Sunday, July 14, 2024

Fake Face Fest — A Quick Overview of Biometric Antispoofing in China

The technology of “biometric identification”, while being a relatively recent know-how, has been widely represented in sci-fi movies and literature for decades. We’ve all seen villains and heroes using complicated devices to gain access to personal vaults, military installations, private bunkers etc. 

Frequently we see these systems being hacked as well. The spoofing tools are using gelatin fingerprints, fake eye retinas, and so on. How close is this representation to reality? Let’s take a closer look, based on one of the world’s most electronically advanced countries — China. 

First, let’s talk about spoofing in general. Liveness spoofing is a malicious activity aimed at gaining access to confidential info and/or personal valuables by using forged or counterfeit biometric data: photos, fingerprints, retina-based identification etc.

First attempts

Chinese liveness detection and anti-spoofing systems existed since the introduction of such methods back in the early 2000s. The earliest Chinese facial recognition and liveness detection systems were mostly based on the Western technology, such as the US Army’s Defense Advanced Research Projects Agency (DARPA) Ferret project. 

It was as an early example of such technology that contained a major drawback: it worked only under ideal conditions (front-side visa/passport photos) and with an approximate rate of 73% effectiveness.

With the first experiments conducted by the Chinese banks and financial institutions, the first challenges appeared: systems were unreliable, often failing to recognize the image of a person using them. Plus, they were easily fooled by lighting and artificially altered images. 

Gradual improvement of the technology involved several steps aiming at the security boost before anti-spoofing systems could be effectively put into use. 

Among a huge number of methods and technologies used in China we can highlight two of them based on facial recognition and widely implemented by such financial and technological giants as Bank of China, AliBaba, Tencent and others.

These methods include real-time polarized face anti-spoofing (PAAS) and Presentation Attacks Detection (PAD). Let’s first compare the two major systems in use.

          Picture: Example of the machine image analysis, using the PAD method

They shall not PAAS 

The first one of those (PAAS) uses a light polarization method, which implies the machine learning-based analysis of light reflection, using real faces, mock faces (dolls and sculptured faces) and computerized images. 

This is a greatly simplified outlook. However, it describes the main operative method of the system. As researchers from the Tianjin Academy for Intelligent Recognition Technologies outline in their comprehensive study of the topic

Because polarization reveals the information of shape, material, roughness and other attributes of an object, it becomes extremely difficult to imitate or change it by a third party for malicious intents.


The Presentation Attack Protection (PAD) is yet another method of anti-spoofing, developed, patented and maintained by a group of researchers from the Chinese branch of Institute of Electrical and Electronics Engineers (IEEE). 

This method is employed on a different level of biometric data recognition, compared to the PAAS method, described earlier. 

First and foremost it aims at creating a comprehensive network that would eliminate the difference in camera recognition effectiveness, which naturally stems from differences in quality and sensitivity of camera lenses, matrixes and other parts.

What PAD does is a complex analysis of the second, “underlying” layer of the face presented. Compared to the first layer, analyzed by the PAAS technology, PAD “disassembles” the image it’s “seeing” to quickly search for some small defects or any other altering clues that the second layer of the picture/video might contain.


The aforementioned Chinese technologies, as well as any complementary methods have found wide use in different areas, from e-banking to school exams. 

For instance, anti-spoofing and liveness detection technologies are widely used in university examinations, to confirm the identity of the student passing an exam. 

This measure prevents another person from taking an exam instead of an actual entrant, which is an illegal paid service, widely used throughout China.

So, we can conclude that throughout the early 2000s and up to this, China has been developing and implementing numerous methods aimed at raising its liveness detection in anti-spoofing technologies. We will cover the history of this process in the next article. Stay tuned! 

More information about liveness and anti-spoofing technologies you can be read on the liveness wiki – Here.


Latest articles

mSpy Data Breach: Millions of Customers’ Data Exposed

mSpy, a widely used phone spyware application, has suffered a significant data breach, exposing...

Advance Auto Parts Cyber Attack: Over 2 Million Users Data Exposed

RALEIGH, NC—Advance Stores Company, Incorporated, a prominent commercial entity in the automotive industry, has...

Hackers Using ClickFix Social Engineering Tactics to Deploy Malware

Cybersecurity researchers at McAfee Labs have uncovered a sophisticated new method of malware delivery,...

Coyote Banking Trojan Attacking Windows Users To Steal Login Details

Hackers use Banking Trojans to steal sensitive financial information. These Trojans can also intercept...

Hackers Created 700+ Fake Domains to Sell Olympic Games Tickets

As the world eagerly anticipates the Olympic Games Paris 2024, a cybersecurity threat has...

Japanese Space Agency Spotted zero-day via Microsoft 365 Services

The Japan Aerospace Exploration Agency (JAXA) has revealed details of a cybersecurity incident that...

Top 10 Active Directory Management Tools – 2024

Active Directory Management Tools are essential for IT administrators to manage and secure Active...

Free Webinar

Low Rate DDoS Attack

9 of 10 sites on the AppTrana network have faced a DDoS attack in the last 30 days.
Some DDoS attacks could readily be blocked by rate-limiting, IP reputation checks and other basic mitigation methods.
More than 50% of the DDoS attacks are employing botnets to send slow DDoS attacks where millions of IPs are being employed to send one or two requests per minute..
Key takeaways include:

  • The mechanics of a low-DDoS attack
  • Fundamentals of behavioural AI and rate-limiting
  • Surgical mitigation actions to minimize false positives
  • Role of managed services in DDoS monitoring

Related Articles