馃攳
Deepfake Spoofing & Liveness Detection | BioID Biometrics Presentation @CODE2021 | Deepfakes Attack - YouTube
Channel: unknown
[4]
So thank you for the introduction and also the聽
presentations we heard before as Dr Wolf said,聽聽
[10]
i'm coming from or we are coming from a different聽
perspective, because we are a solution provider聽聽
[15]
in the field of identity verification and so I聽
will be speaking about the use case and also the聽聽
[21]
challenges concerning liveness detection and聽
deep fakes if it comes to a remote identity聽聽
[27]
verification. So to begin with i think we already聽
know everyone sees it and we've also heard it聽聽
[35]
today, that digital identity verification is on聽
the rise on the one hand this has been a trend聽聽
[40]
since globalization and due to globalization but聽
of course Covid-19 has actually increased the聽聽
[48]
remote verification necessity by a large scale.聽
I'm just thinking about one of our customers who聽聽
[56]
provides identity verification to the British聽
government and they used to have a solution聽聽
[62]
for more than one and a half years but then聽
last year during the first lockdown they had聽聽
[67]
to scale up their service enormously, because聽
all the branches and for the British government聽聽
[73]
services were closed, so everything had to move聽
online and I think we see that all over the world聽聽
[78]
and especially in Europe. I think remote identity聽
verifications have risen enormously and now we see聽聽
[87]
a diversified market as not only we have聽
the video ident services with video agents聽聽
[95]
verifying identities remotely but also automated聽
systems and this is also where BioID comes from聽聽
[102]
and this is the reason I will be focussing on聽
automated systems today, but all the things I聽聽
[108]
will be saying are also applicable to analyzing聽
videos and video agent services of course.
[118]
For an automated identity verification of course聽
you need to perform a few steps. One of them is to聽聽
[124]
make sure that the idea is authentic, we've heard聽
that in the first presentation as well, it could聽聽
[129]
be manipulated the picture could be manipulated聽
or the ID could be stolen. So sometimes Interpol聽聽
[136]
databases have to be checked and things like that聽
so a user trying to verify their identity auto or聽聽
[142]
remotely they would be asked to take a picture of聽
their ID so that it can be analyzed by algorithms.聽聽
[149]
The second step is that it has to be made聽
sure that this ID actually belongs to the聽聽
[154]
person who submits it and for that biometric聽
face matching is performed. So we need a very聽聽
[161]
accurate mechanism to make sure the ID picture is聽
the same as the person looking into the camera.聽聽
[168]
Which brings us to the third step for remote聽
identity verification, that is liveness detection.聽聽
[175]
It's also called presentation attack detection and聽
it means that we need to be sure that the images聽聽
[181]
are actually derived from a live person and聽
not from some type of spoof and then if all聽聽
[186]
those three checks were successful, we can聽
say that verification has taken place and聽聽
[191]
we have trusted credentials,. But of course聽
the question comes up what about security,聽聽
[198]
because there are different steps as I said聽
that can all be manipulated, so there need to be聽聽
[203]
security mechanisms making sure for instance the聽
holographic is genuine and the ID is not stolen.聽聽
[211]
That the face is really matching the one on the聽
ID and as I said that no spoofing is taking place.
[219]
So this brings me to the main topic of the聽
presentation, which is liveness detection.聽聽
[224]
What does liveness detection have to do in the聽
use case scenario that we are now speaking of,聽聽
[230]
which is remote identity verification. First it聽
has to reliably detect life versus fake input,聽聽
[237]
but it also has to do that in real time and聽
easy to use and also hardware independently聽聽
[244]
because if we think of the British聽
government or the British citizens,聽聽
[248]
we never know which kind of device they use,聽
in which scenario they are, we don't know聽聽
[253]
if the old lady maybe doesn't have so much聽
experience with doing things like that. So we need聽聽
[259]
to be able or the algorithm needs to be able to聽
use any device, any camera, any lighting and still聽聽
[265]
be very reliable with its decision for whether聽
or not the images were coming from a live person
[276]
So which spoofing attacks need to be addressed?聽
Of course we heard some today already and saw some聽聽
[283]
pictures. 2D photos and things like image swapping聽
with 2D pictures need to be detected. Also 2D cut聽聽
[291]
outs, like I have one here for instance. I think聽
you can see that the eyes are open. So spoofing聽聽
[299]
with things like these masks need to be rejected聽
of course. Then on the other hand, we also have聽聽
[305]
3D attacks, so different types of 3D masks,聽
wax heads and sculptures and things like that,聽聽
[312]
but also a very big challenge are 3D paper聽
masks and I thought i'd bring you this one.
