MyFace®, Yoti’s proprietary passive liveness software, has been declared as fully compliant with ISO/IEC 30107-03. The confirmation came after the product successfully passed a presentation attack detection (PAD) iBeta Level 2 audit with zero attacks getting through, reported Biometric Update.
“We’re very proud that our proprietary liveness technology MyFace has achieved iBeta ISO PAD Level 2,” said Paco Garcia, CTO at Yoti. “It’s a huge achievement for the team, and this milestone demonstrates our commitment to delivering very high standards of security solutions.”
Liveness Check Is Critical for Dodging Spoofing Attacks
With the increasing use of various authentication systems, including biometrics, the risk of “spoofing” attacks is climbing.
As a result, businesses need to invest in robust technologies as part of a mix of tools to protect users against spoofing attacks while also ensuring a fast verification process.
As part of the digital ID verification/authentication process, liveness uses motion detection, biometric faceprint add, and face-matching algorithms to affirm that a person is who they claim to be.
Commonly used with other authentication factors, MyFace® locks out bad actors so they cannot spoof real users.
Unlike facial recognition, liveness does not identify a person by checking their face against records stored in a database. Rather, it’s designed to ensure that the person being verified is a real human.
And unlike active liveness, passive liveness ensures a frictionless user experience and accelerated customer verification process leading to a reduced drop-off rate.
MyFace®: Yoti’s Proprietary Passive Liveness Technology
Built on passive liveness technology, Yoti MyFace® uses a selfie image to catch presentation attacks, requiring no action from the user to prove their “liveness” (like head or hand movements).
Upon capturing the selfie, the software evaluates whether the face is of a live, real human. It does so by processing the selfie of the user through a series of deep neural networks.
MyFace® ensures a highly accurate and reliable user liveness check by measuring performance in terms of success rates, true positives, false positives, and completion times.
By enabling immediate feedback, ease of use, and ease of access, Yoti’s passive liveness significantly boosts success rates.
“Businesses around the world can use our passive liveness and world-leading facial age estimation to keep their customers safe online,” says Yoti CEO Robin Tombs.
“Naturally, being Yoti, we have tested MyFace® for bias, and the model displays very low bias across age, gender, and skin tone.”
MyFace® Achieving iBeta NIST Level 2
Since passing NIST Level 1 with a 100% attack detection rate in February 2022, Yoti has been upgrading its technology to achieve Level 2 certification.
Achieving level 1 certification requires a liveness solution to track down each attack and limit false negatives to less than 15%.
Nine-hundred attacks were simulated to test Yoti’s proposed MyFace® which showed zero false positives.
On the other hand, ISO/IEC 30107-3 Level 2 involves testing liveness systems against more sophisticated and specialised attacks such as deepfakes, 3D-printed artefacts, or resin or latex face masks.
To achieve NIST Level 2 certification, a liveness service must detect 99% of attacks while restricting false negatives to below 15%.
In February 2023, MyFace® passed the presentation attack detection (PAD) iBeta Level 2 audit with a perfect 100% attack detection rate.
It means that MyFace® can restrict kids from accessing online content using latex masks of adults while also blocking bot attacks.