BT/ Liveness detection is coming to Apple, and gesture recognition on Google devices

Paradigm

Follow

Published in

Paradigm

26 min readDec 19, 2022

--

Biometrics biweekly vol. 54, 5th December — 19th December

TL;DR

Intellectual property protection claims by Apple for liveness detection with fingerprints or face biometrics have been published by the U.S. Patent and Trademark Office
Gesture recognition lives on for Google devices. The Soli radar sensor found in Google’s Pixel 4 smartphone before fading from the product line is working much more effectively in the Nest Hub
Hyundai unveils gesture-controlled door handle for automotive applications
Beta for the Google mobile driver’s license app is out
Facebook Dating uses Yoti age estimation to keep out minors
Jumio and Keyless partner to use selfie biometrics for passwordless authentication
Id3 biometric liveness detection startup Face-Alive emerges with planned CES appearance
ID R&D demystifies biometric PAD terminology with a new paper to help educate customers, public
Tech5 extends AirSnap face biometrics to webcams
Biometric PAD developed by ITL, upgraded by ROC, tested by Israeli govt lab
New biometric platform from Panini features dual fingerprint scanner certified by the FBI
SiLC Technologies unveils new vision system for robotics, autonomous vehicles, cameras
BIO-key brings its identity-bound biometrics to US govt integrator
EU pilot funded to test biometric payments from digital wallets
Secret Double Octopus release addresses phishing with passwordless MFA
Aircuve adds fingerprint biometric capabilities for 2FA plays
Privacy-preserving HR data-sharing tools developed by TrustBuilder, launched by Indicio
NEC, Alcatraz AI deliver new facial recognition solutions for more efficient access control
Callsign, Illuma unveil partnerships, SecureAuth rolls out authentication framework
Onfido research shows ID documents’ targeted as Experian certified, OCR Labs partners
Face biometrics from Veridas, CyberLink applied to events, banking
Aircuve adds fingerprint biometric capabilities for 2FA plays
Vert One integrates Smart Engines mobile ID document scanning and detection
Blockchain pushes healthcare digital ID applications further in India, South Korea
Sri Lanka to begin procuring digital ID equipment from India with Indian money
ID cards face delays in the Philippines, launched in Kenya, use encouraged in Vietnam
Lessons from Aadhaar for digital ID architecture, financing shared by Nilekani and ID4Africa
Mandatory SIM-ID link fever spreads as Namibia unveils registration dates
Australia launches myGov digital identity mobile app, ‘at long last’
Half of Brazilians now using mobile ID, and biometrics use up
Cayman Islands pass digital ID and ID card bills, Jamaica begins ‘zero-fail’ pilot
Japanese researchers say they have registered for the United States patent on using electrocardiogram waveforms as a biometric identifier, but at almost the same time, a South Korea-U.S. research team is warning that “incautious” ECG system design can leak personal data.
A small academic and corporate team of researchers say they have created a way to preserve the biometric privacy of people whose faces are posted on social media.
Biometric industry events. And more!

Biometrics Market

The Biometric system market size is projected to grow from USD 36.6 billion in 2020 to USD 68.6 billion by 2025; it is estimated to grow at a CAGR of 13.4% during the forecast period. Increasing use of biometrics in consumer electronic devices for authentication and identification purposes, the growing need for surveillance and security with the heightened threat of terrorist attacks, and the surging adoption of biometric technology in automotive applications are the major factors propelling the growth of the biometric system market.

Biometric Research & Development

Latest Research:

A proposal for responsible deepfakes

A small academic and corporate team of researchers say they have created a way to preserve the biometric privacy of people whose faces are posted on social media.

And while that innovation is worthy of examination, so are a couple of phrases that the team has developed for their facial anonymization: “a responsible use for deepfakes by design” and “My Face, My Choice.”

For most people, deepfakes exist because humans like to be fooled. For the rest, they exist to dominate a future when objective proof or truth no longer exists.

Two scientists from the State University of New York, Binghamton, and another from Intel Labs say in a peer-reviewed paper that they recognize the identity and privacy dangers posed by face image scrapers like Clearview AI that harvest billions of faces for their own purposes and without permission.

