WO2014003978A1 - Real human detection and confirmation in personal credential verification - Google Patents

Real human detection and confirmation in personal credential verification Download PDF

Info

Publication number
WO2014003978A1
WO2014003978A1 PCT/US2013/043777 US2013043777W WO2014003978A1 WO 2014003978 A1 WO2014003978 A1 WO 2014003978A1 US 2013043777 W US2013043777 W US 2013043777W WO 2014003978 A1 WO2014003978 A1 WO 2014003978A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
image
response
real human
corresponds
Prior art date
Application number
PCT/US2013/043777
Other languages
French (fr)
Inventor
Ning Lu
Achintya K. BHOWMIK
Michael M. CHU
Original Assignee
Intel Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Intel Corporation filed Critical Intel Corporation
Priority to EP13809914.8A priority Critical patent/EP2867816A4/en
Priority to CN201380028065.0A priority patent/CN104541277B/en
Publication of WO2014003978A1 publication Critical patent/WO2014003978A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06VIMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
    • G06V40/00Recognition of biometric, human-related or animal-related patterns in image or video data
    • G06V40/40Spoof detection, e.g. liveness detection
    • G06V40/45Detection of the body part being alive
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2133Verifying human interaction, e.g., Captcha
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06VIMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
    • G06V40/00Recognition of biometric, human-related or animal-related patterns in image or video data
    • G06V40/10Human or animal bodies, e.g. vehicle occupants or pedestrians; Body parts, e.g. hands
    • G06V40/16Human faces, e.g. facial parts, sketches or expressions
    • G06V40/172Classification, e.g. identification

