JP2018504703A - Biometric detection of face - Google Patents

Abstract

Methods, systems, and computer-readable storage media for detecting facial biological properties are provided. The action of the embodiment processes the first and second facial images of the subject acquired at first and second successive time points to identify the first and second corneal reflections of the subject. Identifying a change in the corneal reflection of the object based on the identified first and second corneal reflections, and associating the specified change in the corneal reflection of the object with the first and second time points Comparing with the known changes made, and determining the biological properties of the face of the subject based on the results of the comparison. The known change may be a camera device motion or a illuminator illumination change. [Selection] Figure 5

Description

[Cross-reference of related applications]
This application is based on US provisional application 62 / 098,575 filed December 31, 2014 and US provisional patent application 62 / 098,596 filed December 31, 2014. Claims priority under 35 USC 119 (e), the entire contents of which are hereby incorporated by reference.

  The present disclosure relates generally to computer-based authentication.

  Transactions between consumers and merchants can be exposed to risks such as theft of personal information, unauthorized use of personal information, impersonation, and phishing, all of which can hinder the flow of business transactions.

  Embodiments of the present disclosure include a computer-implemented method for detecting facial vitality. In some embodiments, the method actions include the first and second of the subjects acquired at the first and second consecutive time points to identify the first and second corneal reflections of the object. Processing two face images, identifying a change in corneal reflection of the object based on the identified first and second corneal reflections, and first identifying a change in corneal reflection of the object. And comparing with a known change associated with the second time point, and determining the biological nature of the subject's face based on the result of the comparison. The known change may be a camera device motion or a illuminator illumination change.

  Embodiments of the present disclosure can further include a computer-implemented method for detecting facial biologicalness, wherein the method action is to identify the first and second corneal reflections of the object. , Processing the first and second facial images of the subject acquired at the first and second successive time points, and the corneal reflection of the object based on the identified first and second corneal reflections Identifying a change in the subject, comparing the identified change in corneal reflection of the object with the motion associated with the first and second time points, and the biological properties of the subject's face based on the comparison result Determining.

  Each of these and other embodiments can optionally include one or more of the following features. Comparing an object's identified corneal reflection change with motion correlates the object's identified corneal reflection change with motion and scores matching quality based on the results of the correlation And comparing the scored matching quality with a predetermined threshold. Determining the biological nature of the subject's face includes determining that the subject's face is a living body in response to determining that the scored matching quality exceeds a predetermined threshold. The actions further determine an expected corneal reflection of the object at the second time point based on the identified first corneal reflection and motion, and a second corneal reflection identified as the expected corneal reflection. And evaluating the biological properties of the subject's face by specifying the degree of coincidence (likelihood).

  In some embodiments, the change in the corneal reflection of the object includes a change in the position of the corneal reflection of the object. The motion can be associated with the movement of the object between the first and second positions, a first facial image can be obtained at a first time when the object is at the first position, The second face image can be acquired at a second time point when the object is at the second position. The actions may further include receiving information on the movement of the object measured by the sensor and identifying motion based on the received information on the movement of the object. In some cases, these actions include instructing the subject to move the object. In some cases, the movement of the object is associated with the natural movement of the subject.

  Those actions are performed by one or more processors that may be included in the computing device. The computing device can comprise an object and a sensor, the object can be a camera device, and the sensor comprises at least one of an accelerometer, a gyroscope, or a global positioning system (GPS). May be included. These actions may further include using a sensor to confirm that the object is moving and requesting the camera device to take a face image of the subject.

  In some examples, the motion is a predetermined motion for the object, and the object is moved from a first position to a second position based on the predetermined motion. In some examples, the first and second facial images include a second object that is stationary as the object moves, and the actions are further in the first and second facial images. Identifying a motion based on a change in position of the second object.

  Those actions may include transmitting a command to the controller coupled to the object to instruct the controller to move the object. The command can include a predetermined motion for the object, which is different from a previous predetermined motion for the object.

  In some embodiments, the actions are obtained by transmitting a command to the camera device indicating to obtain the subject's face image at successive time points including the first and second time points. Receiving a face image from the camera device. Receiving the acquired face image from the camera device may include receiving a video stream feed including the acquired face image from the camera device. In some examples, the camera device is moved from a first position to a second position between a first time point and a second time point. The first face image of the subject is acquired at a first time point when the camera device is at the first position, and the second face image of the subject person is acquired at the second time point when the camera device is at the second position. The motion is based on the movement of the camera device between the first and second positions. In some examples, the actions include transmitting to the controller coupled to the object a second command that instructs the controller to move the object at the first and second time points, The motion is based on the movement of the camera device and the movement of the object.

  The object may include one of a camera device, a lighting device, or an object that is brighter than the surrounding environment. The change in the corneal reflection of the object can include a first irradiation change on the object in the first and second corneal reflections. In some cases, the actions further include obtaining a second illumination change on the object for the first and second time points, a second illumination change obtained on the object, Identifying a matching quality between the first illumination change in the second corneal reflection. Determining the biologicalness of the subject's face may include determining the biologicalness of the subject's face based on the identified matching quality and the result of the comparison.

  Those actions may include determining that the subject has selected to utilize biometric verification for biometric authentication. Those actions may further include sending a subject authentication request to the identity provider's computing device to access an account managed by a relying party different from the identity provider. The authentication request may include the subject's biometric data and the confirmed biometrics of the subject's face.

  Embodiments of the present disclosure can further include a computer-implemented method for detecting the biological nature of a face, and the actions of the method are for identifying first and second postures of a subject's face. And processing the first and second face images of the subject acquired at the first and second consecutive time points, and changing the face posture based on the identified first and second postures. Identifying the change in face orientation with the motion associated with the first and second time points, and determining the biological nature of the subject's face based on the comparison result And including.

  Each of these and other embodiments can optionally include one or more of the following features. Comparing identified changes in facial pose with motion correlates the identified changes in facial pose with motion, scoring matching quality based on the results of the correlation, and scoring Comparing the matched matching quality with a predetermined threshold. Determining the biological nature of the subject's face includes determining that the subject's face is a living body in response to determining that the scored matching quality exceeds a predetermined threshold. Identifying the first and second poses of the face may include identifying at least one facial landmark of the face.

  In some examples, the actions include calculating a face pose at a second time point based on the identified first pose and motion, and calculating the calculated face pose and second face image. And evaluating the biometricity of the face by specifying the degree of coincidence with the second posture of the face specified from the above.

  Motion can be associated with relative movement of the face and a camera device configured to capture a face image of the subject. In some examples, the actions include instructing the subject to move the camera device relative to the subject's face. In some examples, the actions include receiving camera device movement information measured by a sensor and identifying motion based on the received camera device movement information.

  Those actions are performed by one or more processors that may be included in the computing device, which may comprise a camera device and a sensor, the sensor being an accelerometer, gyroscope, or global positioning system. Including at least one of (GPS).

