Could cloud liveness detection and facial biometrics make high security attractive?

A recently granted U.S. patent links facial recognition, liveness detection and cloud computing.

In June 2018, a secretive licensing startup called Brivas (Biometric Relative Identity Verified Authentication System) applied for its sixth patent related to liveness techniques.

In the application, the licensing company described how to move liveness detection off local, computationally constrained devices and onto the cloud, while also allowing access to data stored in a blockchain. The goal is to create a service that can perform more calculations faster, making richer authentication decisions in real time (or close to it), said Beau Parry, an inventor and co-founder of Brivas.

“This heightens the wall of challenges that a bad actor has to get through, and reduces (transactional) friction for the user,” Parry said in an interview with Biometric Update.

People can judge as much as they want, but the response times after typing a simple password on an ATM’s numerical keyboard can be too much of an imposition for even the most security-conscious people.

Liveness detection typically involves a challenge and a response by a person to confirm that the right person is physically in a view screen. Spoofers can use methods including photographs, video frames, masks or even three-dimension printed visages to fool facial-recognition security programs.

Someone standing before an ATM’s lens or almost any other kind of connected camera, for example, might be prompted to follow a moving pattern of dots on the screen with their eyes or to smile.

Parry said he has been working since 2011 on a way to push online identity assurance significantly further along, using liveness detection.

The home-grown system designs that his company licenses first authenticate a person using facial-recognition software. That person then is instructed to perform one of many seemingly random actions to prove that they are not a facsimile.

There are competitors, including some using passive liveness detection (in which liveness is verified without having the person move), but Parry feels fraud techniques are overrunning simpler products that must make decisions based on less information using smaller, local computers.

That is where Brivas’ patent comes in.

“We put the computational work on the server side,” he said.

What about deepfakes, the doctored videos that can convince the uninitiated that a recognizable person, like a celebrity, was taped doing and saying something that never happened?

“It would take a very, very robust system” to fool a good liveness detector. The video would have to react to random prompts in real time, Parry said.

And if such a criminal could pull that off, “there are all the micro-movements inherent in a living person’s face.” Eyes continuously dart and refocus, for instance.

A previous patent, according to Parry, addresses a way to secure all of this data being transported over the Internet.

Essentially, the local device would be sending garbled information to the cloud. The deciphering key would be the initial biometric signal — the face image.

If the image matches an authorized person, the data would be reconstructed and examined for liveness.

It is notable that Brivas (pronounced brih-VAHS) has no presence on the Internet.

“We took our Web page down a few years ago. It was just a business decision.”

Brivas partners mostly with a closely held list of financial companies, both helping them install Brivas liveness detection functions, and working through them to develop new clients, he said.

Parry said, “It will be two to three years before we’re mentioned in the Wall Street Journal.” In that he meant Brivas technology should be significant enough in the economy that secrecy will not be necessary or even possible.

It has taken longer for artificial intelligence and machine learning to mature, he said. And, of course, public sentiment toward those technologies and facial recognition continues a long climb toward being trusted.

Patent 10,565,362 is scheduled to be published by the USPTO on February 18, 2020.

Article Topics

authentication  |  biometric liveness detection  |  biometrics  |  BRIVAS  |  cloud computing  |  facial recognition  |  licensing  |  patents