Definitions

  • Computer account log in protects computers from unauthorized users, but is an inconvenience to the authorized users. While some users log in once each day, others log in each time the system is allowed to go to sleep mode or each time the screen saver is activated. More frequent user authentication generally provides better security against unauthorized users but increases the inconvenience for authorized users. In some environments, there is a risk of unauthorized access each time the authorized user steps away from a terminal whether for a break or just to discuss something in the next office. With portable devices from notebook computers, to slate computers to telephones becoming more common, the risk of unauthorized access becomes greater.
  • Figure 1 is a process flow diagram for authenticating a camera-based passive log in according to an embodiment of the invention.
  • Figure 2 is a process flow diagram for combining authentication techniques according to an embodiment of the invention.
  • FIG. 3 is a block diagram a hardware implementation of the present invention according to an embodiment of the invention.
  • Figure 4 is block diagram of a computer system suitable for implementing processes of the present disclosure according to an embodiment of the invention.
  • Face log in may become a common user authentication technique for computers and other devices. However, it may be possible to defeat such a security system using a photograph or a pre-recorded video. Such hacking can be prevented by adding a real human detection component to the user authentication. While it may also be possible also to prevent hacking by requiring the user to type a password or identify scrambled text, this is less convenient for the user. It also eliminates much of the user convenience of face recognition.
  • Face log in allows the computer to be aware of the user and the external user
  • a face log in system can be enhanced using some technique to make sure that the camera is looking at a real person, not a photograph or prerecorded video or an avatar. While face log in is discussed primarily herein, the described techniques can be applied to any type of technique that authenticates a real person using a camera whether the authentication is based on the appearance of the face, a particular facial feature or dimension, an eye scanner, or even a voice scan.
  • real human behaviors that are hard for machines to simulate in real-time are added to a face log in.
  • the computer uses a camera for input together with a display screen and perhaps a microphone or other sensor to detect whether the observed image is a real human.
  • the display screen and microphone randomly perform a detection test, the camera records the user reaction as video, and the computer analyzes it and signals an authentication attempt as a pass or a fail.
  • Figure 1 is a process flow diagram for authenticating a face log in or similar camera- based passive log in.
  • camera data is received into the system.
  • Other sensor data may also be received, such as microphone data, infrared patterns, etc.
  • the camera data is passed first to an identity recognition block at 200.
  • an identity recognition block For a typical face log in at 201 a captured image is compared to stored images of authorized users and, if a match is found, then the face log in is accepted.
  • the camera data may also be applied to a confirmation test at 300.
  • the system takes additional camera information or other sensor information to confirm that the presented camera data corresponds to a real human and not a simulated presentation intended to defeat the security of the face log in system.
  • the data is tested for confirmation and a pass or fail result is obtained. If the confirmation test does not provide a yes, then the authentication attempt is failed and the system will not allow a log in whether the face log in was successful or not.
  • the result of the identity recognition and the human confirmation are combined to provide three possible results. If both tests yield a positive, or yes result then at 402, the authentication is passed. If the identity recognition is a yes, but the human confirmation is a no, then at 403, the authentication attempt is a fail. Similarly, if the face log in provides a no but the human confirmation provides a no, then the authentication attempt is also a fail.
  • a third option if the face log in provides a no and the human confirmation provides a yes is to allow a new user account to be established at 401.
  • the third result suggests that the system has detected a real human but that the detected human does not have a log in account for the system.
  • the system may then provide an opportunity for the person to establish a log in account through conventional approaches. Alternatively, the system can go to 403 and fail the attempt.
  • the first approach is passive and requires no action from the user. It adds another kind of sensing to confirm the face log in. No particular action or reaction from the user is necessary to eliminate many attempts to falsify the face log in. While many other techniques may be used some easily sensed attributes of the user are motion detection (the authorized user will have some movements), 3D-camera observation (the authorized user will not be a 2D picture), and bio-metrics sensing (heart beat, heat signature), among others.
  • a video of the log in face may be taken.
  • a real person moves smoothly but inconsistently.
  • the captured video can be analyzed for non-uniform motion vector distributions. This kind of smooth inconsistent motion can be detected whenever the user turns or tilts the head. If the video is consistent with human motions, then the human confirmation can be passed.
  • a 3D camera or a camera array can easily determine whether the observed face is a 3D-object or a 2D screen or photograph.
  • a video display can be placed in front of the camera to create the appearance of genuine human motion.
  • a simple infra-red camera or other temperature sensitive device can also be used to determine whether the observed face is a warm body or a cool 3D-model.
  • the infra-red camera image can be matched against the visible light image to ensure that the observed image has temperature gradients that are consistent with a real face. It is also possible to detect pulses and other natural change in a face using suitably equipped cameras.
  • the 3D, thermal, and pulse rate cameras may be the same camera that performs the face log in equipped with a suitable alternative software mode or it may be a different camera.
  • the face log in and the confirmation cameras may be the same camera used for video
  • the same sensor may be used in two ways. For example, many digital camera sensors are capable of infra red imaging. This could allow the same camera to be used for both the infra red and the visible light views. In another example, the camera observes not only the face for log in but also the background surrounding the face. If the computer has not moved, then the background for each face log in should be the same. The computer can compare the two images and if the new attempted log in shows the same background, then the log in can be confirmed. As mentioned above, these approaches and those mentioned below can be combined in different ways to make the face log in harder to defeat. Many systems include accelerometers or positioning systems. These can be used to allow the system to determine whether it has been moved or re-oriented.
  • a second approach to human confirmation adds an involuntary reaction from the user to confirm a face log in.
  • This approach relies upon natural human behavior to confirm that the observed face is actually the authorized user.
  • the involuntary reaction can be a reaction to light, color, sound etc. This is more reliable than trying to determine whether the face in front of the display is a true face.
  • the computer may initiate an action and then look for an expected corresponding human reaction. If the expected reaction is received then it is confirmed that the log in attempt is by a real human. For example, the computer can flash a light, on the screen or on a related peripheral such as the camera and see if the eyes on the face blink. In another example, the computer can produce a surprising sound using speakers, such as a loud or sudden sound. The face should wince, tremble, or have some other reaction in response. In another example the computer can detect an emotion change to a funny odor.
  • the particular selection of computer actions may be varied depending on the desired level of security balanced against annoying the user with unpleasant surprises each time the user attempts to log back in.
  • the amount of annoyance can be reduced by using more accurate or sensitive sensors.
  • a very small stimulus to the human can be used to evoke a very small response from the user.
  • the user may not even be aware of the involuntary blink, or wince caused by the action of the computer.
  • After some period of use it may happen that the user becomes accustomed to the stimulus and the involuntary response becomes weak or undetectable. This can be avoided by using a large library of different sounds and visual or flashing effects and then selecting one so that the user does not know what to expect and does not become used to one or a few different stimuli.
  • a random or patterned selection may be used, depending on the particular implementation.
  • a large library of stimuli also enhances the security of the system by making it more difficult for the reaction to be emulated or faked by a machine.
  • the computer can evoke a specific intentional conscious response from the user.
  • greetings or questions can be used. These can be informal or personal question or simple requests.
  • the computer might ask a simple question such as "what day is it today?" or "please tell me your name.”
  • the computer can then analyze the meaning of the content and match the voice of the speaker against a voice pattern.
  • the computer can also observe the face to detect mouth movement on the face that is presented to the face log in system.
  • the computer can request a particular response from the user, such as stating "show me your right hand.” The computer can then observe whether a right hand appears in front of the camera. Different types of requests and different questions can be used so that the system cannot be tricked using a prerecorded response.
  • Such a confirmation process can be made less intrusive by blended it into an exchange that feels like a smart greeting system.
  • a face log in might be presented. After recognizing the face, the computer might present a personalized greeting, such as "welcome back Mr. Jones" and then follow-up with a simple question. The intentional response can be presented as a pleasant exchange without users being aware of the security aspects of it.
  • FIG. 2 is an example of a process flow diagram for combining authentication techniques to further secure a face log in system. These operations may all be applied to the process flow diagram of Figure 1 at block 300.
  • camera data is received from the computer or other device.
  • the camera data is provided to a human
  • a non intrusive human confirmation is performed.
  • the person attempted the log in is observed. The observation may be based on any of the types of tests described above, such as a motion test, a 3D test, a temperature test, a pulse test, etc. These may be performed using the face log in image or using another image from the same camera or from a different sensor.
  • the log in attempt is not confirmed to be coming from a human, then there is a failure and at 392, the log in fails. If the log in passes, then the system can move to a reactive confirmation at 320 for additional security. While a single process box 311 is provided for observing the image for human confirmation, there may be multiple tests applied. As an example, a face log in may be tested for both being a 3D image and having a pulse. Any two or more operations may be combined in any way desired depending on the particular embodiment.
  • the system moves to an active confirmation.
  • a stimulus is provided and at 329 the system determines whether a response to the stimulus has been detected.
  • the response may be involuntary, such as a wink or wince, or it may be voluntary such as stating a name or raising a hand. If no response is detected at329, then the log in attempt is failed at 392. On the other hand, if the expected response is detected, then at 391, the log in attempt may be passed. More than one reactive confirmation approach may be used at the same time or in sequence at block
  • the system might ask a question and then listen for a spoken answer together with observing whether the lips of the mouth move at the same time that the audio is received.
  • the system might flash a light once while it is asking a question. This distracts the user from the flash and allows the system to check for a wink, and then check for an answer to the question.
