hackers have been exploiting PINs and passwords for years to smash their way into apps and devices. Recently they’ve come up with ways to get past fingerprints and face recognition. The reality is that hackers will eventually find a way to break any security measure. Fortunately, SensibleVision has created a novel approach to protect computers and mobile devices: combine face recognition with other authentication tools.

The hack of Samsung’s Galaxy S8 is just the most recent example of what is known as spoofing, but the history of this problem includes many interesting and even surprisingly laughable examples. A security firm was able to break into Apple’s Touch ID system with a piece of Play-Doh. Researchers at NYU fooled a smartphone using fingerprints that were assembled digitally using a set of commonly found features. And my favorite - security researcher Tsutomu Matsumoto fooled a fingerprint sensor with a gummy bear.

People want to use face recognition and biometrics because they can be simpler. They have every right to expect strong security. SensibleVision uses a patented process of simultaneous face recognition and Multi-Factor Authentication (MFA) that relies on a range of elements to establish and reconfirm identity quickly - often without the direct involvement of the user. 

Here is how it works:

  • First, you take a picture of your face. Easy.

  • Then you capture other pieces of simple to use identifying data. You can select a shape, make a gesture, create a voice print, drag your finger over a sensor, log how you hold your phone, register your current location using GPS.

  • In order to securely access your device or app, you simply look at it while at the same time providing the other piece of identifying data. It all happens in about a second. Yeah - it’s really fast.

Multi-Factor Authentication isn’t new, but it’s never been effectively and conveniently tied to simultaneous face recognition until now. It’s been very time consuming, unwieldy for end users, and problematic for device manufacturers - but we’ve cracked that nut.

Certainly, one of the main reasons we’re not all using our faces to access our devices is that face authentication security hasn’t been at the level where it needs to be.

But the capability exists today to deliver quick, simple, extremely fast, and secure face recognition-enabled authentication. We don’t support the use of gummy bears at this time, but stay tuned.

Learn more about our solution at sensiblevision.com

(image: CarbonNYC [in SF!] "Identity Thief as Paris" CC BY 2.0 https://creativecommons.org/licenses/by/2.0/ )