The answer, they say, is qualitatively dissimilar deepfakes. That is, using deepfake algorithms to alter faces just enough that the faces cannot be facially recognized by software. The result is a facial image in a group photo that is true enough to the original (and free of AI weirdness) that anyone familiar with a person would quickly accept it as representative.

The researchers also have proposed metrics for doing this under which a deepfake (though, again, still recognizable by many humans) is randomly generated with a guaranteed dissimilarity.

Picture it as a subtle mask that can be added as a default by software and eliminated by actions people take to do so.

Masks can be removed by tagging people. Or masking rules can be applied by the owners of faces. Finer-grained rules can be imposed, too, revealing all faces to bona fide friends, family faces to family and such.

The technique demonstrates responsible deepfake design, according to the team. In fact, it succeeded in flummoxing facial recognition algorithms.

The researchers noted that there are limits to what software can do in making deepfakes. Some pose differences between target and source images still cause problems and facial recognition algorithms can still just not see a face. And then there are the compute and storage issues involved with undertaking this task among large groups of friends.

Patent registered for heart rhythms as biometric ID; researchers work on security

Japanese researchers say they have registered for a United States patent on using electrocardiogram waveforms as a biometric identifier, but at almost the same time, a South Korea-U.S. research team is warning that “incautious” ECG system design can leak personal data.

The Korean and U.S. scientists have written a paper explaining an ECG authentication method that they say preserves privacy.

Patent registration is the first of many steps inventors take to protect their intellectual property. A patent award, if one is made, occurs many months or years after registration.

Simplex Quantum has completed its patent registration (11,500,975 B2) to protect a way to accurately authenticate a person’s electrocardiogram biometrics. Simplex Quantum worked with the Public University Corp. of the University of Aizu.

(The company raised 550 million yen (US$4 million) in a series A round December 5. Simplex Holdings, Technology Ventures №5 and Itochu Corp. made the investment.)

Simplex Quantum previously had registered a U.S. patent for an algorithm that spotted the heart-failure stage using ECG waveforms.

This fall, the journal Security and Communication Networks published work by scientists from Korea University; the University of California, Berkeley; and Kwangwoon University noting security vulnerabilities in using the data for authentication and proposing a solution.

They propose using a genetic algorithm that classifies points of privacy sensitivity — suggesting age, gender and heart disease — and other ECG-related points that are not privacy-sensitive. The latter, according to the paper, can be used with “high accuracy” without divulging identifiers.

You can’t say ear recognition has not gotten a fair hearing

Biometrics researchers at the University of Georgia are making the latest pitch that ears can do more than hold up glasses and masks. Previous research dates back at least to the middle of the last century.

In a research report, the team says they can authenticate people by their ears up to 99 percent of the time.

Image Quality Assessment for Effective Ear Recognition

Due to the recent challenges in access control, surveillance and security, there is an increased need for efficient…

ieeexplore.ieee.org

“Ear recognition is just another exciting modality that we need to start talking more about due to its benefits, despite the understandable challenges of self-capturing an ear image,” according to Thirimachos Bourlai, an associate professor at the school’s College of Engineering. He was quoted in a school marketing publication.

New facial recognition technology scans your ear

Ear recognition may be more convenient if you're masking In the post-COVID world of face coverings and heightened…

news.uga.edu

Ear images in the lab were saved on a mobile device the same as face and fingerprint biometrics.

The scientists ran tests of their code, getting the best result — 99 percent accuracy — using the DenseNet deep CNN model.

The researchers argue that ear biometrics advantages include being passive, contactless, non-intrusive, and expressionless.

Apple filed for a patent this year on a biometric anti-eavesdropper app for its AirPods. The company realized that anyone could spot AirPods lying around, linked to an Apple device, and push the devices into their own ear canals to hear private information.

The patent document describes how a presumably unheard signal would be sent out of each headphone to bounce around the owner’s unique biometric ear-canal print.

Amazon was awarded a U.S. patent in 2015 for ear recognition that scans the user’s ear to unlock the device when holding it up to the ear to answer a call.

Main News:

Liveness detection may be coming to Apple

Intellectual property protection claims by Apple for liveness detection with fingerprints or face biometrics have been published by the U.S. Patent and Trademark Office and spotted by Patently Apple.