  • the particular combination may be adapted to suit any particular implementation.
  • the multiple tests may be staged as in Figure 2 so that each test must be passed before the next test is provided or the tests may be done on or about the same time so that their successful completion may be received on or about the same time.
  • FIG. 3 is a block diagram view of an implementation of the present invention as described in the examples above.
  • a user arrives at the terminal 550 which may be fixed or mobile.
  • the user is then observed by a face sensor 500 for face log in.
  • the face sensor image is provided to an image comparator 600 to compare the observed face image to a library of face images in a face image store 611.
  • the face image store may be a part of separate authentication data resources 610 or a part of the general system resources 801. If the face sensor image matches an image in the face image store, then a pass signal is sent to a user authentication module 700.
  • the image from the face sensor 500 may be passed to a confirmation module 601.
  • the confirmation module may then analyze the image to determine whether it is an image of a real person by examining an infrared signature, motion through video, or depth or 3D character. These may be done using the same face sensor 500 or an augmented face sensor 501 may be used in addition to or instead of the face log in face sensor 500.
  • the augmented face sensor may provide 3D viewing, infrared viewing, video viewing, magnified viewing or any other type of viewing, depending on the particular implementation.
  • the confirmation system 601 may refer to a motion vector store 613 of the data store 610.
  • the system may access an augmented face image store
  • This may include example infrared signatures, depth profiles for 3D imaging, pulse recognition data, and more.
  • the system 550 may also apply stimulus-response techniques to verify that the user is real person as described above.
  • the confirmation module 601 is provided access to a stimulus output 503 to allow the system to produce a stimulus to the user.
  • This stimulus output 503 may be coupled to one or more different hardware resources of the system, such as lights, the display, speakers, and force systems, such as piezoelectric or haptic devices.
  • the system uses a response sensor 502 to detect a response, if any, from the user to the stimulus.
  • the detected response is sent to the confirmation module 601.
  • the response may be detected using cameras, microphones, or touch sensors.
  • the results from the confirmation module 601 are passed to the authentication module 700 to be considered together with the face sensor log in module.
  • the authentication makes a determination whether to allow or reject a log in based on the received inputs. If a log in is allowed, then the log in 800 is activated and the user is granted access to the system resources 801.
  • FIG. 4 is a block diagram of a computing system, such as a personal computer, gaming console, smart phone or portable gaming device.
  • the computer system 900 includes a bus or other communication means 901 for communicating information, and a processing means such as a microprocessor 902 coupled with the bus 901 for processing information.
  • the computer system may be augmented with a graphics processor 903 specifically for rendering graphics through parallel pipelines and a physics processor 905 for calculating physics interactions as described above. These processors may be incorporated into the central processor 902 or provided as one or more separate processors.
  • the computer system 900 further includes a main memory 904, such as a random access memory (RAM) or other dynamic data storage device, coupled to the bus 901 for storing information and instructions to be executed by the processor 902.
  • main memory also may be used for storing temporary variables or other intermediate information during execution of instructions by the processor.
  • ROM read only memory
  • a mass memory 907 such as a magnetic disk, optical disc, or solid state array and its corresponding drive may also be coupled to the bus of the computer system for storing information and instructions.
  • the computer system can also be coupled via the bus to a display device or monitor 921, such as a Liquid Crystal Display (LCD) or Organic Light Emitting Diode (OLED) array, for displaying information to a user.
  • a display device or monitor 921 such as a Liquid Crystal Display (LCD) or Organic Light Emitting Diode (OLED) array
  • LCD Liquid Crystal Display
  • OLED Organic Light Emitting Diode
  • user input devices such as a keyboard with alphanumeric, function and other keys
  • additional user input devices may include a cursor control input device such as a mouse, a trackball, a trackpad, or cursor direction keys can be coupled to the bus for communicating direction information and command selections to the processor and to control cursor movement on the display 921.
  • cursor control input device such as a mouse, a trackball, a trackpad, or cursor direction keys
  • cursor direction keys can be coupled to the bus for communicating direction information and command selections to the processor and to control cursor movement on the display 921.
  • Camera and microphone arrays 923 are coupled to the bus to observe gestures, record audio and video and to receive visual and audio commands as mentioned above.
  • Communications interfaces 925 are also coupled to the bus 901.
  • the communication interfaces may include a modem, a network interface card, or other well known interface devices, such as those used for coupling to Ethernet, token ring, or other types of physical wired or wireless attachments for purposes of providing a communication link to support a local or wide area network (LAN or WAN), for example.
  • LAN or WAN local or wide area network
  • the computer system may also be coupled to a number of peripheral devices, other clients, control surfaces or consoles, or servers via a conventional network infrastructure, including an Intranet or the Internet, for example.
  • Computer system 900 may refer to a many examples of an electronic device and may include without limitation a mobile device, a personal digital assistant, a mobile computing device, a smart phone, a cellular telephone, a handset, a one-way pager, a two-way pager, a messaging device, a computer, a personal computer (PC), a desktop computer, a laptop computer, a notebook computer, a handheld computer, a tablet computer, a server, a server array or server farm, a web server, a network server, an Internet server, a work station, a mini-computer, a main frame computer, a supercomputer, a network appliance, a web appliance, a distributed computing system, multiprocessor systems, processor-based systems, consumer electronics, programmable consumer electronics, television, digital television, set top
  • Embodiments may be implemented as any or a combination of: one or more microchips or integrated circuits interconnected using a parentboard, hardwired logic, software stored by a memory device and executed by a microprocessor, firmware, an application specific integrated circuit (ASIC), and/or a field programmable gate array (FPGA).
  • logic may include, by way of example, software or hardware and/or combinations of software and hardware.
  • Embodiments may be provided, for example, as a computer program product which may include one or more machine-readable media having stored thereon machine-executable instructions that, when executed by one or more machines such as a computer, network of computers, or other electronic devices, may result in the one or more machines carrying out operations in accordance with embodiments of the present invention.
  • a machine-readable medium may include, but is not limited to, floppy diskettes, optical disks, CD-ROMs (Compact Disc-Read Only Memories), and magneto-optical disks, ROMs (Read Only Memories), RAMs (Random Access Memories), EPROMs (Erasable Programmable Read Only Memories), EEPROMs (Electrically Erasable Programmable Read Only Memories), magnetic or optical cards, flash memory, or other type of media/machine-readable medium suitable for storing machine-executable instructions.
  • embodiments may be downloaded as a computer program product, wherein the program may be transferred from a remote computer (e.g., a server) to a requesting computer (e.g., a client) by way of one or more data signals embodied in and/or modulated by a carrier wave or other propagation medium via a communication link (e.g., a modem and/or network connection).
  • a remote computer e.g., a server
  • a requesting computer e.g., a client
  • a communication link e.g., a modem and/or network connection
  • a machine-readable medium may, but is not required to, comprise such a carrier wave.
  • references to “one embodiment”, “an embodiment”, “example embodiment”, “various embodiments”, etc., indicate that the embodiment(s) of the invention so described may include particular features, structures, or characteristics, but not every embodiment necessarily includes the particular features, structures, or characteristics. Further, some embodiments may have some, all, or none of the features described for other embodiments.
  • Coupled is used to indicate that two or more elements co-operate or interact with each other, but they may or may not have intervening physical or electrical components between them.
  • a method includes receiving a camera image of a user at a computer system, testing the image for recognition against a user account, confirming that the image corresponds to a real human, and if the image is authenticated and corresponds to a real human, then authenticating the user to the corresponding user account of the computer system.
  • Further embodiments include if the image is authenticated and does not correspond to a real human, then refusing authentication and if the image is authenticated and corresponds to a real human then further testing the user to confirm that the image corresponds to a real human and if the further testing is passed then authenticating the user.
  • confirming that the image corresponds to real human comprises applying a test to the user that requires no response from the user and further testing the user comprises applying a test that requires a response from the user.
  • the required response may be an involuntary response or a reply to a prompt from the computer system.
  • confirming that the image corresponds to a real human comprises applying a plurality of different tests to the user.
  • the plurality of different tests may include a test that requires no response from the user and a test that requires s response from the user.
  • the test that requires a response includes a test that requires an involuntary response and a test that requires a voluntary response.
  • testing the image comprises comparing the image to a library of stored user images.
  • confirming comprises observing the image using a 3D camera to determine whether the user is in 3D.
  • confirming comprises on or more of measuring infra red radiation from the user to assess a heat signature of the user, recording video of the user and assessing motion vectors in the video, and generating a stimulus and observing a response of the user.
  • the stimulus comprises a sudden light.
  • a machine-readable non-transitory medium has instructions that when operated on by the machine cause the machine to perform operations that include receiving a camera image of a user at a computer system, testing the image for recognition against a user account, confirming that the image corresponds to a real human, and if the image is authenticated and corresponds to a real human, then authenticating the user to the corresponding user account of the computer system.
  • the user is further tested to confirm that the image corresponds to a real human and if the further testing is passed then the user is authenticated.
  • confirming that the image corresponds to real human comprises applying a test to the user that requires no response from the user and further testing the user comprises applying a test that requires a response from the user.
  • a computer system in another embodiment includes a camera to receive an image of a user at the computer system, a memory to store a library of stored user images in association with user accounts, and a processor to test the received image for recognition against a user account of the memory and to confirm that the image corresponds to a real human, wherein if the image is authenticated and corresponds to a real human, then to authenticate the user to the corresponding user account of the computer system.
  • the computer system also includes a user interface to present a stimulus to the user and to receive an involuntary response from the user and wherein the processor uses the response as further testing of the user to confirm that the image corresponds to a real human. .

