Can Facial Recognition Anti-Spoofing Technology Be Easily Breached?
< All Articles

Can Facial Recognition Anti-Spoofing Technology Be Easily Breached?


Biometric recognition is a common occurrence in our daily lives now, with smartphones being unlocked through fingerprint or facial recognition. This feature conveniently ensures that only the rightful owner can access the device, but how secure is it really? A personal smartphone is one thing, but what about commercial use of biometric recognition for something like building access control?

Movies and television often portray scenes of people breaking into highly secure systems by means such as copying fingerprints with tape from a glass cup to bypass fingerprint recognition, using state-of-the-art 3D masks to impersonate someone, or even employing ultra-precise fake eyes to defeat iris recognition scanners.

While real-life situations most likely are not nearly as dramatic as in Hollywood, the reality is there are people with bad intentions that do attempt to bypass biometric recognition systems. Something as simple as using a sleeping partner’s fingerprint to unlock their phone is disturbing enough. The act of attempting to deceive or replicate biometric recognition is referred to as “spoofing”, or “attacks” in terms of information security. Unlike passwords that can easily be changed if leaked and tampered with, biometric traits are directly related to an individual and not easily altered. Therefore, effective measures must be implemented in biometric recognition systems to prevent spoofing and attacks.

Comparison of Various Biometric Modalities

Biometric recognition refers to the use of unique physiological characteristics to identify individuals. Since each person's physiological features are distinct, no two individuals are exactly alike, making biometric recognition a reliable identification method.

Common features used for biometric recognition, include facial patterns, fingerprints, a person’s iris, vein patterns, and voiceprints.

Different biometric modalities have their own advantages and disadvantages, making them suitable for varying application scenarios.

Biometric Recognition
Biological Property
Hardware Cost
Contacting Equipment
Number of Recognized Persons
Multiple persons
Single person
Single person
Single person
Single person
Recognition Distance
Recognition Speed
Counterfeit Risk
Other Concerns
  • Recognition accuracy would be affected in low lighting conditions
  • Eyes need to be very close to the device
  • Unavailable when wearing gloves
  • High registration difficulty
  • High failure rate for recognition
  • Unavailable when wearing gloves
  • Voice is easily changed by physical condition, age, mood, etc.
  • High dependent on quiet environment

For instance, iris, fingerprint, and vein recognition require close proximity or active contact with the device, while remaining still for a certain period of time to successfully authenticate. These methods are also limited to the authentication of one person at a time, and when wearing gloves, fingerprint and vein recognition become impractical.

On the other hand, facial recognition boasts the advantages of "zero contact," simultaneous recognition of multiple individuals, and a greater recognition distance. It only requires a standard camera sensor and appropriate software, making it the most widely applicable biometric modality. It is for these reasons that CyberLink focuses on providing FaceMe®, an AI facial recognition technology with high accuracy and fast recognition speed, along with a comprehensive set of anti-spoofing solutions.

Potential Spoofing Attacks on Facial Recognition

 Spoofing attack using a mask printed with a human face photo

Every authentication method is susceptible to attacks, with varying levels of difficulty in forging and varying risks of theft. In theory, biometric recognition systems can be compromised.

Therefore, to provide a more secure biometric recognition system, effective defense mechanisms against "spoofing attacks" must be employed, creating a robust, secure, and powerful biometric recognition system.

The most basic and common forms of cracking facial recognition is through a Photo Attack. This involves attempting to deceive the camera by using a printed photograph of a person's face to replace the real face during facial recognition.

In situations where there are people on guard or during security checks, attempting to use a printed photo to bypass facial recognition is highly suspicious, making Photo Attacks almost impossible to succeed. However, in unattended environments like unmanned stores, self-service kiosks, or mobile applications, Photo Attacks become a low-cost and easily executable method of attack.

Photo Attacks can also evolve into more sophisticated forms, such as using stereoscopic photos printed to the actual size of a real face, displaying high-resolution photos, or even utilizing dynamic videos. Advanced spoofing attacks can employ precision 3D masks or models made using costly and technically challenging 3D printing techniques.

FaceMe® Anti-Spoofing Techniques for Facial Recognition

While facial recognition can achieve very high recognition accuracy, it cannot determine whether the collected facial features come from a real person or a photo, video, or 3D model. These potential high-risk spoofing attacks pose significant challenges to facial recognition, particularly in financial transaction scenarios that require identity verification. Ensuring the security and reliability of using facial recognition for identity verification has become a major concern in the development of commercial facial recognition applications.

To address deliberate spoofing attacks, facial recognition systems must implement a reliable "liveness detection" solution to verify that the captured facial features come from a real person.