  Embodiments of the present disclosure can further provide a computer-implemented method for detecting facial vitality, where the action of the method is to identify a corneal reflection of an illuminator adjacent to the subject. Processing the facial image of the subject acquired at a certain point in time, determining the expected corneal reflection of the illuminator based on the illumination of the illuminator at that point, and identifying the illuminator to obtain a comparison result Comparing the performed corneal reflection with the expected corneal reflection of the illuminator and determining the biological properties of the subject's face based on the comparison result.

  Each of these and other embodiments can optionally include one or more of the following features. Comparing the illuminator's specified corneal reflection with the illuminator's expected corneal reflection correlates the illuminator's specified corneal reflection with the illuminator's expected corneal reflection and matches based on the result of the correlation Scoring the quality and comparing the scored matching quality to a predetermined threshold. Determining the biological nature of the subject's face can include determining that the subject's face is a living body in response to determining that the scored matching quality exceeds a predetermined threshold. . Identifying the corneal reflection of the illuminator may include identifying the corneal reflection of the illuminator by at least one of color, shape, position, or pattern.

  Those actions may include actuating the illuminator to illuminate based on the illumination pattern. In some examples, these actions include generating an illumination pattern for the illuminator. In some examples, activating the illuminator includes activating the illuminator in response to determining that the subject has selected to utilize biometric verification for biometric authentication.

  The illuminator may include two or more illumination sources, each having an individual color at an individual location. In some embodiments, illumination of the illuminator is based on temporal illumination patterns of two or more illumination sources. Two or more illumination sources can each produce burst illumination with an individual duration. At least one of the two or more illumination sources may have different illumination shapes with different durations. In some embodiments, illumination of the illuminator is based on spatial illumination patterns of two or more illumination sources. Each of the two or more illumination sources may have an illumination on state or an illumination off state.

  In some examples, the illuminator includes one or more physical light sources, each of an individual light wavelength. In some examples, the illuminator includes one or more digital illumination sources that are displayed on the screen to provide individual illumination colors. Those actions may include generating a digital illumination source. The illuminator can be positioned such that irradiation from the illuminator is incident obliquely on the subject's eyes. Those actions may include instructing the subject to change the relative position of the illuminator and the subject's eye.

  Those actions can include receiving at least a portion of the video stream feed from the camera device, which portion of the video stream feed captures the face image of the subject taken at successive points in time by the camera device. Including. The actions further process the second face image of the subject acquired at a second time point that is continuous to the time point of the first face image to identify a second corneal reflection of the illuminator. To determine a second expected corneal reflection of the illuminator based on a second illumination of the illuminator at a second time point different from the first illumination, and to obtain a second comparison result And comparing the identified second corneal reflection of the illuminator with the second expected corneal reflection of the illuminator and determining the biological properties of the face of the subject based on the comparison result and the second comparison result Can be included.

  Those actions may include sending the confirmed biometrics of the subject's face to the identity provider's computing device. Those actions may further include sending a subject authentication request to the identity provider's computing device to access an account managed by a relying party different from the identity provider. The authentication request may include the subject's biometric data and the confirmed biometrics of the subject's face.

  Embodiments of the present disclosure can further provide a computer-implemented method for detecting facial biologicalness, the action of which includes the first and second corneas of the illuminator adjacent to the subject. In order to identify the reflection, processing the first and second face images of the subject acquired at the first and second consecutive time points respectively, and the identified first and second corneal reflections Identifying a change in the corneal reflection of the illuminator based on, and comparing the identified change in the corneal reflection of the illuminator with an illumination change of the illuminator associated with the first and second successive time points; , And determining the biological property of the face of the subject based on the result of the comparison.

  Each of these and other embodiments can optionally include one or more of the following features. Those actions may include actuating the illuminator to change the illumination of the illuminator based on the illumination change. The illumination change of the illuminator may include at least one of a change in illumination color, a change in irradiation shape, a change in irradiation position, a change in irradiation on / off state, or a change in irradiation duration. Identifying the illuminator corneal reflection change may include identifying the illuminator corneal reflection change by at least one of color, shape, position, on / off state, or duration.

  The illuminator may include at least one of one or more physical light sources of each individual light wavelength, or one or more digital illumination sources displayed on the screen to provide individual illumination colors. . In some embodiments, the illuminator includes first and second illumination sources having first and second colors at first and second positions, respectively. In some examples, the illumination change of the illuminator includes a change in temporal illumination pattern of the first and second illumination sources, wherein the first and second illumination sources each receive a burst illumination for an individual duration. Can be generated. At least one of the first illumination source or the second illumination source may change its illumination shape with a different duration. In some examples, the illumination change of the illuminator includes a temporal change in the spatial illumination pattern of the first and second illumination sources, and at least one of the first illumination source or the second illumination source is illuminated on / Off state can change over time.

  The present disclosure further provides one or more non-transitory computer readable storage media coupled to one or more processors, on which instructions are stored, the instructions comprising one or more Execution on a processor causes one or more processors to perform operations according to the method embodiments presented herein.

  The present disclosure further provides a system for performing the methods presented herein. The system comprises one or more processors and a computer readable storage medium coupled to the one or more processors, wherein the instructions are stored in the computer readable storage medium. Are executed by one or more processors, causing one or more processors to perform operations according to the method embodiments presented herein.

  It is understood that the method according to the present disclosure can include any combination of the aspects and features described herein. That is, the methods according to the present disclosure are not limited to the combinations of aspects and features specifically described herein, but also include any combination of the presented aspects and features.

  The details of one or more embodiments of the disclosure are set forth in the accompanying drawings and the description below. Other features and advantages of the disclosure will be apparent from the description and drawings, and from the claims.

FIG. 1A is a diagram illustrating an example of a website that can authenticate a user based on the user's biometric identity, according to some embodiments.

FIG. 1B illustrates an interaction between a financial institution customer, a financial institution, and a third party biometric matching service to authenticate a user based on the user's biometric identity, according to some embodiments. It is a figure which shows an example.

FIG. 2A illustrates an example of an interaction between a consumer, a relying party, and an identity provider when authenticating the consumer when the consumer is registered with the identity provider, according to some embodiments. FIG.

FIG. 2B illustrates an example of an interaction between a consumer, a relying party, and an identity provider when authenticating a consumer when the consumer is unregistered with the identity provider, according to some embodiments. FIG.

FIG. 3A shows a change in the position of the corneal reflection of the object. FIG. 3B shows a change in the position of the corneal reflection of the object.

FIG. 4 shows an object whose position has been changed by adjusting the arm.

FIG. 5 is a diagram illustrating a verification example based on corneal reflection from an illumination source.

  In the various drawings, similar elements are denoted by the same reference numerals.

  Identity verification can always present challenges in our daily transactions. With the advent of the Internet, an e-commerce era has come where online trading can replace face-to-face trading. However, these online transactions can be enormous in volume and complexity, creating a digital world with risks such as theft of personal information, unauthorized use of personal information, impersonation, and phishing. In particular, such risks may not have begun in the Internet era, but the Internet may have amplified such risks. As society moves to cloud computing, more and more databases can become accessible. The identity data of some databases may be more reliable and robust than others, historically or traditionally. With ubiquitous connectivity and the availability of more identity databases on accessible platforms, the identity associations stored there will increase the reliability of the quality of transactions done either online or face-to-face You can access the data. Furthermore, biometric data presented online can be verified for biological properties to prevent spoofing attacks. In some embodiments, biometric verification can utilize real-time corneal reflex and / or real-time facial pose analysis to increase the reliability of biometric data presented online for authentication. The embodiments disclosed herein may be extended to business entities other than financial institutions. The present application relates to a system and method for detecting the vitality of facial expressions, for example, during an online session between two parties over a network. It should be noted that the terms “liveliness” and “liveness” can be used interchangeably herein.