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Biomedical Technology (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Software Systems (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Biodiversity & Conservation Biology (AREA)
  • Computing Systems (AREA)
  • Human Computer Interaction (AREA)
  • Multimedia (AREA)
  • Collating Specific Patterns (AREA)
  • User Interface Of Digital Computer (AREA)

Abstract

Real human detection and confirmation in personal credential verification is described. In one example, a camera image of a user is received at a computer system. The image is tested for recognition against a user account and it is confirmed that the image corresponds to a real human. If the image is authenticated and corresponds to a real human, then the user is authenticated to the corresponding user account of the computer system.

Description

REAL HUMAN DETECTION AND CONFIRMATION IN PERSONAL CREDENTIAL VERIFICATION BACKGROUND
Computer account log in protects computers from unauthorized users, but is an inconvenience to the authorized users. While some users log in once each day, others log in each time the system is allowed to go to sleep mode or each time the screen saver is activated. More frequent user authentication generally provides better security against unauthorized users but increases the inconvenience for authorized users. In some environments, there is a risk of unauthorized access each time the authorized user steps away from a terminal whether for a break or just to discuss something in the next office. With portable devices from notebook computers, to slate computers to telephones becoming more common, the risk of unauthorized access becomes greater.
Conventional user authentication requires a user to type a password, perhaps with a special key combination, such as Control, Alt, and Delete. In some systems, a fingerprint scanner is used instead of or in addition to the user password. Recently, it has been proposed to use a front facing camera, common on notebook computers and smart phones, to observe the face of the user and use the face as an authentication. The camera can authenticate the user simply by looking at the user. BRIEF DESCRIPTION OF THE DRAWINGS
Embodiments of the invention are illustrated by way of example, and not by way of limitation, in the figures of the accompanying drawings in which like reference numerals refer to similar elements.
Figure 1 is a process flow diagram for authenticating a camera-based passive log in according to an embodiment of the invention.
Figure 2 is a process flow diagram for combining authentication techniques according to an embodiment of the invention.
Figure 3 is a block diagram a hardware implementation of the present invention according to an embodiment of the invention.
Figure 4 is block diagram of a computer system suitable for implementing processes of the present disclosure according to an embodiment of the invention.
DETAILED DESCRIPTION
Face log in may become a common user authentication technique for computers and other devices. However, it may be possible to defeat such a security system using a photograph or a pre-recorded video. Such hacking can be prevented by adding a real human detection component to the user authentication. While it may also be possible also to prevent hacking by requiring the user to type a password or identify scrambled text, this is less convenient for the user. It also eliminates much of the user convenience of face recognition.
Face log in allows the computer to be aware of the user and the external user
environment. The accuracy and security of a face log in system can be enhanced using some technique to make sure that the camera is looking at a real person, not a photograph or prerecorded video or an avatar. While face log in is discussed primarily herein, the described techniques can be applied to any type of technique that authenticates a real person using a camera whether the authentication is based on the appearance of the face, a particular facial feature or dimension, an eye scanner, or even a voice scan.
In one example of the invention, real human behaviors that are hard for machines to simulate in real-time are added to a face log in. The computer uses a camera for input together with a display screen and perhaps a microphone or other sensor to detect whether the observed image is a real human. In one example, the display screen and microphone randomly perform a detection test, the camera records the user reaction as video, and the computer analyzes it and signals an authentication attempt as a pass or a fail.
Figure 1 is a process flow diagram for authenticating a face log in or similar camera- based passive log in. At 100 camera data is received into the system. Other sensor data may also be received, such as microphone data, infrared patterns, etc. The camera data is passed first to an identity recognition block at 200. For a typical face log in at 201 a captured image is compared to stored images of authorized users and, if a match is found, then the face log in is accepted.
The camera data may also be applied to a confirmation test at 300. The system takes additional camera information or other sensor information to confirm that the presented camera data corresponds to a real human and not a simulated presentation intended to defeat the security of the face log in system. At 301, the data is tested for confirmation and a pass or fail result is obtained. If the confirmation test does not provide a yes, then the authentication attempt is failed and the system will not allow a log in whether the face log in was successful or not.
The result of the identity recognition and the human confirmation are combined to provide three possible results. If both tests yield a positive, or yes result then at 402, the authentication is passed. If the identity recognition is a yes, but the human confirmation is a no, then at 403, the authentication attempt is a fail. Similarly, if the face log in provides a no but the human confirmation provides a no, then the authentication attempt is also a fail.
A third option, if the face log in provides a no and the human confirmation provides a yes is to allow a new user account to be established at 401. The third result suggests that the system has detected a real human but that the detected human does not have a log in account for the system. The system may then provide an opportunity for the person to establish a log in account through conventional approaches. Alternatively, the system can go to 403 and fail the attempt.
Three approaches for augmenting a face log in system are described below, however, the invention is not so limited. Each one may be used by itself or in combination with one or more of the other approaches. Each approach can be implemented using equipment that is commonly used or at least commonly available on notebook computers, smart phones, and even some desktop computers.
The first approach is passive and requires no action from the user. It adds another kind of sensing to confirm the face log in. No particular action or reaction from the user is necessary to eliminate many attempts to falsify the face log in. While many other techniques may be used some easily sensed attributes of the user are motion detection (the authorized user will have some movements), 3D-camera observation (the authorized user will not be a 2D picture), and bio-metrics sensing (heart beat, heat signature), among others.
For motion detection, to distinguish a real human from a photograph, a video of the log in face may be taken. A real person moves smoothly but inconsistently. The captured video can be analyzed for non-uniform motion vector distributions. This kind of smooth inconsistent motion can be detected whenever the user turns or tilts the head. If the video is consistent with human motions, then the human confirmation can be passed.
For 3D camera observation, a 3D camera or a camera array can easily determine whether the observed face is a 3D-object or a 2D screen or photograph. To defeat motion authentication system, a video display can be placed in front of the camera to create the appearance of genuine human motion. However, it is difficult to present a 3D video that will be observed as 3D by a camera. The 3D observation avoids this type of cheating.
A simple infra-red camera or other temperature sensitive device can also be used to determine whether the observed face is a warm body or a cool 3D-model. For more
sophisticated imaging, the infra-red camera image can be matched against the visible light image to ensure that the observed image has temperature gradients that are consistent with a real face. It is also possible to detect pulses and other natural change in a face using suitably equipped cameras. The 3D, thermal, and pulse rate cameras may be the same camera that performs the face log in equipped with a suitable alternative software mode or it may be a different camera. The face log in and the confirmation cameras may be the same camera used for video
conversation and photography or it may be a more specialized camera.
The same sensor may be used in two ways. For example, many digital camera sensors are capable of infra red imaging. This could allow the same camera to be used for both the infra red and the visible light views. In another example, the camera observes not only the face for log in but also the background surrounding the face. If the computer has not moved, then the background for each face log in should be the same. The computer can compare the two images and if the new attempted log in shows the same background, then the log in can be confirmed. As mentioned above, these approaches and those mentioned below can be combined in different ways to make the face log in harder to defeat. Many systems include accelerometers or positioning systems. These can be used to allow the system to determine whether it has been moved or re-oriented.
A second approach to human confirmation adds an involuntary reaction from the user to confirm a face log in. This approach relies upon natural human behavior to confirm that the observed face is actually the authorized user. The involuntary reaction can be a reaction to light, color, sound etc. This is more reliable than trying to determine whether the face in front of the display is a true face.