The published patent filing for ‘Digital, Identification Credential User Interfaces’ describes presentation attack detection as part of a digital ID check. Interfaces are depicted which suggest applications based on checks against mobile driver’s licenses to bind the device-holder to a government-issued ID with biometrics.

Applications suggested by the filing include an age check at a liquor store, an identity check at a pharmacy, and a travel security check by the Transportation Security Administration (TSA).

The liveness check is presented as part of the criteria for approving the addition of a digital identification credential to an iPhone or other Apple device.

“Thus, devices are provided with faster, more efficient methods and interfaces for enrolling, managing, and using digital credentials, thereby increasing the effectiveness, efficiency, and user satisfaction with such devices,” the inventors write. “Such methods and interfaces may complement or replace other methods for enrolling, managing, and using digital credentials.”

Gesture recognition lives on for Google devices

The Soli radar sensor found in Google’s Pixel 4 smartphone before fading from the product line is working much more effectively in the Nest Hub, Android Police reports.

The gesture recognition was not effective enough in the Pixel 4 to be continued in other Pixel phones, or even supported worldwide with the Pixel 4.

The Soli sensor is too expensive to be implemented in recent phones, according to the report, but also provides presence detection for the Nest Thermostat.

Google’s Advanced Technology And Projects (ATAP) has further plans for the Soli sensor, according to the report, which may include the Pixel Tablet planned for launch next year.

Support for passkeys is now available in Chrome Stable M108, meanwhile. In a Chromium Blog post, the passwordless account sign-in feature and how to use it are described, and described as a “major milestone.”

Introducing passkeys in Chrome

We announced in October that passkey support was available in Chrome Canary. Today, we are pleased to announce that…

blog.chromium.org

Beta for Google mobile driver’s license app is out

A beta test of Google’s wallet app supporting some mobile U.S. driver’s licenses is out.

The beta was announced by Google’s support unit, but the idea was teased at least as far back as November 2017, when Digital ID vendor Yoti put a license app on Google’s Play marketplace.

In 2019, mobility software news publication XDA said plans for Google’s Identity Credential APIs became public.

Now, according to trade publication Phone Arena, a beta program has been launched, although it is not known which states are participating. States including Wyoming, Maryland, Idaho and Colorado and the District of Columbia have been exploring the idea since at least March 2019. Each of them was at the time working with digital security company Gemalto.

Google Wallet to roll out ID and Driver's License support in selected states

Google's quest to transform Wallet into a one-app solution for personal identification is moving another step forward…

www.phonearena.com

The update is part of Play services version 48.22. The wallet app has been integrated with Fitbit Versa 4 and Sense 2 devices at the same time, according to Phone Arena.

The publication has pointed out a hitch in the new feature. There are security implications of having to open a phone to show a license in the wallet. The same is true, however, if a license can be seen by just picking up a phone.

In May, according to XDA, Google executives said their Pay app would be the wallet app outside the United States, Singapore and India.

Hyundai unveils gesture-controlled door handle for automotive applications

Automotive manufacturer Hyundai has showcased a new gesture-controlled door handle at its Open Innovation Lounge event in Seattle.

Developed in collaboration with gesture recognition and nanotechnology startup Somalytics, the SomaControl Door Handle prototype features a new type of capacitive sensor made of carbon nanotube-infused paper.

The component can reportedly ‘perceive’ human presence at up to 200 millimeters, and the companies said it could substantially improve customer experiences with products through more natural and intuitive human-machine interactions.

“Our team was honored to be invited to participate with Hyundai in the development of this exciting prototype for future gesture control door handles,” comments Somalytics CEO Barbara Barclay.
“The possibilities of our sensor technology are limitless for automotive as well as other industries and applications.”

From a technical standpoint, Somalytics sensors are more sensitive, smaller, require less power, and cost less to manufacture than some traditional sensor technologies. They can reportedly be embedded in a wide range of materials, ranging in size from 1 to 11 millimeters and are as thin as human hair.

“It’s incredibly exciting to see the potential for this amazing breakthrough technology come to life in these kinds of demonstrations, and we look forward to future collaboration opportunities with Hyundai,” Barclay concludes.

Somalytics first released its sensors earlier this year. The company is also currently working on eye tracking and wearable projects.

They come amidst a flurry of new biometric technologies being used for automotive applications throughout 2022.