  FIG. 1A is a diagram illustrating an example of a website that can authenticate a user based on the user's biometric identity, according to some embodiments. As shown, a username and password may be required to log in to an account managed by a server hosting the website. For example, the server may run a hypertext transfer protocol secure (https) implementation. In the Internet era, consumer users may have accounts on many websites, each requiring a different username and password. Consumer users may have a hard time keeping track of usernames and passwords at each website. If the registered user name or password is lost, the convenience of online access may be hindered. A consumer user may store the username and password for each account in a centralized file. However, if access to the centralized file can be compromised, the security of the user name and password stored therein is compromised. In fact, simple online identities with usernames and passwords can result in theft of personal information and unauthorized use of personal information. Recent research reveals that identity theft in the United States has continued to increase for three years in 2012, with more than 5% of the adult population, or 12.6 million, suffering from such crimes It became. This figure is an increase from 4.9% in 2011 and 4.35% in 2010. The incidence of identity theft can only be expected to rise. In order to mitigate the risk of identity theft in an e-commerce situation, as disclosed herein, in some embodiments, choose to authenticate user biometric data presented online There is a case. Such biometric data may include, but is not limited to, face patterns, fingerprints, palm prints, retinal scans, iris scans, DNA patterns, voice quality, gait analysis. In general, such biometric data presented online may be in digital form to facilitate electronic verification.

  As shown in FIG. 1A, a biometric login window 102 is displayed, for example, at bigbank. com may be provided by a third party different from the organization that operates the com. When a user attempts to log in based on his / her biometric, the logged-in window 102 may be presented with the captured user's facial biometric. When a user's biometric data is sent for online authentication, the biometric data can be, for example, data encryption standard (DES), triple DES, advanced encryption standard (AES), Rivest-Shamir-Adleman (RSA). ), And may be encrypted according to industry standards such as Open Pretty Good Privacy (OpenPGP). In some embodiments, encryption may be performed on a per session basis, in which case session encryption and decryption keys are always updated or refreshed to prevent attacks.

  At least two problems still remain. The first problem relates to a review process in which a user can register his / her biometric on a trusted server, for example a third party server. The second problem is to reduce the biometric biometrics that are presented online to prevent impersonation or man-in-the-middle attacks (eg, someone impersonates a registered user using a registered user's video or photo). It relates to a verifiable authentication process. To this end, FIG. 1B illustrates, in accordance with some embodiments, of a financial institution customer, a financial institution, and a third party biometric matching service for authenticating a user based on the user's biometric identity. It is a figure which shows the example of interaction between. As disclosed herein, financial institutions that may include banks are sometimes known as relying parties. Third party service providers are sometimes known as identity providers.

  The customer 104 may be greeted with a biometric authentication window 102 when the financial institution customer 104 attempts to access (110A) an account via the financial institution website 106. A financial institution customer 104 may choose to use biometric authentication. The server operating the financial institution website 106 uses the biometric data in the biometric matching service 108 in response to receiving an instruction from the customer 104 that the customer 104 wishes to use the biometric authentication 102. The user's authentication request may be verified (110B). In some embodiments, if customer 104 has not registered biometric data with biometric matching service 108, biometric matching service 108 may cause customer 104 to register (110C). The registration process may generally involve asking the customer 104 to provide biometric data as biometric identity data stored / managed by the biometric matching service 108. The registration process may be part of a review process where the biometric verification service further verifies the identity of the customer 104 at other agencies such as the State Level Vehicle Administration (DMV) and the Federal Level Department of State. These institutions may include, for example, a credential authority such as Equifax, Expertian, LexisNexis. A credential authority can act as a proxy for a government agency. Once the customer 104 has obtained a biometric identity registration with the biometric matching service, the customer 104 may then interact with the biometric matching service 108 for routine management (110C) of the biometric identity. Daily management may include, for example, replacement of a face pattern, cancellation of the current face pattern, and the like. In this way, the first problem of the review process for registering registered biometric data of customer 104 may be addressed.

  Analyzing the real-time corneal reflection of an object (eg, camera device or illumination source) and / or customer 104 in a biometric login window 102 with respect to the second issue of biometric data presented online. The customer 104 may be authenticated by analyzing the real-time face posture from. As described herein, a financial institution is a third party to authenticate that a customer is the customer's alleged identity and that the customer is presenting a biometric facial biometric. May be generalized as a reliable party (RP). A third party known as the biometric matching service 108 of FIG. 1B may be generalized as an identity provider (IdP).

  Due to the above generalization, FIG. 2A illustrates that according to some embodiments, the consumer 202 and the relying party (RP) 204 when authenticating a consumer when the consumer is registered with the identity provider 206. FIG. 6 is a timing diagram illustrating an example of an interaction with an identity provider (IdP) 206. This process may begin by the consumer 202 sending 208 an authentication request to access an account managed by the relying party 204. In some embodiments, presenting the authentication request may correspond to the consumer 202 selecting the biometric authentication 102, for example, to access an account managed at a financial institution.

  When the consumer submits an authentication request, the consumer may select (210) a biometric verification login for biometric authentication. Biometric verification login, as disclosed herein, for example, the biometric data biometric data presented online by verifying the biometrics of the consumer's face when the consumer presents the biometric data. Can deal with.

  In some cases, utilizing third party mediation to provide an authentication bridge scheme may be implemented in accordance with industry standards such as, for example, Security Assertion Markup Language (SAML) and Authentication Open Standard (OAuth).

  SAML addresses web browser single sign-on (SSO). Single sign-on solutions may be implemented at the intranet level, for example using cookies. Extending such a single sign-on solution beyond the intranet has been problematic and has led to the proliferation of proprietary technologies that are not interoperable. In a use case addressed by SAML, a user (also known as a principal) may request a service from a relying party (also known as a service provider). At this time, the service provider requests and obtains an identity assertion from the identity provider. Based on this identity assertion, the service provider can make an access control decision that determines whether to perform some service on the connected principal.

  In the case of OAuth (including the more recent OAuth 2.0), web applications have access restrictions (also known as bullet keys) to access the application program interface (API) on behalf of the user. OAuth tokens may be specifically requested. The bullet token may explicitly specify the specific rights requested, and the user may not need to enter credentials. If the user can grant the access right, the web application can use the API to obtain a unique identifier for establishing a profile (identity).

  As such, authentication standards may generally provide single sign-on, which allows a consumer, for example, the consumer's Facebook or Google login credentials, typically other accounts of the same consumer (eg, Amazon). Account, LinkedIn account, etc.). Some authentication methods disclosed herein may provide identity verification through single authentication, for example by using biometric data, which is facial biometric.

