April 26 2023
The world is digitizing at an incredible pace, and traditional authentication methods, such as one-time passcodes, are failing to keep organizations secure. As fraud technologies and methodologies grow in sophistication and scale, facial biometric verification has emerged as one of the most secure and convenient methods for organizations to verify user identity online.
However, organizations must understand that not all facial biometric technologies have kept up with the rapidly changing threat landscape. Not all are equal in the level of security, resilience, or adaptability to novel threats.
Deploying a facial biometric verification solution without having visibility over threats and how they evolve is like building a house without the right materials to withstand the elements. To be effective, solutions must be resilient to the ever-evolving threat landscape and utilize threat intelligence to ensure that they can provide the expected level of identity assurance.
Recently, iProov published an industry-first Biometric Threat Intelligence Report, in which threats to in-production biometric technology were analyzed across the last year. Download the threat report here for all insights and data.
For now, we’ll highlight one key discovery:
Surprisingly, digital injection attacks have dramatically increased and now occur five times more frequently than persistent presentation attacks across web browser verifications.
What is the difference between digital injection and presentation attacks?
Presentation attacks involve presenting an artifact – such as a printed photo, silicone mask, or deepfake video on a screen – to a cell phone or computer. Presentation attacks have a long history and are generally well-understood.
Digital injection attacks on the other hand are sophisticated, highly scalable, and replicable cyberattacks that bypass the camera on a device (or are injected into a data stream). They are far more scalable than presentation attacks and they do not require the manual creation of a physical artifact or any physical presentation. This scalability drives the higher frequency and danger of digital injection attacks.
Many biometric solutions are not equipped to defend against this threat type. In response to the ever-evolving threat of systemized and scalable attacks, security needs to be resilient and adaptive – rather than simply resistant to established and known spoofs.
Given the ever transformative nature of generative AI, and the scalability of digital injection attacks, it is imperative that biometric security be actively managed 24/7.
One key element in our security process is iProov Security Operations Center (iSOC) – the industry-first global threat intelligence and active threat management system. Through iSOC, iProov monitors traffic in real-time to detect attack patterns across multiple geographies, devices, and platforms.
This enables continuous monitoring and learning from attack sources, patterns, and methodologies, keeping our biometric systems one step ahead of the evolving threat landscape.
Having full visibility of threat development is crucial because once attack tools or methodologies are successful in breaching systems, they are often quickly shared – typically on the dark web or within Crime-as-a-Service networks – which means they can scale very quickly. You can read more about real-world examples of this in our LATAM Deepfakes Report.
If you do not have visibility of attack types, it makes it very difficult to prioritize which spoof types to mitigate against and doesn’t allow an understanding of how the attack behavior is changing. Visibility is crucial for long-term, dynamic defenses.
This ultimately helps to protect your users and your organization from future and as yet unknown threats.
Security systems also need to be able to implement fixes quickly in order to outpace threat actors and maintain ongoing protection.
That’s where cloud-based technology comes in:
Sophisticated threats, such as deepfakes, can often successfully emulate a person verifying themselves, which many liveness technologies cannot spot. Advanced verification methods are needed to secure against advanced threat types.
How does our one-time biometric technology work? The user’s device screen illuminates their face with an unpredictable sequence of colors. We analyze the reflections of that screen light from the user’s face. The way that the light reflects and interacts with the face tells us whether it is a real-life, three-dimensional human or not.
The sequence of colors that we see reflecting from the face must be the sequence that we told the device to flash. If it looks realistic, but the color sequence is wrong, we know we’re looking at a spoof.
Once used, it can’t be replayed by a person attempting to use a previous verification to spoof the system. It’s worthless if stolen because the sequence is unique and is obsolete as soon as it’s used. The process is exceedingly user-friendly and entirely passive.
Ultimately, because the threats are constantly evolving, it’s essential to understand the threat landscape and make decisions based on real-world, in-production intelligence. iProov employs the discussed technologies – iSOC, cloud-based verification, and one-time biometric technology, amongst others – to deliver the solution of choice for the world’s most security conscious organizations. You are secured and reassured, active threat management in place to defend against new and yet unknown threats.
To read more about the key attack technologies and methodologies witnessed by iSOC throughout 2022: download our report, ‘iProov Biometric Threat Intelligence”. It highlights previously unknown patterns of biometric attacks that can help organizations make more informed decisions on biometric technology selection. Read the full report here.