There are various methods for liveness detection, and the choice of method depends on specific application requirements and constraints. This includes the type of camera, whether human-machine interaction is necessary, ambient lighting conditions, recognition speed, and overall implementation cost.

According to the type of camera used, FaceMe® provides three liveness detection methods:

  • 2D Anti-Spoofing: This technique can be achieved using standard RGB cameras, such as webcams, IP cameras, and smartphone cameras
  • 3D Anti-Spoofing: This method requires 3D sensors capable of capturing both RGB and depth images, such as structured light, binocular, and Time-of-Flight (ToF) sensors.
  • IR+RGB Anti-Spoofing: This technique combines IR (infrared) and RGB cameras.

Using Regular Cameras for 2D Anti-Spoofing

The major advantage of using 2D Anti-Spoofing is that it does not require specialized equipment, as even low-cost webcams commonly found on smartphones or tablets can be used as input devices for facial recognition.

2D Anti-Spoofing employs AI algorithms to determine whether the input from the camera is from a real person or a manipulated image. While it is cost-effective, it is also more vulnerable to attacks. To enhance the system's anti-spoofing reliability, users may be asked to perform specific actions in situations where the algorithm cannot determine the authenticity. These (multifactor) actions might include reading text, nodding, or shaking the head randomly, allowing only genuine users to pass the authentication process.

2D Anti-Spoofing finds widespread application in digital identity verification processes like "eKYC" (Electronic Know Your Customer) used in the financial and insurance industry. By integrating facial recognition with 2D Anti-Spoofing in their services, financial institutions can allow customers to easily use their smartphone cameras for verification. Not only does this process compare the user's face with the photo in their official documents for identity verification, but it also verifies if the user is genuinely present during the application process using 2D Anti-Spoofing.

However, some users might have experienced difficulties verifying their identity despite multiple attempts in various financial service applications that use eKYC. This is due to the varying accuracy of anti-spoofing features offered by different eKYC providers. Many eKYC providers increase the threshold for anti-spoofing to ensure security, leading to a higher likelihood of false accepts, making it difficult for legitimate users to proceed. Hence, anti-spoofing technology must be both fast and accurate to ensure a convenient and secure user experience.

FaceMe® eKYC offers a variety of service modules for digital finance. Visit the page now to learn more information!

Overall, 2D Anti-Spoofing is a cost-effective solution that only requires regular smartphones or webcam-equipped personal computers. Whether for eKYC customer verification in the finance and insurance industries, or as a multi-factor authentication tool, the wide usability and low cost are its significant advantages.

However, 2D Anti-Spoofing does have some limitations. Apart from being relatively susceptible to attacks, it may provide a less user-friendly experience. In situations with insufficient lighting or unstable camera conditions, determining authenticity might be challenging, requiring the user to perform specific actions to assist in the process. Moreover, to prevent fraudulent attempts, only one person can be authenticated in front of the camera at a time, which might lead to a slower user experience.

FaceMe® offers the best 2D Anti-Spoofing technique that ensures security, speed, and user experience. Its flexible liveness detection module supports various hardware and operating systems, enabling seamless integration into existing applications, whether they are apps or browsers.

Using Depth Cameras for 3D Anti-Spoofing

FaceMe® also provides 3D Anti-Spoofing using specialized depth cameras, such as structured light, binocular stereo, Time-of-Flight (ToF), and the FaceID camera on iPhones.

These 3D cameras can simultaneously capture RGB images and 3D depth maps. By combining the 2D information containing facial features with the 3D information representing the depth, facial recognition and anti-spoofing judgments can be made in real-time.

The significant advantage of 3D Anti-Spoofing is that it does not require specific actions for confirmation, and it can accurately recognize multiple individuals simultaneously. However, the recognition distance and range of 3D Anti-Spoofing are limited by the type of camera, and AI algorithm development is needed for each 3D camera. Additionally, the hardware cost of 3D cameras is higher, and the overall software development time and cost are also high.

In selecting 3D Anti-Spoofing technology, the hardware design phase must consider the distance between users and the device to achieve the best user experience and facial recognition efficiency. For example, in self-service kiosks operated through touch-screen interfaces, the distance and angle between users and 3D cameras are limited by the kiosk's size, and the camera's specifications must match the relative position of the user and the device.

Another example is facial recognition access control systems for walk-through scenarios. When users pass through the access control system, as they are not expected to stop, the distance becomes difficult to control, and the difficulty of facial recognition and anti-spoofing increases. Conversely, if users are willing to briefly pause at a fixed position during passage, it becomes feasible to achieve both facial recognition and anti-spoofing judgments.