  Referring to FIG. 2A, the relying party server may redirect (212) the consumer to proceed to biometric verification upon selection of the biometric verification login by the consumer. The consumer 202 may then be redirected to the identity provider 206 server. For example, the consumer 202 may be consumer @ relying_party. By using a credential token in the form of com, a request to utilize biometric verification may be presented (214). As shown in FIG. 2A, the request may be presented to the identity provider 206 server.

  When the identity provider 206 server receives a request to utilize biometric verification, it may perform authentication 216 with biometric verification to verify the biometric presented by the consumer. This verification is based on the fact that (i) the biometric presented by the consumer provides positive consumer identity verification, and (ii) the biometric presented by the consumer online is forged in a spoofing attack, for example. And a novel living thing.

  The identity provider 206 server may first retrieve the facial biometric from, for example, data presented by the consumer 202. In some embodiments, the retrieved face biometric from the computing device of consumer 202 may be sent to the identity provider 206 server in encrypted form with an encryption algorithm. The computing device may have a video input component for providing a video stream feed. In some cases, the video input component includes a webcam. Images in the video feed may be captured, for example, at a frame rate of 24 frames per second. Those frames are typically digitized for digital processing. In some cases, the images can be, for example, a spatial resolution of 800 × 600 pixels, 1024 × 768 pixels, 1152 × 864 pixels, or 1280 × 1024 pixels. The computing device may have an imaging device (e.g., a camera device) that acquires the consumer 202 image. The acquired image includes the face biometric of consumer 202 and can be sent by the computing device to the server of identity provider 206.

  In some embodiments, the retrieved facial biometric is transmitted from a computing device associated with the relying party 204 or the identity provider 206. The computing device may include or be externally connected to a camera device that is close to the consumer 202 when the consumer 202 is seeking authentication. For example, the camera device can be adjacent to an automated teller machine (ATM) facing the consumer 202 or in a bank's registered office. The ATM or office may be the property of the relying party 204 that the consumer 202 seeks to trade. The camera device may obtain an image or video feed that includes the consumer 202 face biometric and send it to the computing device. The computing device can process the acquired image or video feed and send the acquired image or video feed and / or processed data to the server of the identity provider 206.

  The identity provider 206 server may compare the retrieved facial biometric with the biometric identity data of the consumer 202. The consumer 202 biometric identity data may be pre-stored on the identity provider 206 server. This comparison may be done in a manner consistent with the context-dependent stringency requirements of authentication. For example, if the transaction amount is $ 50, which is smaller than a specific threshold, the face biometric presented online by the consumer 202 is matched with the face biometric stored in advance on the identity provider 206 server. The degree may be lowered. However, on the other hand, when the transaction amount is larger than a specific threshold, such as $ 1,000, the face biometric presented online by the consumer 202 and the face stored in the identity provider 205 server in advance. The degree of matching with the biometric may be increased. In a related example, if the transaction is of a nature such as a mortgage application or a credit card application, the degree of matching may still be increased. A scoring mechanism may be implemented to generate a score that quantifies the similarity between the facial biometric presented online by the consumer 202 and the facial biometric stored previously at the identity provider 206 server. . The facial biometric retrieved as presented by the consumer 202 online is sufficient to prove that the presenting consumer 202 is the identity of the biometric data stored on the identity provider 206 server. Similarity scores may be used at the identity provider 206 server to determine whether or not

  Further, the identity provider 206 server may determine whether the facial biometric retrieved as presented online by the consumer 202 is a biological facial biometric. One risk associated with online authentication was the potential for man-in-the-middle attacks. For example, in impersonation, a third party may pretend to be the consumer 202 by reproducing what the third party has obtained authentication credentials previously presented by the consumer 202. Some encryption mechanisms may counter man-in-the-middle attacks by refreshing or updating the encryption key used to encrypt the communication session stream between consumer 202 and identity provider 206. However, in general, such encryption mechanisms may not address the age of the biometric data itself. That is, if a third party obtains an instance of biometric data and attempts to gain access to the consumer 202 account by reproducing that instance of biometric data, some cryptographic mechanisms are: It may be insufficient. Such a risk may be amplified by login with a username and password combination because the username and password text strings may not be refreshed with granularity for each login session. In particular, refreshing the username and password for each login session (or at the sub-session level, eg, every few seconds) may not be practical.

  In some embodiments disclosed herein, the biometrics of biometric data presented by the consumer 202 may be verified, for example, by performing verification of the biometrics of the face of the consumer 202. In some embodiments, biometric verification is performed at the identity provider 206 server based on the presented image or video feed. In some embodiments, the computing device associated with the consumer 202 performs a biometric verification based on the acquired image or video feed and provides a result of the biometric verification, eg, biometric data for the consumer 202. Present to the server of the identity provider 206 in an included authentication request. The server of the identity provider 206 can then seamlessly confirm that the biometric data presented by the consumer 202 is biological. In some embodiments, a computing device associated with a relying party 204 or identity provider 206 that obtains an image or video feed from a camera device near the consumer 202 based on the acquired image or video feed. Biometric verification is performed and the results of the biological verification are presented to the identity provider 206 server.

  In some embodiments, biometric verification may involve analysis of corneal reflections from consumer 202. First, the face of the consumer 202 may be detected. 3A and 3B, the consumer's 202 eye 301 may then be detected in the video feed or image. In general, such detection involves a segmentation method that utilizes facial or eye template data. Such template data may be morphed by various shape transformations to identify facial or eye areas within a video feed or image. Once the eye 301 is detected, the corneal region 302 may then be identified in the video feed or image. The reflection of the corneal region may then be analyzed within the video frame or image.

  Initially, a corneal reflection from the consumer 202 may be generated at an object at the consumer 202 location. In this case, the object may include an illumination source such as a light source, a camera device such as a webcam, or a device or object that is brighter than the surrounding environment (eg, a window or table). In some examples, the object is a built-in camera of consumer 202's mobile device. The consumer 202 uses the camera to obtain a consumer 202 face image or biometric. In some examples, the object may be near the consumer 202. That location may be associated with a relying party 204 where the consumer 202 seeks a transaction. For example, the location comprises an automated teller machine (ATM) that faces the consumer 202. The object can be placed adjacent to the ATM. In some examples, the object may be fixed or placed at the site where the consumer 202 is seeking authentication. In general, the object can be easily seen under normal lighting conditions and can cause specular reflection from the consumer 202 in the field. The regular reflection from the cornea of the consumer 202 may be used to determine the biometricity of authentication.

  In some embodiments, as the object moves, the specular reflection of such object at the cornea of the consumer 202 is expected to move accordingly. If the regular reflection of such an object moves with the movement of the object at the site, the consumer 202 can be authenticated as a living body. In some cases, the object is moved by the consumer 202. For example, the consumer 202 is instructed to move a mobile phone incorporating the camera device, and the corneal reflection of the camera device moves accordingly. The movement of the camera device in the field can be measured with the built-in accelerometer or gyroscope of the mobile device. In some cases, the object is moved unpredictably by the consumer 202 (or an intermediary hacker reserve).