To obtain an involuntary computer reaction, the computer may initiate an action and then look for an expected corresponding human reaction. If the expected reaction is received then it is confirmed that the log in attempt is by a real human. For example, the computer can flash a light, on the screen or on a related peripheral such as the camera and see if the eyes on the face blink. In another example, the computer can produce a surprising sound using speakers, such as a loud or sudden sound. The face should wince, tremble, or have some other reaction in response. In another example the computer can detect an emotion change to a funny odor.
The particular selection of computer actions may be varied depending on the desired level of security balanced against annoying the user with unpleasant surprises each time the user attempts to log back in. The amount of annoyance can be reduced by using more accurate or sensitive sensors. A very small stimulus to the human can be used to evoke a very small response from the user. In some cases, the user may not even be aware of the involuntary blink, or wince caused by the action of the computer. After some period of use, it may happen that the user becomes accustomed to the stimulus and the involuntary response becomes weak or undetectable. This can be avoided by using a large library of different sounds and visual or flashing effects and then selecting one so that the user does not know what to expect and does not become used to one or a few different stimuli. A random or patterned selection may be used, depending on the particular implementation. A large library of stimuli also enhances the security of the system by making it more difficult for the reaction to be emulated or faked by a machine.
In a third approach, the computer can evoke a specific intentional conscious response from the user. In this case, greetings or questions can be used. These can be informal or personal question or simple requests. As an example, the computer might ask a simple question such as "what day is it today?" or "please tell me your name." The computer can then analyze the meaning of the content and match the voice of the speaker against a voice pattern. The computer can also observe the face to detect mouth movement on the face that is presented to the face log in system.
As another example, the computer can request a particular response from the user, such as stating "show me your right hand." The computer can then observe whether a right hand appears in front of the camera. Different types of requests and different questions can be used so that the system cannot be tricked using a prerecorded response.
Such a confirmation process can be made less intrusive by blended it into an exchange that feels like a smart greeting system. In one example, a face log in might be presented. After recognizing the face, the computer might present a personalized greeting, such as "welcome back Mr. Jones" and then follow-up with a simple question. The intentional response can be presented as a pleasant exchange without users being aware of the security aspects of it.
Figure 2 is an example of a process flow diagram for combining authentication techniques to further secure a face log in system. These operations may all be applied to the process flow diagram of Figure 1 at block 300. Referring to Figure 1, at 100 camera data is received from the computer or other device. The camera data is provided to a human
confirmation system at block 300. Moving to Figure 2, at 310, a non intrusive human confirmation is performed. At 311, the person attempted the log in is observed. The observation may be based on any of the types of tests described above, such as a motion test, a 3D test, a temperature test, a pulse test, etc. These may be performed using the face log in image or using another image from the same camera or from a different sensor.
At 319, if the log in attempt is not confirmed to be coming from a human, then there is a failure and at 392, the log in fails. If the log in passes, then the system can move to a reactive confirmation at 320 for additional security. While a single process box 311 is provided for observing the image for human confirmation, there may be multiple tests applied. As an example, a face log in may be tested for both being a 3D image and having a pulse. Any two or more operations may be combined in any way desired depending on the particular embodiment.
At 320 having confirmed the log in attempt through passive means, the system moves to an active confirmation. At 321 a stimulus is provided and at 329 the system determines whether a response to the stimulus has been detected. As mentioned above, the response may be involuntary, such as a wink or wince, or it may be voluntary such as stating a name or raising a hand. If no response is detected at329, then the log in attempt is failed at 392. On the other hand, if the expected response is detected, then at 391, the log in attempt may be passed. More than one reactive confirmation approach may be used at the same time or in sequence at block
321 before the log in attempt is passed.
As an example the system might ask a question and then listen for a spoken answer together with observing whether the lips of the mouth move at the same time that the audio is received. As another example, the system might flash a light once while it is asking a question. This distracts the user from the flash and allows the system to check for a wink, and then check for an answer to the question. The particular combination may be adapted to suit any particular implementation. In addition, the multiple tests may be staged as in Figure 2 so that each test must be passed before the next test is provided or the tests may be done on or about the same time so that their successful completion may be received on or about the same time.
Figure 3 is a block diagram view of an implementation of the present invention as described in the examples above. A user arrives at the terminal 550 which may be fixed or mobile. The user is then observed by a face sensor 500 for face log in. The face sensor image is provided to an image comparator 600 to compare the observed face image to a library of face images in a face image store 611. The face image store may be a part of separate authentication data resources 610 or a part of the general system resources 801. If the face sensor image matches an image in the face image store, then a pass signal is sent to a user authentication module 700.
To further secure the computer system 550, another authentication system is added before the user is granted a log in 800 and access to the system resources 801. The image from the face sensor 500 may be passed to a confirmation module 601. The confirmation module may then analyze the image to determine whether it is an image of a real person by examining an infrared signature, motion through video, or depth or 3D character. These may be done using the same face sensor 500 or an augmented face sensor 501 may be used in addition to or instead of the face log in face sensor 500. The augmented face sensor may provide 3D viewing, infrared viewing, video viewing, magnified viewing or any other type of viewing, depending on the particular implementation.
For motion vector analysis, the confirmation system 601 may refer to a motion vector store 613 of the data store 610. For other more detailed aspects of the face image, including those from the augmented face sensor, the system may access an augmented face image store
614 of the data store 610. This may include example infrared signatures, depth profiles for 3D imaging, pulse recognition data, and more.
The system 550 may also apply stimulus-response techniques to verify that the user is real person as described above. For this purpose the confirmation module 601 is provided access to a stimulus output 503 to allow the system to produce a stimulus to the user. This stimulus output 503 may be coupled to one or more different hardware resources of the system, such as lights, the display, speakers, and force systems, such as piezoelectric or haptic devices. After a stimulus is provided, the system uses a response sensor 502 to detect a response, if any, from the user to the stimulus. The detected response is sent to the confirmation module 601. The response may be detected using cameras, microphones, or touch sensors.
The results from the confirmation module 601 are passed to the authentication module 700 to be considered together with the face sensor log in module. The authentication makes a determination whether to allow or reject a log in based on the received inputs. If a log in is allowed, then the log in 800 is activated and the user is granted access to the system resources 801.
Figure 4 is a block diagram of a computing system, such as a personal computer, gaming console, smart phone or portable gaming device. The computer system 900 includes a bus or other communication means 901 for communicating information, and a processing means such as a microprocessor 902 coupled with the bus 901 for processing information. The computer system may be augmented with a graphics processor 903 specifically for rendering graphics through parallel pipelines and a physics processor 905 for calculating physics interactions as described above. These processors may be incorporated into the central processor 902 or provided as one or more separate processors.
The computer system 900 further includes a main memory 904, such as a random access memory (RAM) or other dynamic data storage device, coupled to the bus 901 for storing information and instructions to be executed by the processor 902. The main memory also may be used for storing temporary variables or other intermediate information during execution of instructions by the processor. The computer system may also include a nonvolatile memory 906, such as a read only memory (ROM) or other static data storage device coupled to the bus for storing static information and instructions for the processor.
A mass memory 907 such as a magnetic disk, optical disc, or solid state array and its corresponding drive may also be coupled to the bus of the computer system for storing information and instructions. The computer system can also be coupled via the bus to a display device or monitor 921, such as a Liquid Crystal Display (LCD) or Organic Light Emitting Diode (OLED) array, for displaying information to a user. For example, graphical and textual indications of installation status, operations status and other information may be presented to the user on the display device, in addition to the various views and user interactions discussed above.
