ALLPCB
How face recognition systems can be bypassed
Typical face recognition software follows a process similar to: face detection → liveness detection → face comparison (against a previously uploaded selfie or ID photo) → analyze comparison results → return result (pass or fail). Liveness detection usually requires the user to blink, nod, open their mouth, or perform other actions to prevent spoofing with static images. Many service providers obtain face recognition functionality through third-party PI APIs or SDK components. If the integration and usage process is analyzed, multiple attack points can be found across different stages, and modest effort can render face recognition ineffective.
Common methods to bypass face recognition include:
1. Injecting into the application to bypass liveness detection: An attacker injects code into the application, sets a breakpoint, repeatedly exercises the recognition flow to trigger the breakpoint, then analyzes and modifies stored values to bypass the liveness checks. A static photo can then pass the recognition process.
2. Video-based attacks to bypass liveness detection: A mobile app that animates a still photo into a short video can be used. By obtaining a frontal photo from social media or other public sources and feeding it to the app, the animated result can defeat liveness checks that rely on mouth movement or speech.
3. 3D modeling to bypass cloud-side detection: Using publicly available 3D modeling software and referencing facial features in a photo, an attacker can create a matching 3D model quickly. Face recognition software may report similarity scores as high as % and % for models produced this way, which can be sufficient to defeat typical systems.
4. Facial molds to bypass cloud-side detection: 3D-printed face models often use a single material and have uniform color, but with manual post-processing and painting, recognition success rates can be improved.
5. Exploiting poor API protection and design flaws: Some apps do not sign uploaded face images, allowing images to be intercepted and tampered with. Others omit timestamps in data packets, enabling replay attacks by resending previously captured packets.
Face recognition systems send digitally compressed video signals from front-end cameras over standard TCP/IP networks to a monitoring center for intelligent analysis. Analysis results are combined with video monitoring and alarm information for linked management and control, converting passive monitoring into active monitoring. IVS is thus an integrated technical platform combining machine vision, computer systems, software, networks, communications, control, and security prevention technologies.
Face recognition enrollment steps
How is face recognition implemented in practice?
1. Face detection: detect the face and capture face images, then filter information.
2. Face normalization: normalize face size and crop the facial region for analysis.
3. Face modeling: model local textures and features, covering 26 regions and more than 2,000 features.
4. Classification and comparison: compare the extracted face features with those stored in the database, with speeds up to 1,000,000 comparisons per second.
5. Face identity recognition complete.