  For example, the object can be moved from position 1 to position 2. When the object is at position 1, a first image is acquired. By analyzing the corneal reflection in the acquired first image, the position, shape, and color / wavelength of the reflective object may be detected. In this detection, a segmentation method can be used to automatically focus on the corneal reflection 302A of the object. Thereafter, when the object is moved to position 2, a second image is acquired. By analyzing the acquired second image, the position, shape, and color / wavelength of the reflection object may be newly detected as the corneal reflection 302B. In some cases, the motion trajectory of the object may be tracked by monitoring the reflective object. As shown, changes in the position of the object detected by the corneal reflections 302A and 302B may be compared to changes in the position of the object, for example, compared to changes in the position of the object that is programmed or measured. Illustratively, in some embodiments, the location of the reflective object is recorded relative to the reflection of other structures adjacent to the consumer 202 in the interior or front of the ATM where the consumer 202 is seeking authentication. It's okay. In some embodiments, the location of the reflective object may be recorded relative to other body structures in or around the consumer 202 eye.

  FIG. 4 shows an example of the target camera 403 whose position has been changed by adjusting the arm of the consumer 202. The camera 403 is held by the arm 402 of the consumer 202 and faces the head 401 of the consumer 202. At position 1, the arm 402 is further extended so as to be closer to the face of the consumer 202, for example. At position 2, the arm 402 is more contracted, for example, away from the consumer 202 face. Such a change in the position of the camera 403 is expected to cause a change in the camera reflected from the cornea of the consumer 202. In some examples, the object may rely on a mechanism that induces a change in the position of the object. The mechanism can be pan, zoom, tilt (PZT), or any other suitable mechanism.

  The motion of the object can cause more interesting changes in the position and shape of the reflective object in the corneal reflection. The object may be programmed to move with a controller such as a built-in accelerometer or gyro motor. In some cases, the object is moved with a predetermined (or pre-programmed) motion. The predetermined motion can be incorporated in advance in the object. The predetermined motion can also be transmitted to the controller from, for example, a server of the identity provider 206 or from a computing device coupled to the controller. The predetermined motion can be different from the previous predetermined motion each time. In some cases, the object is moved randomly. The actual movement of the object can be measured or detected with a sensor such as a built-in accelerometer or a gyro motor.

  The change in the object may not be limited to a simple positional change expressed as translational or rotational adjustment. Such positional changes and various changes can be used to obtain a rich analysis of corneal reflexes. In one example, the position of the object can be changed to change the wavelength of corneal reflection. Illustratively, the object can be translated to refract the illumination from another illumination source facing the consumer 202, for example, the flash light of the mobile device of the consumer 202.

  It should be noted that whether the consumer 202's head or face moves or does not move, the identity provider knows in advance but the consumer 202 (or intermediate) so that the corneal reflection of the object changes. The target moves in a pattern that is unknown to the hacker reserve army. In some cases, the first or second object may be moved at a relatively high speed compared to the consumer 202 head or face movement so that the consumer 202 head or face movement may be considered relatively static. The position can be moved to the second position. The camera device can obtain the first face image of the consumer 202 when the object is at the first position at the first time point, and the object is at the second position at the second time point. Sometimes a second face image of consumer 202 can be obtained. The interval between the first time point and the second time point can be a short time of, for example, less than 1 second. In some cases, the movement of the head or face of the consumer 202 can be exploited by analyzing the movement of a static or stationary object (eg, a window or table adjacent to the consumer 202) in the acquired image. it can. If the consumer 202 is instructed to move the object, the consumer 202 may be notified not to move the consumer 202 head or face.

  The camera device is configured to obtain consumer 202 image and / or video feed. The camera device can be positioned facing the consumer 202 face. In some examples, the camera device can be embedded in the mobile device of consumer 202. The consumer 202 can hold the mobile device so that the camera device faces the consumer 202 face to obtain a facial image. The camera device can be positioned such that the camera device is at an oblique angle to the consumer 202 eye or directly opposite the consumer 202 eye. In some examples, consumer 202 is seeking authentication before ATM. The camera device can be fixed to the ATM or installed adjacent to the ATM.

  In order to verify the biological nature of the face of the consumer 202, for example, an image and / or video feed can be obtained at the camera device without interacting with or notifying the consumer 202. In some cases, the movement of the camera device can be related to the natural behavior of the consumer 202. The movement of the camera device can be measured by a sensor such as an accelerometer, a gyroscope, or a global positioning system (GPS) mounted on a mobile device incorporating the camera device. The mobile device can confirm that the camera device is moving by using a sensor, and then can transmit a request for acquiring a face image of the consumer 202 to the camera device.

  In some embodiments, upon receiving a request to utilize biometric verification, the identity provider 206 server, for example, directly or via a computing device coupled to the camera device and communicating with the server, A request may be sent to the camera device. In response to the request, the camera device can automatically acquire the face image of the consumer 202 when the object is moved between positions. Based on the request, the object can be moved. For example, a computing device in communication with the server receives the request and transmits a command to move the object to the object controller. The object can be moved between positions in synchronization with the camera device that acquires the face image of the consumer 202.

  Object movement can be associated with individual points in time. For example, at a first time, the object is in a first position, and at a second time, the object is moved to a second position. The camera device can obtain a facial image or video feed of the consumer 202 during and / or before the movement of the object. The acquired face images are also associated with individual time points. These time points may have a high accuracy, for example less than 1 millisecond. For example, the camera device acquires the first face image when the object is at the first position at the first time point, and the second time when the object is at the second position at the second time point. Get a face image. Based on these points in time, the acquired face image of consumer 202 can be associated with the position of the object. In this way, the corneal reflection of the object in the acquired image or video feed can be correlated with the movement of the object, which can be used to verify the biological nature of the consumer 202 face.

  The camera device may also interact with the consumer 202 to obtain biometric data, for example, by authenticating the consumer 202 image and / or the biometric data that the consumer 202 presented to the identity provider 206 server for authentication. Or you can get a video feed. In some cases, an additional imaging device or video input component is used to obtain an image and / or video feed containing biometric data of consumer 202 for authentication.

  In some embodiments, the object is a camera device. As described above, the camera device can be moved by the consumer 202 or by a mechanism in a controlled or random manner. The motion (and / or orientation and / or relative position) of the camera device can be measured, for example, by a built-in accelerometer or gyroscope. In order to verify the biological nature of the face of the consumer 202, the change in position detected by the corneal reflection of the camera device may be correlated with a predetermined or measured motion of the camera device.

  In some embodiments, the object is a static object adjacent to the consumer 202, such as a door behind the consumer 202 or a side window of the consumer 202. The camera device is moved between positions to capture the consumer 202 face image at those positions. Those face images include the corneal reflection of the object. In order to verify the biological nature of the face of the consumer 202, the change in position detected by the corneal reflection of the object may be correlated with a predetermined or measured motion of the camera device.

  In some embodiments, the object is a subject configured to be moved between positions in motion for biometric verification, while the camera device is static and the object is at a different position. The face image of the consumer 202 is acquired. Those face images include the corneal reflection of the object. In order to verify the biological nature of the face of the consumer 202, the change in position detected by the corneal reflection of the object may be correlated with a predetermined or measured motion of the object.