Using IR+RGB Cameras for Anti-Spoofing

Apart from 3D cameras, FaceMe® also supports anti-spoofing using IR+RGB cameras.

IR+RGB cameras can capture both RGB and IR images simultaneously. The infrared sensing principle uses the reflection of infrared light by objects, and its imaging result can be used for AI machine learning to quickly eliminate non-liveness detections, achieving real-time Presentation Attack Detection (PAD) without the need for specific actions. Additionally, IR+RGB cameras have the advantage of being compact, less complex, and cost-effective.

Comparatively, many facial recognition vendors prefer the advantages offered by IR+RGB cameras over cameras equipped with 3D sensors. For instance, IR+RGB cameras are commonly used in general access control and attendance systems.

Can Facial Recognition Anti-Spoofing be Easily Cracked?

So, how easily can facial recognition be cracked?

As you might have concluded by now, facial recognition without anti-spoofing capabilities can be easily compromised. In practice, using facial recognition without anti-spoofing is suitable only in situations where security concerns are minimal, such as recognizing visitors or providing convenience in cases where user identities are already verified. For example, situations with security personnel at access points, automatic doors in public spaces, or open meeting rooms for visitors might not require anti-spoofing. In attendance applications, if images of personnel entering and exiting are recorded, any fraudulent behavior can be easily traced, making anti-spoofing unnecessary.

On the other hand, high-security access control areas or unattended self-service payment terminals would benefit from anti-spoofing functionality. In such cases, if liveness detection anti-spoofing is not in use, other multi-factor authentication methods (MFA), such as facial recognition combined with a PIN code, or facial recognition combined with One-Time Password (OTP), can achieve similar effects.

The liveness detection anti-spoofing functionality can significantly enhance the security of facial recognition. However, the decision to adopt a specific solution should be based on practical application scenarios, hardware costs, usability, security levels, and other considerations.

FaceMe® Facial Recognition Anti-Spoofing Accuracy

Enhance facial recognition security by anti-spoofing technology

How can we evaluate the accuracy of facial recognition anti-spoofing technology?

To verify the effectiveness of anti-spoofing features, rigorous independent testing is required. Presentation Attack Detection (PAD) testing includes examining different presentation attacks in different forms, such as printed photos, digital photos, digital videos, and flexible silicon face masks. FaceMe®’s anti-spoofing excelled under multiple trusted, independent test reports.


iBeta's Presentation Attack Detection (PAD) testing is based on ISO/IEC 30107-3 standards, providing a globally recognized benchmark for facial recognition anti-spoofing technology and results that are highly trusted in the market.

The certification standards of ISO/IEC 30107-3 are based on simulating real attack scenarios. Level 1 certification requires a 0% Attack Presentation Classification Error Rate (APCER) when attacked with 2D photos and videos for Presentation Attack Detection (PAD). Level 2 certification requires the attack success rate to be below 1% when attacked with 3D printed masks, resin masks, latex masks, etc.

In iBeta's PAD testing, FaceMe®'s liveness detection algorithm achieved a 0% attack success rate for both Level 1 and Level 2. This indicates that FaceMe® can effectively prevent any form of 2D and 3D spoofing. Additionally, FaceMe®'s Genuine Presentation Classification Error Rate (BPCER) is only 1.5% on iOS devices, and 2.5% on Android devices. This means that when the test subject is a real person, FaceMe® achieves a 98.5% successful recognition rate on iOS devices, and a 97.5% successful recognition rate on Android devices.

•NIST (National Institute of Standards and Technology)

NIST’s Face Analysis Technology Evaluation (FATE) tests the processing and analysis of a facial image (what is in the image). The NIST.IR.8491 report tested 82 different PAD algorithms and separated their findings into two categories: convenience and security.

Under convenience, the True Acceptance Rate (TAR) is fixed to 99% and sorted by True Rejection Rate (TRR). In NIST’s FATE PAD video convenience category FaceMe® ranked first, based on three different video tests in which FaceMe® achieved 100% True Rejection Rate, correctly stopping 100% of presentation attacks, when the True Acceptance Rate was set to 99%.

With high accuracy, fast recognition speed, and the highest level of anti-spoofing technology, FaceMe® by CyberLink is undoubtedly one of the best facial recognition solutions on the market. FaceMe® offers highly accurate facial recognition and anti-spoofing functionality in various fields, including security, access control, and finance. This provides customers and system integration partners with a fast, reliable, accurate, and flexible facial recognition solution.

Like what you read? Subscribe to the FaceMe® newsletter to get the latest face recognition trend articles and events.

FaceMe®: CyberLink’s Complete Facial Recognition Solution

Our Sales Team
Contact the FaceMe Team