[321]
Of course we have a lab here and we manufacture聽
spoofing attempts to make sure our system is able聽聽
[327]
to cope with them and yeah, so this is one of the聽
more sophisticated 3D paper masks and you can see,聽聽
[335]
it kind of looks like Trump, I would say and聽
also it has some skin close texture and it's聽聽
[342]
three-dimensional, so things like that have聽
to be addressed and also have to be detected,聽聽
[347]
because although it's not easy to build these聽
masks, it's still available for people, if they聽聽
[353]
well if they try little harder and then the third聽
thing we need to address are video replays and聽聽
[360]
video projections on different materials, because聽
that's actually the most common type of fraud we聽聽
[365]
see in the real life scenarios. That people try to聽
use either grandma's picture or a wedding picture聽聽
[372]
or some kind of video from social media from聽
the person like now this video for instance is聽聽
[378]
recorded from me and so that means it will be聽
available on social media and people could use聽聽
[384]
it to try to spoof systems using this video of me聽
and of course we have to be able to detect these.
[391]
But instead of just speaking about it, i thought聽
it would be nice to show a demo. Um excuse me.聽聽
[399]
So you can see that this person is actually聽
detected a fake and the reason for that is聽聽
[405]
that it was a silicon mask and when I took off聽
the mask I was detected as live in real time.聽
[412]
This was a live demo by the way here聽
in our office, maybe half a year ago,聽聽
[417]
so that's what it when it was recorded yeah聽
and you see that i try to bend the picture and聽聽
[423]
try to overcome the system by kind of聽
making realistic features available but聽聽
[430]
yeah in this case of course it worked to detect聽
a live person as live and the fake person even聽聽
[437]
here with the video where it looks like me and聽
it moves like me it's still detected as a fake.
[451]
And the question is, how do we do that? One of聽
the steps so we combine two different elements聽聽
[457]
and one of the steps is 3D structure analysis,聽
meaning that we perform optical flow analysis on聽聽
[464]
2D pictures, so we need to work with standard聽
cameras, as I said for this real life use case聽聽
[470]
scenario of remote identity verification, we聽
don't have any depth information or 3D cameras,聽聽
[476]
so we need to be able to be sure that it's a 3D聽
geometry we see with just using 2D rgb standard聽聽
[484]
cameras or pictures and we do that by asking the聽
person to slightly move and then from the slide聽聽
[491]
movement we can calculate this 3D geometry. This聽
is a very good way to prevent 2D spoofing attacks,聽聽
[500]
but then we also use texture analysis and AI and聽
we on the one hand have handcrafted features for聽聽
[506]
the texture analysis, but on the other hand聽
we use deep convolutional neural networks,聽聽
[511]
which are trained with our data to make sure,聽
that the live people are as I said detected as聽聽
[517]
live and the fakes are rejected. Of course聽
this is a very complicated problem, because聽聽
[522]
for a two class problem like live or fake you聽
kind of need all types of fakes in the fake聽聽
[530]
class for training and you are never sure you can聽
never be sure that your system generalizes well聽聽
[537]
enough to also cope with unseen attacks. So this聽
is an ongoing research and development project,聽聽
[543]
but it's already in use and very reliable,聽
but it has to be modified all the time.