  In some embodiments, the object is a subject configured to be moved between positions in a first motion pattern, while the camera device is also moved between positions in a second motion pattern. By moving both the object and the camera device for biometric verification, security against hackers can be enhanced. When the object is at a different position and the camera device is also at a different position, the face image of the consumer 202 is acquired by the camera device. Those face images include the corneal reflection of the object. In order to verify the biological nature of the face of the consumer 202, the position change detected by the corneal reflection of the object is determined by the (predetermined or measured) first motion pattern of the object and the (predetermined or measured) of the camera device. It may be correlated with motion based on the second motion pattern. The motion pattern may be a relative motion pattern of the object and the camera device.

  In some embodiments, the object is static and the camera device is static. Illumination of the object from the illuminator can be changed at different times, for example by changing the color or pattern of illumination, and the corneal reflection of the object can change accordingly. In order to verify the biological nature of the face of the consumer 202, the illumination change on the object detected by corneal reflection of the object may be correlated with a known illumination change of the illuminator.

  In some embodiments, the object is an illuminator, such as a light source and / or a digital illumination source that is displayed on a screen, such as a liquid crystal display (LCD) of a mobile device, for example. The camera device can acquire a face image of the consumer 202, and the face image includes a corneal reflection of the object. In order to verify the biological nature of the consumer 202 face, the illuminator detected by the corneal reflection of the object may be correlated with a predetermined or measured illumination change of the illuminator. The use of illumination for biometric verification will be described later in connection with FIG.

  In some embodiments, the camera device is static and / or the object is static. A computing device coupled to the camera device can instruct the consumer 202 to move the head or face, for example, in a motion pattern that turns from left to right. With the camera device, it is possible to acquire a face image of the consumer 202 when the consumer 202 moves. In order to verify the biological nature of the consumer's 202 face, the position change detected by the corneal reflection of the object may be correlated with the motion of the consumer 202.

  In some embodiments, the object and / or camera device can be moved in a motion pattern, and the illumination on the object can also be changed at different times, eg, changing the color or pattern of the illumination. The biometric verification of the face of the consumer 202 is performed by 1) correlation between the position change detected by the corneal reflection of the object and the motion pattern of the object and / or the camera device, and 2) detection by the corneal reflection of the object. Based on a correlation between an irradiation change on an object to be measured and a predetermined irradiation change or a measured irradiation change.

  First, when an object and / or camera device moves, images are acquired with a full frame rate video stream (eg, as defined by the National Television System Committee (NTSC) or the video communication standard H.261). Good. In some embodiments, for communication efficiency, e.g. According to the H.261 adaptive video codec specification, only a portion of the acquired video stream may be transmitted. When the change in corneal reflection is about to begin, the video feed may be digitized and sent to the identity provider 206 server at a faster rate than the floor level rate (when consumer 202 remains stationary). In some examples, the camera device sends a video feed or image to the identity provider 206 server. In some examples, a computing device coupled to a camera device receives an image or video feed from the camera device and transmits the image or video feed to the server of identity provider 206.

  As described above, the identity provider 206 server may perform biometric verification based on the transmitted image or video feed. The server can analyze the image or video feed to identify the corneal reflection of the object. Based on the identified corneal reflection, the server can identify a change in position of the corneal reflection of the object. The server can compare the change in the position of the corneal reflection of the target object with the motion pattern, and determine the biological property of the face of the consumer 202 based on the comparison result. In some examples, the motion pattern is a predetermined motion pattern of the object and / or camera device as it is moved between positions. The server can store the predetermined motion pattern in advance. In some examples, the motion pattern is a measured motion pattern of an object and / or camera device as it is moved between positions. The motion pattern can be sent to the server along with the acquired image or video feed. In some examples, the identity provider 206 server can analyze the received image and / or video feed, eg, analyze a change in position of a static subject in the acquired image and / or video feed. To specify the motion pattern.

  In some embodiments, a computing device coupled to the camera device performs biometric verification based on the acquired image or video feed, and the biometric verification results are obtained, for example, the acquired image or video feed. To the server of the identity provider 206 with or without transmission. In some cases, the computing device receives the biometric data of the consumer 202 for authentication and sends the biometric verification result along with the biometric data of the consumer 202 to the server of the identity provider 206.

  In some examples, the computing device is associated with a relying party 204 or identity provider 206. For example, the consumer 202 requests authentication using an ATM associated with the relying party 204. The computing device may be near the ATM and coupled to a camera device that faces the consumer 202. The computing device may receive a request from the identity provider 206 server to verify the biometrics of the consumer 202. In response to the request, the computing device may receive a camera when the camera device and / or object is moved between positions without input from the consumer 202, eg, with a motion pattern that is unknown to the consumer 202. Commands that require the device to obtain an image and / or video feed can be transmitted to the camera device and / or the object. In some cases, the computing device predetermines a motion pattern and transmits the motion pattern to the camera device and / or object. The computing device can change the motion pattern each time biometric verification is performed. In some cases, the motion pattern is a pre-programmed motion pattern or a predetermined motion pattern. The computing device can pre-store the motion pattern. In some cases, the motion pattern is measured with a sensor when the camera device and / or the object is moved in position. The computing device can receive the measured motion pattern from the sensor.

  In some examples, the computing device is associated with the consumer 202, such as a smartphone or a computer. For example, the consumer 202 is seeking authentication at home. The computing device can incorporate the camera device or be externally connected to the camera device. In some cases, an application provided by identity provider 204 (or an app if the computing device is a smartphone) is installed on the computing device. If the application receives a request from the identity provider 204 server or determines that the consumer 202 has chosen to use biometric verification for biometric authentication, the application may The consumer 202 can be requested to move the device. The computing device can confirm the movement of the camera device by using a sensor (eg, accelerometer or gyroscope). In some examples, the computing device can analyze the acquired image and / or video feed, for example, by analyzing a change in position of a static subject in the acquired image and / or video feed. Check the motion. The image of the static subject can be a corneal reflection or outside the corneal region. The computing device can perform biometric verification based on the motion pattern and the corneal reflection of the camera device in the acquired image and / or video feed. In some cases, the computing device application controls an illumination source, such as a flashlight on the camera device, to change the illumination in a color or pattern unknown to the consumer 202. The application can perform biometric verification based on the changed color or pattern of the illumination source and the corneal reflection of the camera device in the acquired image and / or video feed.

  Similar to face authentication, a scoring mechanism may be implemented to quantify the degree of matching between the corneal reflection response of an object and an expected change (eg, motion pattern or illumination change). The scoring mechanism may generate a numerical value as a measure for determining the biological nature of the consumer 202 face. The degree of matching can depend on the situation and can therefore vary from application to application. For example, the degree of matching may depend on the nature of the basic transaction or the amount of money associated with the basic transaction.

  In some embodiments, a corneal reflection of an object is detected in a series of facial images of consumer 202. Continuous face images are acquired at successive time points by the camera device. The expected corneal reflection of an object at a particular time can be determined based on the corneal reflection identified at the previous time and the motion between the previous time and the particular time. By specifying the degree of coincidence between the predicted corneal reflection at a specific time point and the corneal reflection specified from the acquired face image, the biological property of the face of the consumer 202 can be evaluated.