Typically, user input devices, such as a keyboard with alphanumeric, function and other keys, may be coupled to the bus for communicating information and command selections to the processor. Additional user input devices may include a cursor control input device such as a mouse, a trackball, a trackpad, or cursor direction keys can be coupled to the bus for communicating direction information and command selections to the processor and to control cursor movement on the display 921.
Camera and microphone arrays 923 are coupled to the bus to observe gestures, record audio and video and to receive visual and audio commands as mentioned above.
Communications interfaces 925 are also coupled to the bus 901. The communication interfaces may include a modem, a network interface card, or other well known interface devices, such as those used for coupling to Ethernet, token ring, or other types of physical wired or wireless attachments for purposes of providing a communication link to support a local or wide area network (LAN or WAN), for example. In this manner, the computer system may also be coupled to a number of peripheral devices, other clients, control surfaces or consoles, or servers via a conventional network infrastructure, including an Intranet or the Internet, for example.
A lesser or more equipped system than the example described above may be preferred for certain implementations. Therefore, the configuration of the exemplary systems 900 will vary from implementation to implementation depending upon numerous factors, such as price constraints, performance requirements, technological improvements, or other circumstances. Computer system 900 may refer to a many examples of an electronic device and may include without limitation a mobile device, a personal digital assistant, a mobile computing device, a smart phone, a cellular telephone, a handset, a one-way pager, a two-way pager, a messaging device, a computer, a personal computer (PC), a desktop computer, a laptop computer, a notebook computer, a handheld computer, a tablet computer, a server, a server array or server farm, a web server, a network server, an Internet server, a work station, a mini-computer, a main frame computer, a supercomputer, a network appliance, a web appliance, a distributed computing system, multiprocessor systems, processor-based systems, consumer electronics, programmable consumer electronics, television, digital television, set top box, wireless access point, base station, subscriber station, mobile subscriber center, radio network controller, router, hub, gateway, bridge, switch, machine, or combination thereof."
Embodiments may be implemented as any or a combination of: one or more microchips or integrated circuits interconnected using a parentboard, hardwired logic, software stored by a memory device and executed by a microprocessor, firmware, an application specific integrated circuit (ASIC), and/or a field programmable gate array (FPGA). The term "logic" may include, by way of example, software or hardware and/or combinations of software and hardware.
Embodiments may be provided, for example, as a computer program product which may include one or more machine-readable media having stored thereon machine-executable instructions that, when executed by one or more machines such as a computer, network of computers, or other electronic devices, may result in the one or more machines carrying out operations in accordance with embodiments of the present invention. A machine-readable medium may include, but is not limited to, floppy diskettes, optical disks, CD-ROMs (Compact Disc-Read Only Memories), and magneto-optical disks, ROMs (Read Only Memories), RAMs (Random Access Memories), EPROMs (Erasable Programmable Read Only Memories), EEPROMs (Electrically Erasable Programmable Read Only Memories), magnetic or optical cards, flash memory, or other type of media/machine-readable medium suitable for storing machine-executable instructions.
Moreover, embodiments may be downloaded as a computer program product, wherein the program may be transferred from a remote computer (e.g., a server) to a requesting computer (e.g., a client) by way of one or more data signals embodied in and/or modulated by a carrier wave or other propagation medium via a communication link (e.g., a modem and/or network connection). Accordingly, as used herein, a machine-readable medium may, but is not required to, comprise such a carrier wave.
References to "one embodiment", "an embodiment", "example embodiment", "various embodiments", etc., indicate that the embodiment(s) of the invention so described may include particular features, structures, or characteristics, but not every embodiment necessarily includes the particular features, structures, or characteristics. Further, some embodiments may have some, all, or none of the features described for other embodiments.
In the following description and claims, the term "coupled" along with its derivatives, may be used. "Coupled" is used to indicate that two or more elements co-operate or interact with each other, but they may or may not have intervening physical or electrical components between them.
As used in the claims, unless otherwise specified the use of the ordinal adjectives "first",
"second", "third", etc., to describe a common element, merely indicate that different instances of like elements are being referred to, and are not intended to imply that the elements so described must be in a given sequence, either temporally, spatially, in ranking, or in any other manner.
The following examples pertain to further embodiments. Specifics in the examples may be used anywhere in one or more embodiments. In one embodiment, a method includes receiving a camera image of a user at a computer system, testing the image for recognition against a user account, confirming that the image corresponds to a real human, and if the image is authenticated and corresponds to a real human, then authenticating the user to the corresponding user account of the computer system.
Further embodiments include if the image is authenticated and does not correspond to a real human, then refusing authentication and if the image is authenticated and corresponds to a real human then further testing the user to confirm that the image corresponds to a real human and if the further testing is passed then authenticating the user.
In further embodiments, confirming that the image corresponds to real human comprises applying a test to the user that requires no response from the user and further testing the user comprises applying a test that requires a response from the user. The required response may be an involuntary response or a reply to a prompt from the computer system.
In another embodiment, confirming that the image corresponds to a real human comprises applying a plurality of different tests to the user. The plurality of different tests may include a test that requires no response from the user and a test that requires s response from the user. In another embodiment, the test that requires a response includes a test that requires an involuntary response and a test that requires a voluntary response.
In another embodiment testing the image comprises comparing the image to a library of stored user images.
In another embodiment confirming comprises observing the image using a 3D camera to determine whether the user is in 3D.
In another embodiment confirming comprises on or more of measuring infra red radiation from the user to assess a heat signature of the user, recording video of the user and assessing motion vectors in the video, and generating a stimulus and observing a response of the user.
In another embodiment the stimulus comprises a sudden light.
In another embodiment a machine-readable non-transitory medium has instructions that when operated on by the machine cause the machine to perform operations that include receiving a camera image of a user at a computer system, testing the image for recognition against a user account, confirming that the image corresponds to a real human, and if the image is authenticated and corresponds to a real human, then authenticating the user to the corresponding user account of the computer system.
In a further embodiment if the image is authenticated and corresponds to a real human then the user is further tested to confirm that the image corresponds to a real human and if the further testing is passed then the user is authenticated.
In a further embodiment confirming that the image corresponds to real human comprises applying a test to the user that requires no response from the user and further testing the user comprises applying a test that requires a response from the user.
In another embodiment a computer system includes a camera to receive an image of a user at the computer system, a memory to store a library of stored user images in association with user accounts, and a processor to test the received image for recognition against a user account of the memory and to confirm that the image corresponds to a real human, wherein if the image is authenticated and corresponds to a real human, then to authenticate the user to the corresponding user account of the computer system.
In a further embodiment, the computer system also includes a user interface to present a stimulus to the user and to receive an involuntary response from the user and wherein the processor uses the response as further testing of the user to confirm that the image corresponds to a real human. .
The drawings and the forgoing description give examples of embodiments. Those skilled in the art will appreciate that one or more of the described elements may well be combined into a single functional element. Alternatively, certain elements may be split into multiple functional elements. Elements from one embodiment may be added to another embodiment. For example, orders of processes described herein may be changed and are not limited to the manner described herein. Moreover, the actions any flow diagram need not be implemented in the order shown; nor do all of the acts necessarily need to be performed. Also, those acts that are not dependent on other acts may be performed in parallel with the other acts. The scope of embodiments is by no means limited by these specific examples. Numerous variations, whether explicitly given in the specification or not, such as differences in structure, dimension, and use of material, are possible. The scope of embodiments is at least as broad as given by the following claims.

