Face Recognition & Liveness Verification
This document explains how Face Recognition and Liveness Verification work from a user perspective, what is required during the process, and how captured data is used.
1. What is Face Recognition?
Face Recognition is a security process used to confirm that:
- You are a real, present human being.
- Your face matches the reference image you previously provided (for example, a profile photo).
This helps prevent unauthorized access using photos, videos, or impersonation attempts.
2. Why is Liveness Verification required?
A face image alone is not sufficient to guarantee security.
Liveness Verification (also called Proof of Life) ensures that:
- The interaction is happening in real time
- A real person is physically present in front of the camera
- The system is not being tricked by:
- Printed photos
- Screens or replays
- Pre-recorded videos
- Masks or deepfake attempts
3. How the verification process works
Step 1: Reference image validation
The system checks whether the reference image contains at least one human face.
If no face is detected, the process cannot continue.
Step 2: Live camera verification
You will be asked to enable your camera and follow on-screen instructions.
These instructions may include:
- Looking left or right
- Looking up or down
- Closing your eyes
- Opening your mouth
The sequence is randomized to prevent spoofing.
Step 3: Proof of Life confirmation
While you perform the requested actions, the system verifies that:
- Your face is real and moving naturally
- Only one face is visible
- Your face remains within the guided area on the screen
- Gestures are performed correctly and within the allowed time
If the liveness challenge is not completed successfully, the verification will fail.
Step 4: Face comparison
Once liveness is confirmed, the system:
- Captures high-quality frames from the live session
- Extracts facial features
- Compares them with the reference image
If a sufficient match is found, the verification succeeds.
4. Enabling Face Recognition and Liveness Detection
Face Recognition and Liveness Detection can be enabled from the Tenant Configuration panel under Security & Access.
These settings allow you to control how user identity is verified during authentication.
Step 1: Enable Face Recognition Authentication
To require face recognition for user identity validation:
- Go to Backoffice → Tenant Configuration
- Open Security & Access
- Enable Face Recognition Authentication
Once enabled, users will be required to verify their identity using face recognition when validating a Keepic.
Step 2: Enable Liveness Detection (Optional but Recommended)
After Face Recognition is enabled, you can activate Liveness Detection for additional security.
- Make sure Face Recognition Authentication is already enabled
- Toggle Use Liveness Detection
- Save the changes
When this option is active, users must complete a live gesture challenge (Proof of Life) to confirm they are physically present and not using a photo or video.
Recommended Configuration
For maximum security, we strongly recommend enabling both:
- Face Recognition Authentication
- Liveness Detection
This combination provides protection against impersonation, replay attacks, and spoofing attempts while maintaining a smooth user experience.
5. Possible results
After the process, one of the following outcomes is returned:
-
Success
Your identity was verified successfully. -
Warning
The match is acceptable but has lower confidence. Additional backend validation may occur. -
Fail
The system could not confirm your identity or liveness.
6. Common reasons for failure
Verification may fail if:
- The camera is blocked or blurry
- Multiple faces appear on the screen
- The face leaves the guided area
- Required gestures are not completed within the allowed time
- A static image or replay attempt is detected
7. Data Privacy
Does this process store any biometrics?
No. This process does not generate or store any biometric data (such as biometric templates or patterns).
It only validates the presence of a real person in front of the camera and compares the live session against the user-provided reference image (Keepic).
All processing happens on the fly, entirely in the memory of the user’s device, without generating or storing any biometric data locally or remotely.
Does this process send any personal data to servers?
No. Video frames and images are processed exclusively in memory on the user’s device.
Nothing is:
- Sent to external servers
- Stored locally
- Persisted after the verification process ends
No personal or biometric data is exposed outside the user’s device during face recognition or liveness verification.
The only information sent to the server is the final outcome of the verification process.
Which data is generated?
The face recognition process only generates and shares generic, non-biometric validation data, such as:
- The liveness challenge sequence executed (face movements)
- Execution and duration times
- The verification result (pass or fail)
- Face similarity score
This data does not allow biometric reconstruction and is used strictly for validation and audit purposes.
8. Security and anti-spoofing measures
To protect users, the system includes safeguards such as:
- Detection of unnatural lack of movement
- Blink monitoring
- Frame repetition detection
- Head pose variability checks
- Multi-face prevention
These measures help ensure that only real users can pass verification.
9. What users need to do
For best results:
- Use a well-lit environment
- Avoid backlighting
- Remove hats, masks, or sunglasses
- Hold the device steady
- Follow on-screen instructions calmly
10. Summary
Face Recognition and Liveness Verification work together to provide a secure, privacy-respecting way to confirm identity.
The process is fast, non-invasive, and designed to protect both users and the platform from fraud or impersonation.
If verification fails, simply try again by following the guidance provided on the screen.