  The corneal reflection provides the advantage of being non-intrusive and capable of handling a wide band of operations (eg, from infrared to visible light). In particular, corneal reflection tends to be more specular than skin reflection, which tends to be more scattering. The embodiments disclosed herein may not be accompanied by verbal instructions to instruct the consumer 202 to change the face posture or other body posture.

  Furthermore, the posture of the face of the consumer 202 may be estimated using, for example, an automatic algorithm. For example, every time an image is acquired from a video feed, the posture of the face relative to the camera device can be detected by an automatic algorithm. In addition, calculate the expected face posture or change in posture based on the measured or known position of the camera device, for example, by a built-in accelerometer or gyro motor, or by analyzing the corneal reflection of the camera device. It's okay. In some embodiments, the consumer 202 is instructed to move the camera device relative to the consumer 202 face. Such a calculation can be performed each time an additional image is acquired from the video feed. More interestingly, the scoring mechanism is used to quantitatively correlate the expected posture or change in posture calculated from the measured position of the camera device with the facial posture detected in the acquired image. That's good. The numerical value specified by the correlation can be used for the evaluation of the vitality of the face.

  In some embodiments, one or more facial landmarks of the consumer 202 are analyzed to detect or estimate the posture of the consumer 202 face. Facial landmark features can include the nose, forehead, eyebrows, eyes, eye edges, lips, and / or mouth. Depending on the posture of the face or face photo from the live session, the subject's face is projected at various angles. A slight change in the posture or the angle of view of the face photo changes the orientation and size of each face landmark. One or more orientations and magnitudes of facial landmark features can be expected to change. Each landmark feature may be accompanied by an equivalent change in orientation and size. The expected change threshold may be a combination of all expected changes in landmark features. As described above, the threshold may be application specific. For example, in the case of a transaction involving an amount less than a certain level, the comparison to determine that the face biometric that is a live session and the face biometric is authentic may not be very precise. In addition, in the case of transactions involving the most important identification documents, such as passport renewals, the comparison may require a more comprehensively determined threshold.

  In some embodiments, verification of the vitality of the face of the consumer 202 is based on both the corneal reflection of the object and the change in facial pose. A scoring mechanism may be implemented to identify the first numerical value by quantifying the degree of matching between the corneal reflection response of the object and the known motion pattern. The scoring mechanism further quantifies the degree of matching between the expected posture or posture change (e.g., calculated from the measured position of the camera device) and the posture detected in the acquired image, It can also be implemented to identify the second numerical value. Next, an overall score can be determined based on the first and second matching values using, for example, a weighting factor. The weighting factors of the first and second matching values can be, for example, 50% and 50%, or 60% and 40%. Additional verification may increase the confidence that the consumer 202 is indeed a biometric and is a biometric identity stored on the identity provider 206 server.

  In some embodiments, biometric verification involves analysis of illuminator corneal reflections from consumer 202. First, the face of the consumer 202 may be detected. Referring to FIG. 5, the eye 501 of consumer 202 may then be detected in the video feed (or image). In general, such detection involves a segmentation method that utilizes facial or eye template data. Such template data may be morphed by various shape transformations to identify facial or eye areas within the video feed. Once the eye 501 is detected, the corneal region 502 may then be identified in the video feed. The illumination reflection at the corneal region may then be analyzed within the video frame.

  Initially, the illuminator 506 adjacent to the consumer 202 may be activated. For example, the illuminator 506 can be activated in response to determining that the consumer 202 has selected a biometric verification login for biometric authentication (eg, 210 in FIG. 2A). As an example, the illuminator 506 of FIG. 5 includes an illumination source 506A and an illumination source 506B of two different colors (eg, blue or red). The illumination source can be a physical light source or a digital illumination source. In some embodiments, the illuminator 506 includes a physical light source that is, for example, a light emitting diode (LED) or a light lamp. The illuminator 506 may have one or more light sources with different light wavelengths and thus one or more different colors. In some embodiments, the illuminator 306 may be a light emitting diode (LED) screen, such as a laser fluorescent display (LPD), a liquid crystal display (LCD) screen, an active matrix organic LED screen, or any suitable display screen, for example. , Etc., having one or more digital illumination sources displayed on the screen. The digital illumination source may be a digital color pattern displayed on a screen, for example an LCD screen of a mobile device. The digital lighting source can be provided by an application (or app) installed on the consumer 202 computing device or provided by a server of the identity provider 206, for example, displayed on the consumer 202 computing device. Can be provided in the user interface. In some embodiments, the illuminator 306 has one or more physical light sources and one or more digital illumination sources.

  The illuminator 506 may be embedded or displayed on a consumer electronic device from which the consumer 202 attempts to authenticate its identity and biometric, such as a smartphone, mobile phone, mobile computing device, or desktop computer. The illuminator 506 may be integrated on the console of the Reliing Party Automatic Teller Machine (ATM) or on the console adjacent to the ATM. A computing device associated with the relying party or identity provider 206 may be configured to control the illuminator 506. The consumer 202 may attempt to authenticate its identity and biometric via its computing device.

  The illuminator 506 may illuminate the consumer 202 when activated. The illumination from the illuminator 506 may go straight to the consumer 202 eye or have an angle of incidence with respect to the consumer 202 eye. In some examples, the illuminator 506 is positioned such that illumination from the illuminator 506 is incident on the consumer 202 eye at an angle. In some examples, the consumer 202 places the illuminator 506 (eg, a flashlight mounted on its smartphone) on the face (or eyes) so that the illumination from the illuminator 506 is incident on the consumer 202's eyes at an angle. ) Or move your face (or eyes).

  Irradiation information (eg, position, shape, duration, color or wavelength, or illumination pattern) can be known or can be predetermined. In some examples, biometric verification is performed on the computing device of consumer 202. The irradiation information is known to the computing device, but may be unknown to the consumer 202 (or a hacker reserve as an intermediary) in advance. The illumination information can be generated at the computing device or provided by the identity provider 206 server.

  A corneal reflection may be acquired immediately after activation of the illuminator 506, for example, by a camera device adjacent to the consumer 202. The camera device can continue to acquire the face image of the consumer 202 before, during, and after the illuminator 506 is activated. In some examples, the acquired image frames may be analyzed to ascertain whether the expected (known or predetermined) illumination and corneal reflection are consistent. In analyzing corneal reflection, the position, shape, and color / wavelength of the illumination reflected at the cornea of consumer 202 may be detected and compared to the expected illumination. In one example, a reflective spot 504A or 504B, such as a corneal reflection position, may be correlated with the position of illumination source 506A or 506B. In other examples, the shape of the reflected spot 504A or 504B may be compared to the shape of the illumination source 506A or 506B. In yet another example, the wavelength (or color) of reflected light from the reflective spot 504A or 504B may be compared to the wavelength (or color) of the illumination source 506A or 506B.

