FaceTec has really made a name for itself over the last several months, thanks to its ZoOm 3D Face Login solution. While a number of authentication specialists have sought to leverage facial recognition since Apple began to popularize face unlock for its iPhone X last September, FaceTec’s system stands out for its use of 3D facial modelling. Rather than using a conventional selfie for user authentication, it prompts end users to take a brief video selfie, which its AI algorithms use to establish a far more detailed biometric map of the user’s face than what’s possible through 2D imaging.
The system was launched through a major European bank deployment last October, and has quickly caught on, as FaceTec CEO Kevin Alan Tussy explained in a recent interview with Mobile ID World President Peter O’Neill. Not only has FaceTec seen strong growth in its user base, it has also seen considerable industry recognition, particularly with respect to its recent iBeta testing, in which it became the first biometrics company to attain Level 1 certification in the Presentation Attack Detection Test. Tussy outlined the details of this rigorous evaluation as well in the interview, and proceeded to delve into the company’s plans for the future, its growing market recognition, and even the recent controversy over Amazon’s Rekognition computer vision system.
Read our full interview with Kevin Alan Tussy, CEO, FaceTec:
Peter O’Neill, President, Mobile ID World (MIDW): Your authentication product, ZoOm, has been in production for about ten months now, can you tell us how us how things are going?
Kevin Alan Tussy, CEO, FaceTec (FACETEC): Definitely, and thank you Peter for having me back. It’s great to speak with you again. We’ve had a great year so far and made significant progress since we launched ZoOm in October with a large bank in Eastern Europe, and I’m pleased to tell you that it is now in production and in daily use on four continents. Our customer base is growing at a very healthy rate every month.
For me, the most exciting recent development is that ZoOm 3D Face Login just became the first and only biometric face authenticator to pass the NIST-certified iBeta Presentation Attack Detection (PAD) Level 1 Certification Test, which is based on the ISO 30107-3 global standard. They would never release negative results, but I believe that most of our competitors have attempted this level of PAD testing and failed.
And, we understand, some companies and even some standards bodies have been lobbying to significantly lower the security requirements for PAD/Anti-Spoofing tests, but now that we have proven this very difficult test can be passed, I don’t think the standards will be relaxed. It’s critically important for the customers and end-users that liveness detection standards remain extremely high.
Biometric authenticators are “black-box” technologies that deal in probabilities, so it’s tough, even for those with sophisticated labs, to properly evaluate security levels. Comprehensive tests like iBeta’s are so important because every organization regardless of size has a responsibility to provide their users with the most effective security solution they can. This test makes it much easier to differentiate between marketing hype and objectively-verified security. To us, there is no doubt that formalized, standards-backed PAD tests like iBeta’s should be a prerequisite for every biometric vendor.
MIDW: That really is important news. The biometric security industry has needed a definitive test for presentation attack detection for some time. Can you tell us about the difficulty of the test, and why hasn’t anyone but FaceTec been able to pass it?
FACETEC: The iBeta test is indeed very difficult. For us it entailed six days of rigorous testing with over 1,500 spoof sessions performed. And every single spoof attempt was rebuffed. The test subjects, per the ISO standard, provided iBeta with high-res photos and videos to help them try to spoof the system in many clever ways. And, make no mistake, iBeta’s testing team has some of the world’s top experts when it comes to finding vulnerabilities in biometric systems. They have a very deep understanding of how anti-spoofing works, so if there’s a weakness in the security scheme iBeta will probably find it.
MIDW: I understand that the ISO standard 30107-3 requires the human subject to be “cooperative”. Can you explain why a fully cooperative subject is such an important part of the test?
FACETEC: Great question, Peter. A cooperative subject is a person who is willing to provide very specific biometric data that allows the testers to create artifacts they believe will have the highest probability of spoofing the system. For example, if a system used blinking to detect liveness, then the subject would be asked to make a video with their eyes blinking in an effort to defeat the system. This cooperative approach is extremely important: In the real world, cooperative users could be people complicit in a fraud scheme by sharing their biometric data with co-conspirators, or a user whose biometric data was phished from them by a bad actor. The access to the biometric data makes for much for difficult attacks to defend against.