Facebook Dating uses Yoti age estimation to keep out minors

Facebook Dating becomes the latest product from Meta to use Yoti’s facial analysis technology for age estimation to restrict the service to adults. As with the integration of Yoti in other Meta products, roll out begins for Facebook Dating users in the U.S.

Meanwhile, its use on Instagram has prevented 96 percent of teenagers attempting to edit their date of birth to make them over 18. Yet in Yoti’s home country, the Children’s Commissioner has found that only 8 percent of parents would choose the scanning of their child’s face for age assurance.

Potential daters will have the option to upload ID instead of going through Yoti’s selfie analysis. The need for age verification is triggered by Meta’s own age detection technologies which will require a selfie or upload if there is concern the user is under aged. This will not be a blanket requirement.

Facebook Dating, which is app only, is the first dating site in the U.S. to use Yoti’s face age estimation technology, according to the UK-based company.

Instagram in the U.S. was the first Meta product to use Yoti, in certain circumstances such as attempting to change one’s age from under to over 18. Vouching by other users was also initially available. Since its Instagram pilot in June, Yoti’s face analysis has rolled out in Brazil, India and the UK.

Yoti claims that 81 percent of Instagram users presented with their menu of age verification options chose to use Yoti’s video selfie.

“Enabling young people to thrive and be safe online is of the utmost importance. So, we’re delighted to continue our work with Meta to create age appropriate experiences, this time on Facebook Dating,” comments Julie Dawson, Yoti Chief Policy & Regulatory Officer.
“Daters can have greater confidence in who they are meeting online, and most importantly, young people will be better protected from accessing inappropriate content and experiences.”

Erica Finkle, Meta Director of Data Governance says:

“Our age assurance tests show that our tools are working to help keep young people within age-appropriate experiences, and we’re proud to partner with Yoti to provide people with simple to use options that respect their privacy.”

New analysis of surveys in the spring shows a lack of enthusiasm for face scanning of children among parents. The UK’s Children’s Commissioner, Dame Rachel de Souza, noted in a recent post that:

“Among parents who were in favour of having a minimum age for social media use, and ranked the six provided options of age assurance methods, 31 percent chose asking a parent to enter their child’s age as their preferred method, 23 percent chose ID checks of children, 17 percent chose asking the child to enter their own age at sign up, 14 percent chose estimating the child’s age based on their social media activity, 8 percent chose scanning their child’s face, and 6 percent chose asking their child to complete a puzzle.”

EU pilot funded to test biometric payments from digital wallets

The European Commission has announced that it will fund a multi-national and multi-company consortium as part of a larger pilot project involving an ambitious regional digital wallet program.

Many European Union leaders have wanted to see created an ID wallet, particularly one that transacts payments. The pilot — one of four — is due to launch in March.

The consortium will be led by NOBID, also known as the Nordic-Baltic eID Project. Funding will come from the EU Commission’s Digital Europa Programme.

Technology players in the project include Thales and iProov.

iProov CEO Andrew Bud says in a company announcement that the project will prove that Verifiable Credentials and biometrics can address emerging challenges in payments.

Nations participating in the consortium will be representatives and business leaders from Norway, Latvia, Denmark, Germany, Iceland, Italy and Latvia.

Financial companies, including banks, in Germany, Norway, Denmark, Italy and Iceland will part of the effort. But members will be from seemingly far afield. Latvia State Radio and Television will participate, for example.

This pilot and the other three will work with the European Digital Identity Wallet, integrating into national electronic ID programs in the EU.

NOBID has a running start on this project. It is already part of the Nordic Council of Ministers’ effort to harmonize digital IDs in eight Nordic and Baltic nations. Others in the pilot will build on NOBID’s infrastructure.

Jumio and Keyless partner to use selfie biometrics for passwordless authentication

Jumio and Keyless are partnering to help financial institutions fight account takeover fraud with passwordless authentication and biometric identity proofing.

The partnership enables customer enrollment for biometric authentication with a selfie, and the same selfie to be used by Keyless to replace OTPs for authentication.

Account takeovers made up over half of all fraudulent transactions in 2020.

“With the explosion of digital payments, it’s becoming increasingly difficult for financial institutions to be assured that a transaction or payment is being authorized by a genuine account holder instead of a bad actor — our partnership with Jumio aims to change this for good,” comments Keyless Co-founder and Chief Operating Officer Fabian Eberle.