[552]
So this brings us to the topic聽
of new unseen attacks or new聽聽
[557]
kinds of fraud attempts, which is deep fakes.聽
So deep fakes, as we already heard, are becoming聽聽
[566]
more challenging, because they are difficult to聽
distinguish from real videos, because they are聽聽
[572]
getting so good in quality so the human eye really聽
has problems to distinguish them. Especially if聽聽
[577]
they are not trained and of course the algorithms聽
also can have challenges with deep fakes.聽聽
[586]
So what is the status quo if it comes聽
to deep fake detection? And here聽聽
[592]
the thing is, that deep fakes typically, at least聽
for this use case that i'm speaking of, which is聽聽
[597]
remote identity verification, here deep fakes are聽
presented on a display so for instance, a video or聽聽
[605]
a deep fake, a recorded deep fake, is presented on聽
a cellphone to a camera which tries to verify the聽聽
[611]
identity of a person by sending the pictures聽
to us for instance to the solution provider聽聽
[618]
so if deep fakes are presented at the sensor level聽
then the good thing is that our standard liveness聽聽
[624]
detection and the texture analysis and the AI are聽
able to detect this, because as i said, they are聽聽
[630]
presented on a display, they are projected to some聽
kind of material and our liveness detection would聽聽
[636]
detect all of these materials and displays. So聽
the good news is, that for this use case scenario聽聽
[645]
a secure app preventing video injection聽
solves the problem of deep fakes,聽聽
[650]
because if deep fakes can't be injected into聽
the application, but are only presented,聽聽
[655]
then our liveness detection already is able聽
to cope the situation, cope with the situation
[663]
But still we need to speak about video injections聽
of course. So what about deep fake attacks at the聽聽
[668]
application level? So here, if we are speaking聽
about a pre-recorded video feed, a pre-recorded聽聽
[675]
deep fake, then challenge response mechanisms聽
can be used, so the user would be asked to聽聽
[682]
move in a certain randomized direction,聽
like up and then to the side for instance聽聽
[687]
and it's very unlikely that an attacker really has聽
a video that where or a deep fake video where the聽聽
[693]
person moves in this prompted way.
So this can be a way to聽聽
[699]
detect deep fakes, even if they are, if聽
the attack is at the application level.聽
[705]
But what about live manipulated video feeds, so聽
especially for all the use cases, for all the聽聽
[712]
scenarios where we're not in the used case of聽
identity verification, but maybe a politician,聽聽
[718]
a video of a politician needs to be analyzed for聽
instance. We are also we also want to be able to聽聽
[725]
detect whether it was a deep fake or not and live聽
manipulated video feeds that are injected into an聽聽
[731]
application, like identity verification of course聽
are a challenge and future research is relevant.
[739]
Which brings me to the FakeID project, that we聽
have already heard about today. So our future聽聽
[746]
research aim is to develop methods to detect deep聽
fakes in the video and photo material directly,聽聽
[754]
this is in order to make identity聽
verification more trusted and be聽聽
[758]
sure about the credentials that are derived聽
from such automated processes and support all聽聽
[764]
the different cases where we want to analyze聽
video material and be sure that it's genuine
[772]
And to sum it up, I would just like聽
to say a few words about BioID.聽聽
[777]
So we are a company focused on research and聽
development which comes from our history.聽
[782]
We've been founded in 1998 as a spin-off from聽
the Fraunhofer IIS here in Erlangen and we are,聽聽
[790]
we have our headquarters here in Nuremberg聽
and are a German company with 100% proprietary聽聽
[797]
software and we are proud to say that we have 23聽
years of experience in biometrics, so we've been聽聽
[802]
on the topics from the beginning um yeah and are聽
happy to be able to bring the technology into the聽聽
[810]
use cases now, that we've been speaking about.
So thank you for your attention and I actually聽聽
[817]
hope there are some questions and if not now,聽
then please don't hesitate to contact me later on,聽聽
[823]
after the conference and聽
yeah thank you for having me!
Most Recent Videos:
You can go back to the homepage right here: Homepage