Android Question Identity verification

[yaqoob]

Hello Everyone

I have a question about identity verification. We are using the CameraEx example. The application uses face recognition to compare a stored image in the database and a selfy photo taken from the B4A application using the user's mobile to verify his identity.

How do we ensure that the photo sent is the user's live photo of himself at that moment and that it is not a photo preprinted for someone else?

Your reply is appreciated, and thank you.

 

[emexes]

That is a good question.

Knowing nothing about it, my first thought was: how to distinguish between 2d (printed) and 3d (real) faces? Perhaps take the photo from two different distances, and make sure that the size proportions change for features at different "depths". As in the usual selfie problem of: the closer the camera is, the larger the nose looks relative to the rest of the face.

But before coding based on that random idea, I'd be hitting Google pretty hard to find out how other people have handled the issue.

 

[emexes]

Another idea is to have the user poke their tongue out, or wink left and right, or some kind of movement that's easy to do but hard to print.

Probably needs to be done with a video camera, though, otherwise the scammer could show multiple photos one after the other without the computer "seeing" that there is more than just the eyes moving.

And then that movement verification would be hacked by holding up a tablet displaying a moving "photo" of the target doing the required movement.

How about requiring the user to have their phone with them, with Bluetooth active? Although... presumably it's possible to spoof Bluetooth device id number too.

?

 

[emexes]

"Two to make it true" made me laugh.

 

[yaqoob]

Wawoo, is this true?