SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers

Story image

AI succeeds where humans fail to identify biometrics spoofs

Humans have far greater difficulty identifying images of biometric spoofing attacks compared to computers performing the same task, according to research released today by ID R-D, a provider of AI-based voice and face biometrics and liveness detection technologies.

The new research report, Human or Machine: AI Proves Best at Spotting Biometric Attacks, finds that computers are more adept than people at accurately and quickly determining whether a photo is of an actual, live person versus a presentation attack.

Fraudsters attempt to imitate real customers during processes such as creating a new bank account or logging into an existing account.

Liveness detection instantly validates whether a photo, taken in real time, is of a live person. The study tested humans and machines by presenting them with the most common spoofing techniques: printed photos, videos, digital images, and 2D or 3D masks.

Computers were more accurate than humans in tests of all five types of images, scoring 0% error rates across all 175,000 images and all types of attack.

Humans had a far lower degree of accuracy for every type of spoofing technique, including misidentifying 30% of photo prints, one of the easiest attack types for fraudsters to execute.

Even when a group of 17 people voted on the images, resulting in a more accurate outcome than an individual person, their majority decisions were never better than the computer's performance of the same task.

Computers were also almost 10 times quicker to recognise a photo of a live person or a spoof. On average, it took humans 4.8 seconds per image to determine liveness, whereas computers running on a single CPU took less than 0.5 seconds per image to determine liveness.

These latest technology advances support the rapid rise in facial recognition for identity verification and authentication, the researchers state.

This performance is strong evidence for organisations in financial services and other industries staking trust in automation. The ability to use AI facial liveness technology to detect fraud saves time and enables human resources to focus on more complex fraud, says ID R-D.

However, despite the strong performance of computers at spotting spoofs, fraud detection must not compromise the experience of genuine customers.

Many facial liveness systems on the market are good at keeping fraudsters out, but in the process, a significant number of genuine people are also caught in the net.

In this study, the AI system erroneously classified just 1% of genuine faces as spoofs. Humans, on the other hand, misclassified 18% of genuine faces as spoofs, confirming that passive facial liveness detection is also better than humans at keeping genuine customers out of the fraud net.

ID R-D CEO Alexey Khitrov says, “The results are undeniable. Biometric technology used for identity verification has evolved in recent years to increase speed and accuracy, now significantly outperforming the human eye.

"Organisations can achieve tremendous efficiencies by using identity verification systems that include a biometric component. However, there is still work to be done and we are excited to see biometrics helping to build consumer trust.

© 2022 Techday, All rights reserved. Hosted on Plan B's Cloud Services. DMARC protection by PowerDMARC.