The use of the same selfie biometrics enhances authentications with a high assurance level, with Keyless further increasing assurance through device verification checks. This use of a second factor provides compliance to the PSD2-SCA standard.

Eberle says the partnership allows financial institutions to strengthen identity assurance across the entire authentication lifecycle, including payment authorization and account recovery, without adding complexity or risk exposure.

“With our new partnership, Keyless and Jumio are tearing down the barriers between authentication and identity, strengthening assurance tenfold and making account takeover attacks futile for bad actors, who can no longer exploit compromised credentials, phone numbers and other personal information to commit account takeover fraud,” says Stan de Boisset, VP of Global Partners at Jumio.

The addition of Keyless’ privacy-preserving technology does not require banks to gather informed consent from customers to use their data, and helps with regulatory compliance.

Biometric PAD developed by ITL, upgraded by ROC, tested by Israeli govt lab

Innovative Technology has upgraded its full portfolio of biometrics products with presentation attack detection capabilities to protect against fraud attempts.

The new single-image passive liveness detection technology was developed in-house by ITL, using a training dataset with millions of images.

“Using multiple parameters to analyse the full scene, we can determine a genuine subject or conversely identify potential fraudulent activity,” says ITL Product Manager Andrew O’Brien. “The same frame used for facial analysis is also used for spoof detection, resulting in minimal processing. By not having a separate dedicated method for spoof detection, fraudsters have no information on how the technique operates, making it more secure. Many organisations use a third party to supply their spoof detection technology, for an additional fee, but our products have this included. With only a single USB camera and no additional hardware, our solutions give accurate and reliable results in real-time.”

ITL will supply its anti-spoofing technology as a standard feature with no additional cost to customers.

“Facial analysis has a huge opportunity in bringing positive benefits to businesses in various vertical sectors and with our low-cost edge devices our customers have world class accuracy in performance, complete control on costings and now added confidence and security in relation to attempts to defraud the system,” O’Brien adds.

ROC upgrades solution for image quality checks, real-time analytics and broader implementation

The latest release of Rank One Computing’s face biometrics and analysis software development kit upgrades its capabilities with new analytics, image quality validation and presentation attack detection features.

The new Facial LiveScan version 2.0 includes real-time facial analytics, compliance checks against ISO and ICAO standards for image quality, and spoof attack detection based on ISO standards.

Facial LiveScan 2.0 is a native Android app or no-code browser-based solution. ROC recommends it to developers building solutions for ID proofing, passenger kiosks, ID card credentialing, and biometric time and attendance tracking.

The ROC Analytics framework has been overhauled to enable real-time measurement of dozens of facial analytics, according to the company announcement. This is also where the ISO and ICAO standards for secure government-issued document verification, travel processes, and enterprise KYC requirements.

ROC says its patented single-frame passive liveness detection method achieves spoof detection accuracy of up to 99 percent. The company recently passed ISO/IEC PAD testing by iBeta.

INCD tests mobile face biometrics for KYC

The National Biometrics Laboratory of Israel (INCD) ‘s National Cyber Directorate has tested the performance of mobile eKYC (Electronic Know Your Customer) applications for governmental and financial use in particular.

Reportedly the largest of its kind in Israel, the test was conducted in November 2022. It examined the precision and error rates of different biometric recognition tools alongside their presentation attack detection (PAD) capabilities.

Roughly 200 individuals reportedly participated in the trial using different smartphone models, and several deceptive measures were tested, including 2D and 3D masks and make-up modifications.

INCD said the research results would be compiled and shared with the government to inform the creation of guidelines regarding best practices of secure identification and authentication processes for online services.

The news comes days after Israel’s state comptroller claimed the country’s defense forces are vulnerable to identity theft targeting biometric information.

ID R&D demystifies biometric PAD terminology with new paper to help educate customers, public

As presentation attack detection becomes more well-known as an important element in any biometric system being used for fraud prevention or security, ID R&D has published a backgrounder to help customers and implementers understand how the performance of this technology is measured.

Like accuracy in biometric systems, the effectiveness of presentation attack detection is sometimes misunderstood, and presented for instance as a single percentage expressing ‘when it works.’