Claims

CLAIMS What is claimed is:
1. A method comprising:
receiving a camera image of a user at a computer system;
testing the image for recognition against a user account;
confirming that the image corresponds to a real human; and
if the image is authenticated and corresponds to a real human, then authenticating the user to the corresponding user account of the computer system.
2. The method of Claim 1, further comprising if the image is authenticated and does not correspond to a real human, then refusing authentication.
3. The method of Claim 1, further comprising if the image is authenticated and corresponds to a real human then further testing the user to confirm that the image corresponds to a real human and if the further testing is passed then authenticating the user.
4. The method of Claim 3, wherein confirming that the image corresponds to real human comprises applying a test to the user that requires no response from the user and wherein further testing the user comprises applying a test that requires a response from the user.
5. The method of Claim 4, wherein the required response is an involuntary response.
6. The method of Claim 4, wherein the required response is a reply to a prompt from the computer system.
7. The method of Claim 1, wherein confirming that the image corresponds to a real human comprises applying a plurality of different tests to the user.
8. The method of Claim 7, wherein the plurality of different tests comprise a test that requires no response from the user and a test that requires s response from the user.
9. The method of Claim 8, wherein the test that requires a response includes a test that requires an involuntary response and a test that requires a voluntary response.
10. The method of Claim 1, wherein testing the image comprises comparing the image to a library of stored user images.
11. The method of Claim 1, wherein confirming comprises observing the image using a 3D camera to determine whether the user is in 3D.
12. The method of Claim 1, wherein confirming comprises measuring infra red radiation from the user to assess a heat signature of the user.
13. The method of Claim 1, wherein confirming comprises recording video of the user and assessing motion vectors in the video.
14. The method of Claim 1, wherein confirming comprises generating a stimulus and observing a response of the user.
15. The method of Claim 14, wherein the stimulus comprises a sudden light.
16. A machine-readable non-transitory medium having instructions that when operated on by the machine cause the machine to perform operations comprising:
receiving a camera image of a user at a computer system;
testing the image for recognition against a user account;
confirming that the image corresponds to a real human; and
if the image is authenticated and corresponds to a real human, then authenticating the user to the corresponding user account of the computer system.
17. The medium of Claim 16, further comprising if the image is authenticated and corresponds to a real human then further testing the user to confirm that the image corresponds to a real human and if the further testing is passed then authenticating the user.
18. The medium of Claim 17, wherein confirming that the image corresponds to a real human comprises applying a test to the user that requires no response from the user and wherein further testing the user comprises applying a test that requires a response from the user.
19. A computer system comprising:
a camera to receive an image of a user at the computer system;
a memory to store a library of stored user images in association with user accounts; a processor to test the received image for recognition against a user account of the memory and to confirm that the image corresponds to a real human, wherein if the image is authenticated and corresponds to a real human, then to authenticate the user to the corresponding user account of the computer system.
20. The computer system of Claim 19, further comprising a user interface to present a stimulus to the user and to receive an involuntary response from the user and wherein the processor uses the response as further testing of the user to confirm that the image corresponds to a real human.
PCT/US2013/043777 2012-06-29 2013-05-31 Real human detection and confirmation in personal credential verification WO2014003978A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP13809914.8A EP2867816A4 (en) 2012-06-29 2013-05-31 Real human detection and confirmation in personal credential verification
CN201380028065.0A CN104541277B (en) 2012-06-29 2013-05-31 User authen method and customer certification system

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US13/539,034 US20140007224A1 (en) 2012-06-29 2012-06-29 Real human detection and confirmation in personal credential verification
US13/539,034 2012-06-29

Publications (1)

Publication Number Publication Date
WO2014003978A1 true WO2014003978A1 (en) 2014-01-03

Family

ID=49779758

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2013/043777 WO2014003978A1 (en) 2012-06-29 2013-05-31 Real human detection and confirmation in personal credential verification

Country Status (4)

Country Link
US (1) US20140007224A1 (en)
EP (1) EP2867816A4 (en)
CN (1) CN104541277B (en)
WO (1) WO2014003978A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105898846A (en) * 2015-02-12 2016-08-24 摩托罗拉移动有限责任公司 Adaptive filtering for presence detection
WO2017070971A1 (en) * 2015-10-31 2017-05-04 华为技术有限公司 Facial authentication method and electronic device
CN111241883A (en) * 2018-11-29 2020-06-05 百度在线网络技术(北京)有限公司 Method and device for preventing remote detected personnel from cheating

Families Citing this family (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10298858B2 (en) * 2012-11-30 2019-05-21 Robert Bosch Gmbh Methods to combine radiation-based temperature sensor and inertial sensor and/or camera output in a handheld/mobile device
CN103856472B (en) 2012-12-06 2017-08-18 阿里巴巴集团控股有限公司 A kind of method and device of Account Logon
CN105378790B (en) 2013-03-15 2020-06-12 索库里公司 Risk assessment using social networking data
US10235508B2 (en) * 2013-05-08 2019-03-19 Jpmorgan Chase Bank, N.A. Systems and methods for high fidelity multi-modal out-of-band biometric authentication with human cross-checking
US20150084774A1 (en) * 2013-09-26 2015-03-26 Mark Henry Wojcik Remote breath alcohol monitor
CN104808778B (en) * 2014-01-24 2019-03-01 北京奇虎科技有限公司 Judge the device and method of head-wearing type intelligent equipment operation validity
US9510196B2 (en) * 2014-03-17 2016-11-29 Qualcomm Incorporated Method and apparatus for authenticating a user on a mobile device
US9147117B1 (en) * 2014-06-11 2015-09-29 Socure Inc. Analyzing facial recognition data and social network data for user authentication
US9584524B2 (en) * 2014-07-03 2017-02-28 Live Nation Entertainment, Inc. Sensor-based human authorization evaluation
WO2016139655A1 (en) * 2015-03-01 2016-09-09 I Am Real Ltd. Method and system for preventing uploading of faked photos
US10446142B2 (en) 2015-05-20 2019-10-15 Microsoft Technology Licensing, Llc Crafting feedback dialogue with a digital assistant
AU2016384585A1 (en) * 2016-01-08 2018-05-10 Visa International Service Association Secure authentication using biometric input
CN107786487B (en) * 2016-08-24 2021-02-02 腾讯科技(深圳)有限公司 Information authentication processing method, system and related equipment
US10296998B2 (en) 2016-11-10 2019-05-21 Mcafee, Llc Optical feedback for visual recognition authentication
EP3447684A1 (en) 2017-08-22 2019-02-27 Eyn Limited Verification method and system
GB2570620A (en) * 2017-08-22 2019-08-07 Eyn Ltd Verification method and system
US10726245B2 (en) * 2017-12-12 2020-07-28 Black Sesame International Holding Limited Secure facial authentication system using active infrared light source and RGB-IR sensor
CN111492357A (en) * 2017-12-21 2020-08-04 三星电子株式会社 System and method for biometric user authentication
US10922590B2 (en) * 2018-02-09 2021-02-16 Stmicroelectronics (Research & Development) Limited Apparatus, method and computer program for performing object recognition
CH718887A1 (en) * 2021-08-12 2023-02-15 Mederer Gmbh Method and system for validating a medical self-test.
US12019725B2 (en) * 2022-02-03 2024-06-25 Johnson Controls Tyco IP Holdings LLP Methods and systems for employing an edge device to provide multifactor authentication

Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1994010658A1 (en) * 1992-11-05 1994-05-11 Coms21 Limited Secure access control system
US20020176610A1 (en) 2001-05-25 2002-11-28 Akio Okazaki Face image recording system
JP2003317100A (en) 2002-02-22 2003-11-07 Matsushita Electric Ind Co Ltd Information terminal device, authentication system, and registering and authenticating method
US20040151348A1 (en) 2003-02-05 2004-08-05 Shuji Ono Authentication apparatus
JP2005259049A (en) 2004-03-15 2005-09-22 Omron Corp Face collation device
US20060206724A1 (en) 2005-02-16 2006-09-14 David Schaufele Biometric-based systems and methods for identity verification
US20070092115A1 (en) 2005-10-26 2007-04-26 Usher David B Method and system for detecting biometric liveness
US20070122005A1 (en) * 2005-11-29 2007-05-31 Mitsubishi Electric Corporation Image authentication apparatus
KR20070105528A (en) * 2006-04-26 2007-10-31 한국전자통신연구원 Method and apparatus for user authentication using face image
US20080104415A1 (en) 2004-12-06 2008-05-01 Daphna Palti-Wasserman Multivariate Dynamic Biometrics System
US20090092294A1 (en) 2006-03-01 2009-04-09 Kaoru Uchida Face authenticating apparatus, face authenticating method, and program
US20120114191A1 (en) * 2010-11-04 2012-05-10 The Go Daddy Group, Inc. Systems and Methods for Person's Verification Using Photographs on Identification Documents Taken by a Verifier-Controlled Digital Camera

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4734980B2 (en) * 2005-03-15 2011-07-27 オムロン株式会社 Face authentication device and control method therefor, electronic device equipped with face authentication device, face authentication device control program, and recording medium recording the program
CN101021898A (en) * 2006-02-13 2007-08-22 斯马特维尔雷斯有限公司 Infrared face authenticating apparatus, and portable terminal and security apparatus including the same

Patent Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1994010658A1 (en) * 1992-11-05 1994-05-11 Coms21 Limited Secure access control system
US20020176610A1 (en) 2001-05-25 2002-11-28 Akio Okazaki Face image recording system
JP2003317100A (en) 2002-02-22 2003-11-07 Matsushita Electric Ind Co Ltd Information terminal device, authentication system, and registering and authenticating method
US20040151348A1 (en) 2003-02-05 2004-08-05 Shuji Ono Authentication apparatus
JP2005259049A (en) 2004-03-15 2005-09-22 Omron Corp Face collation device
US20080104415A1 (en) 2004-12-06 2008-05-01 Daphna Palti-Wasserman Multivariate Dynamic Biometrics System
US20060206724A1 (en) 2005-02-16 2006-09-14 David Schaufele Biometric-based systems and methods for identity verification
US20070092115A1 (en) 2005-10-26 2007-04-26 Usher David B Method and system for detecting biometric liveness
US20070122005A1 (en) * 2005-11-29 2007-05-31 Mitsubishi Electric Corporation Image authentication apparatus
US20090092294A1 (en) 2006-03-01 2009-04-09 Kaoru Uchida Face authenticating apparatus, face authenticating method, and program
KR20070105528A (en) * 2006-04-26 2007-10-31 한국전자통신연구원 Method and apparatus for user authentication using face image
US20120114191A1 (en) * 2010-11-04 2012-05-10 The Go Daddy Group, Inc. Systems and Methods for Person's Verification Using Photographs on Identification Documents Taken by a Verifier-Controlled Digital Camera

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
"Automatic Identification Technologies, 2005. Fourth IEEE Work Shop on Buffalo", 17 October 2005, IEEE, article "Evaluating Liveness by face Images and the Structure Tensor", pages: 75 - 80
A. HADID ET AL.: "FACE AND EYE DETECTION FOR PERSON AUTHENTICATION IN MOBILE PHONES", DISTRIBUTED SMART CAMERAS, ICDSC '07, FIRST ACM/IEEE INTERNATIONAL CONFERENCE ON, 25 September 2007 (2007-09-25), VIENNA, pages 101 - 108, XP031151270 *
See also references of EP2867816A4

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105898846A (en) * 2015-02-12 2016-08-24 摩托罗拉移动有限责任公司 Adaptive filtering for presence detection
CN105898846B (en) * 2015-02-12 2019-02-12 摩托罗拉移动有限责任公司 For there is the adaptive-filtering of detection
WO2017070971A1 (en) * 2015-10-31 2017-05-04 华为技术有限公司 Facial authentication method and electronic device
US10552593B2 (en) 2015-10-31 2020-02-04 Huawei Technologies Co., Ltd. Face verification method and electronic device
CN111241883A (en) * 2018-11-29 2020-06-05 百度在线网络技术(北京)有限公司 Method and device for preventing remote detected personnel from cheating
CN111241883B (en) * 2018-11-29 2023-08-25 百度在线网络技术(北京)有限公司 Method and device for preventing cheating of remote tested personnel

Also Published As

Publication number Publication date
EP2867816A4 (en) 2016-02-17
US20140007224A1 (en) 2014-01-02
CN104541277A (en) 2015-04-22
EP2867816A1 (en) 2015-05-06
CN104541277B (en) 2019-01-01

Similar Documents

Publication Publication Date Title
US20140007224A1 (en) Real human detection and confirmation in personal credential verification
US20230188521A1 (en) Secure authorization for access to private data in virtual reality
US10395018B2 (en) System, method, and device of detecting identity of a user and authenticating a user
KR102508947B1 (en) Embedded authentication systems in an electronic device
US9025830B2 (en) Liveness detection system based on face behavior
US20160226865A1 (en) Motion based authentication systems and methods
JP2020502602A (en) Authentication based on face recognition
CN107506634B (en) Data display method and device, storage medium and terminal
KR20180016232A (en) Authentication techniques including speech and/or lip movement analysis
KR20180016235A (en) Authentication techniques including speech and/or lip movement analysis
KR20140072858A (en) Method and computer program for providing authentication to control access to a computer system
US9202027B2 (en) Private/public gesture security system and method of operation thereof
JP7428242B2 (en) Authentication device, authentication system, authentication method and authentication program
US20230177128A1 (en) Authentication and calibration via gaze tracking
US20200201977A1 (en) Method for authenticating a first user and corresponding first device and system
CN109804608B (en) Providing access to structured storage data
Sieger et al. Poster: User preferences for biometric authentication methods and graded security on mobile phones
TW201738793A (en) High-safety user multi-authentication system and method
US11698955B1 (en) Input-triggered inmate verification
WO2019089636A1 (en) Biometric user authentication for online session using mobile device
Lovell et al. Secure face recognition for mobile applications
Shrestha New Authentication And Privacy Paradigms In Mobile And Wearable Computing
KR20170039518A (en) Apparatus and method for controlling use of electronic device using fake face detection
Yang Improving Two-Factor Authentication Usability with Sensor-Assisted Facial Recognition
Shah Pianotap: Improving tap authentication on mobile devices

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 13809914

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 2013809914

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: DE