This secure and rapid authentication method is ideal for account logins and high-risk scenarios (e.g., logging in from a foreign IP address or authorizing high-risk transactions such as wire transfers and online purchases). Secure selfie authentication can also be used to unlock doors (rental cars), self check-in (hotels), e-learning (online test taking) and continuous security (e.g., re-verifying the identity of ride-sharing drivers on a frequent basis).
“As more of our important interactions move online, establishing trust digitally has become critical,” said Stephen Stuut, CEO of Jumio. “Jumio is pioneering selfie-based authentication to allow businesses to leverage biometric user data captured during enrollment and re-verify that data in the future. With our new selfie-based authentication, users are not required to repeat the identity proofing process again — they just take a quick selfie — and as the digital chain of trust grows, so does the security level.”
Biometric authentication is the verification of enough unique human traits to physically prove a user is actually who they claim to be. It offers far greater security than previous step-up methods, such as knowledge-based authentication and multi-factor authentication, which remain vulnerable to imposters, credential phishing, large-scale data breaches, dark web user data dumps and man-in-the middle attacks.
But past attempts at biometric authentication have had their own vulnerabilities, as fraudsters have quickly learned to fool online identity verification solutions with spoofing attacks (e.g. using a photo, video or mask of the authorized person’s face). This is why it’s increasingly imperative to check whether the correct user is physically present during the account set-up (enrollment) process.
To combat this emerging threat, Jumio integrated iBeta Level 1 and Level 2 Certified anti-spoofing technology,ZoOm® 3D Face Login with TrueLiveness Detection from FaceTec, into its online identity verification suite to capture and process the user’s face images taken from any 2D mobile device camera or webcam. These face frames are then reconstituted to create a 3D face map which contains more than 100 times more liveness data than a 2D photo.
With Jumio Authentication, the digital chain of trust starts at enrollment when an online user takes a photo of their government-issued ID (driver’s license, passport or ID card) and then takes a video-selfie, which is instantly analyzed via AI to determine that they are living human and not a spoof. The selfie is compared to the picture on the ID document to reliably establish the digital identity of the new user.
Later when the user wants to log into their account or whenever a high-risk transaction occurs, Jumio Authentication allows the user to take another video-selfie (where a new 3D face map is created), which is then compared to the original face map, verifying the user and unlocking the account in seconds.
“Data breaches have put hundreds of millions of personal records and passwords into the hands of fraudsters, but biometric technology, especially face authentication, holds universal promise for solving our user access security challenges,” said Kevin Alan Tussy, CEO of FaceTec. “ZoOm provides Jumio’s customers with 3D face authentication featuring iBeta/NIST Level 1&2 Certified Liveness Detection based on the ISO 30107 standard, making it secure enough to replace passwords, knowledge-based authentication, and even SMS-based two-factor authentication on over 10 billion supported devices.”
In fact, Gartner predicts that “By 2023, identity corroboration hubs will displace existing authentication platforms in over 50% of large and global enterprises.” [Source: Gartner Identity and Access Management Summit, Dec. 4, “Transform User Authentication With a CARTA Approach to Identity Corroboration,” Ant Allan]
Like this article? Take a second to support us on Patreon!