MIDW: So now that this anti-spoofing test has been passed, what’s next for FaceTec?
FACETEC: We have a lot more going on, Peter! First off, on the commercial side we are staffing up the business development team and are adding new representatives on the east coast and in Europe, along with adding a couple new integration partners that I’m sure you will recognize when we announce. We recently brought on Steve Cook, a highly regarded biometrics expert from the UK as our VP of New Business to lead our EMEA-region business development efforts.
On the technology side, we are going to be releasing ZoOm v7 soon. Our development team knocked it out of the park with this one. It’s by far the largest and most significant update we have ever done. It’s more powerful, more flexible, enterprise friendly, and even easier to use.
ZoOm v7 is now a truly universal SaaS face authentication platform. ZoOm v7 works cross-device and cross-platform. For example, you can enroll on a laptop and then later authenticate on a smartphone without having to re-enroll. This flexibility has been made possible by our new browser-based ZoOm interface for webcams that now compliments our Mobile SDKs for Android and iOS. Plus, we have added support for progressive web apps, or PWAs, something I’m sure you’ll be hearing more about in the near future. Enrollment is now even faster, taking only 10-15 seconds, and we’ve added new “Do This, Not That” user feedback graphics.
Several improvements in v7 focus on enabling frictionless enterprise implementation, and now ZoOm can verify users with FaceTec’s “Managed Matcher Services” or the client’s private cloud. The algorithms that verify liveness and three-dimensionality can now be run on-device, on-cloud, or both.
If you recall, our liveness detection systems are totally AI-driven, and it’s those algorithms and neural networks that allow us to replace passwords with the universal, portable biometric modality that the market has been begging for all these years.
MIDW: Are you seeing FaceTec and ZoOm becoming more recognizable, and more able to open new markets and secure new customers?
FACETEC: Yes, I think we are getting more recognition. We’ve already been able to win RFP’s and take business away from established players, and a lot more organizations are reaching out to us directly. As you know, we were really heads-down working on the technology until just about 10 months ago, so I think we are making strong commercial progress now. We are working with nearly 100 organizations around the world, from startups to some of the largest companies and government agencies. And it’s great to continue to see so much interest from sectors like eCommerce, payments, banking and finance, transportation, government, and ID management as they become more familiar with what ZoOm can actually do.
It’s looking like the rest of 2018 and 2019 will be very busy for us, particularly with the PSD2 regulatory requirements for strong authentication coming in Europe, where ZoOm is a perfect fit. We have also started working with Gartner analysts, as well as weighing in on a recent report from Forrester Research.
MIDW: Yes, that’s right, I remember that FaceTec was a major contributor to Forrester’s recent report: The State Of Facial Recognition For Authentication And Verification. What did you think of it?
FACETEC: I loved it. Forrester clearly stressed the critical importance of liveness detection and explained the benefits of a cloud-based authentication system. It was right on the money. I think every company considering biometric authentication should read it.
MIDW: Has any of the recent media coverage of Amazon’s Rekognition service mistaking congressmen for criminals affected FaceTec?
FACETEC: Not directly, no. But I do think Amazon’s response, explaining machine learning and probability, was excellent. Though they are often just clickbait, some of these stories actually do help to educate the public about biometrics. It’s very important that people understand the difference between authentication systems like ZoOm, and Facial Recognition for things like crowd surveillance, like most biometrics vendors provide.
We want to make sure people know that ZoOm protects the user’s privacy and protects from identity theft and phishing via face authentication. It’s much different technology than the facial recognition used for spying and surveillance.
MIDW: What is the best way for people to learn more about FaceTec and ZoOm?
FACETEC: We recently updated our website, ZoOmLogin.com. We have quite a few new white papers, product marketing docs, and case studies on the site and we encourage everyone to take a look. The SDK’s and integration documentation is also available on our developer site. We’ve made it very simple to integrate the development SDK and get started with ZoOm.
MIDW: Thank you again for taking the time to talk with us today.
FACETEC: My pleasure, Peter. I look forward to chatting with you again soon.