Replay Attack

A replay attack can be used to try and spoof a biometric authentication system. As with a presentation attack, the aim of a replay attack is for an imposter or criminal to pretend to be someone else online in order to gain access to their accounts or privileges.

However, whereas most presentation attacks typically use a single image or video of a person, a replay attack uses a recording of someone completing a previous authentication.

A replay attack can manifest as one of the following:

A presentation attack – when the recording is presented to the camera or other sensor using another device.
A digital injection attack – when the recording is injected into an application or network server connection, bypassing the sensor entirely.

Many liveness detection solutions can detect replay attacks that are presented to the camera. iProov’s Dynamic Liveness is unique in detecting replay attacks that have been digitally injected into a system.