ID R&D’s white paper introduces the concepts of attack presentation classification error rate (APCER) and bona fide presentation classification error rate (BPCER), and how they are used.

‘Presentation Attach Detection: Measuring Performance with APCER and BPCER’ is available for free download with registration. It draws an analogy to error measurements for biometric algorithms; false match rate and false non-match rate (FMR and FNMR), as well as false acceptance rate and false rejection rate (FAR and FRR).

“They are similar, but there are reasons why we have three sets of error rates,” the document explains.

Sections on statistical hypothesis testing and error rates in biometrics are followed by one specifically on error rates in presentation attacks. The concept of DET (“detection error tradeoff”) curves is introduced, and a glossary provided to help readers follow the technical points made.

ID R&D offers PAD for voice and face biometric modalities, both through ‘passive’ checks, which the company argued for in a previous white paper.

SiLC Technologies unveils new vision system for robotics, autonomous vehicles, cameras

Vision sensor startup SiLC Technologies has announced the launch of a new vision system featuring high resolution and precision alongside long-range and polarization information reading capabilities.

Called Eyeonic, the solution brings the firm’s photonics technology to one of the industry’s first available turnkey vision solutions. Its goal is to reduce time to market for manufacturers looking at incorporating machine vision into their products.

According to SiLC, the new solution delivers the highest levels of vision perception to identify and avoid objects with very low latency, even at distances greater than 1 kilometer.

From a technical standpoint, the Eyeonic Vision System relies on SiLC’s fully integrated silicon photonics chip. The component features roughly ten milli-degrees of angular resolution matched with mm-level precision.

Thanks to these specifications, the sensor can measure the shape and distance of objects with high precision at substantial distances and reportedly provide more than ten times the definition and accuracy of legacy LiDAR offerings.

The Eyeonic Vision System also enables the synchronization of multiple vision sensors for unlimited points/second and supports multiple scanner options.

“Our goal is to change the status quo for machine vision,” comments SiLC CEO Mehdi Asghari. “When bringing vision to machines, the criticality of ranging precision, direct monitoring of motion through instantaneous velocity, spatial resolution for recognition of fine features and polarization for material detection cannot be understated.”

The company confirmed it will showcase the Eyeonic Vision System capabilities next month at CES 2023 in Las Vegas, but Asghari says the device is already available for shipping worldwide.

“At CES, we’re showing the industry’s most powerful system, and it is shipping to strategic customers,” the CEO adds. “SiLC is poised to accelerate time to market for leaders in the machine vision arena looking to bring unparalleled vision to their applications in the future.”

New biometric platform from Panini features dual fingerprint scanner certified by the FBI

Global payments processing tech provider Panini is moving deeper into the biometrics space with the launch of BioCred, a new integrated authentication, security and payments platform.

At Future Branches, a three-day fintech conference in Austin, Texas, Panini showcased the BioCred hub’s extensive features, which include fingerprint biometrics, QR code and NFC scanning, and e-wallet payment capabilities.

“Panini is now broadening its scope to include secure identity, and ready to open up to new industries and applications, as well as new, exciting partnerships and opportunities,” said Massimo Biffi, the Strategy and Business Development Director for Panini. Biffi was sanguine about the platform’s potential. “BioCred represents a new beginning as well as an innovative and ingenious proposal to a growing, attractive market,” he said, “in which we will stand side by side with technology giants.”

In a similar play for connectivity that many governments are pursuing, Panini’s patented biometric authentication process will generate a unique, encrypted credential for users who sign up for the platform. Control of this ID will remain with the customer.

The company’s fingerprint scanner for authenticating payment transactions was certified by the Federal Bureau of Investigation (FBI) in March 2022. The scanner is a single and dual-finger plainscan (flat) biometric capture device that can capture one or two fingers simultaneously, to reduce the chance of sequencing mistakes.

Future Branches also put the spotlight on Panini’s latest range of intelligent scanners, the EverneXt, which builds on their patented EvereXt check capture solution for banks.

Panini has made strides in the digital ID authentication space since it entered the sector in 2019.

“Our company is positioned to address a growing market opportunity with innovative applications,” said Pierpaolo Bubbio, R&D director of Panini, last March. “So we are working closely with certification bodies, making sure we do things the right way from the very start.”