  In some examples, the illumination pattern by illuminator 506 (eg, illumination source 506A or 506B) may be modulated over time to form a temporal illumination pattern. For example, illumination source 506A may generate burst illumination with each burst having the same or different duration. For example, the first duration can be 1 second and the second duration can be 2 seconds. Temporal illumination patterns can also involve illumination shape changes and / or illumination color changes that vary at different durations or at different times, eg, between squares, triangles, and / or circles. . In one example, the illuminator 506 has a red square for a first duration, a red circle for a second duration, no illumination for a third duration, and a blue triangle for a fourth duration. ,provide. To confirm whether the corneal reflection includes the same temporal pattern, the corneal reflection in the acquired sequential images may be analyzed. It is also possible to individually analyze the corneal reflections in the acquired continuous images to see if the corneal reflections in the acquired continuous images match the individual expected corneal reflections of the illuminator 506. The determination of the biological nature of the face of the consumer 202 can be based on the acquired continuous image match result.

  In some examples, the illumination patterns from two or more illumination sources (eg, illumination sources 506A and 506B) may be modulated over time to form a temporal illumination pattern. The illumination source may illuminate the same or different colors. For example, illumination sources 506A and 506B may each generate burst illumination with the same or different duration and / or with the same or different illumination shape during each duration. In one example, at a first time, illumination source 506A illuminates a red square and illumination source 506B illuminates a blue square. At a second time, illumination source 506A illuminates a red circle and illumination source 506B illuminates a blue square. At a third time, the illumination source 506 emits a red circle and the illumination source 506 emits a blue circle. At the fourth time point, the illumination source 506 emits a red rectangle and the illumination source 506 emits a red circle. To confirm whether the corneal reflections contain the same temporal pattern, the corneal reflections in successive images may be analyzed.

  In some examples, the illumination pattern from two or more illumination sources (eg, illumination sources 506A and 506B) may be spatially modulated to form a spatial illumination pattern. For example, illumination sources 506A and 506B may be activated to illuminate cornea 502 in an interleaved manner. In general, at different times, the illumination pattern from illumination sources 506A and 506B may be changed by turning on or off illumination source 506A, illumination source 506A, or a combination of illumination sources 506A and 506B. In response, the corneal reflection may be analyzed to see if the reflection includes illumination of the same spatial illumination pattern. As described herein, the temporal and spatial aspects of irradiation may be combined to further support a variety of matches that improve the reliability of biometric authentication sessions.

  Images corresponding to the activated lighting may be acquired in a full frame rate video stream. In some embodiments, biometric verification is performed at the identity provider 206 server based on the acquired video stream, as described above. For communication efficiency, only a portion of the acquired video stream may be transmitted. When the corneal reflection is expected to change, the video stream may be digitized and sent to the identity provider 206 server faster than the floor level rate (when the consumer 202 remains stationary). In fact, whether the change in corneal reflection of the video stream from consumer 202 matches a known change in illumination of illuminator 506, or the corneal reflection of the video frame at a particular point in time is the illumination at those particular point in time. The transmitted video stream may be analyzed at the identity provider 206 server to see if it matches the expected corneal reflection based on the known illumination of the device 506.

  Similar to face recognition, the corneal reflex response received at the identity provider 206 server and the expected illumination (eg, position, shape, and wavelength or color, or temporal and / or in the acquired image) A scoring mechanism may be implemented to quantify the degree of matching with the spatial pattern. The degree of matching can depend on the situation and can therefore vary from application to application. For example, the degree of matching may depend on the nature of the basic transaction or the amount of money associated with the basic transaction.

  In some embodiments, the computing device receives, for example, a video stream acquired with a camera device embedded in or coupled to the computing device and performs biometric verification based on the acquired video stream. . The computing device can be the computing device of consumer 202, from which consumer 202 attempts to authenticate its identity and biometric. For example, the computing device can be a smart phone with a built-in flashlight as the illuminator 506 and a camera as the camera device. In addition, one or more digital illumination sources as the illuminator 506 can be provided by a mobile application installed on the smartphone. A combination of a flashlight and a digital illumination source can be used as the illuminator 506. The computing device can control the illuminator 506 to illuminate based on a predetermined or known illumination pattern. The illumination pattern can be generated at the computing device or transmitted from the identity provider 206 server. The illumination of the illuminator 506 can also be measured with a detector, thereby providing the measured illumination to the computing device. The known illumination of the illuminator 506 can be stored on the computing device. The computing device can also control the camera device to acquire a video stream during operation of the illumination pattern of the illuminator 506. In some other embodiments, the computing device is associated with a relying party or identity provider 206.

  Since the camera device is near the computing device, transmission of the acquired video stream (eg, a portion) can be fast. The computing device was transmitted to confirm that the illumination (or illumination change) in the corneal reflection of the video stream (consecutive video frames) matches the known illumination (or illumination change) of the illuminator 506. The video stream can be analyzed. The computing device can use a scoring mechanism to quantify the degree of matching between the corneal reflection response and the expected illumination in the acquired image. The degree of matching can depend on the situation and can therefore vary from application to application. The computing device can verify the biogenicity of the consumer 202 face based on the scored matches. The computing device can then present the validation results to the identity provider 206 server, eg, along with the consumer 202 biometric data. The identity provider 206 server can then seamlessly verify whether the presented biometric data is the biometric face biometric of the consumer 202 based on the verification results presented from the computing device. .

  Embodiments disclosed herein detect corneal reflections in response to illumination with temporal and / or spatial illumination patterns. The corneal reflection provides the advantage of being non-intrusive and capable of handling a wide band of operations (eg, from infrared to visible light). In particular, corneal reflection tends to be more specular than skin reflection, which tends to be more scattering. The embodiments disclosed herein may not be accompanied by verbal instructions to instruct the consumer 202 to change the face posture or other body posture. In some embodiments disclosed herein, biologicality can be detected seamlessly without the user's knowledge and without user input. For example, activating an illumination pattern and acquiring a continuous image can be performed without prior notice to the user when acquiring a consumer's facial biometric, for example. Also, biometric verification can be completed, for example, on the computing device of consumer 202, while acquiring facial biometrics.

  Some embodiments may additionally involve a biometric recognition function for authenticating the consumer 202. As an example, the identity provider 206 server may perform face recognition to compare the registered consumer's face biometric with the face biometric of the consumer 202 presenting the authentication request. If the comparison yields a matching result, face recognition may prove that consumer 202 is the identity of the face biometric stored on the identity provider 206 server. In other examples, biometric recognition may include speech recognition, speaker recognition, gait analysis, and the like. In some embodiments disclosed herein, biometrics can be detected seamlessly without the user being aware (eg, without instructing the user of any particular action in the image acquisition process). To further separate biometric detection from online identity management sessions, stealth functionality can be utilized.

  Referring to FIG. 2A, after confirming that the consumer 202 is a living organism and is a biometric principal stored at the identity provider 206, the identity provider 206 server signals that the authentication was successful. Can be provided. On the other hand, if the consumer 202 cannot be identified as a living person, or cannot be identified as the identity of the biometric stored in the identity provider 206 associated with the relying party 204 account, The server may provide a signal that authentication has failed. That signal may be embedded in a message to consumer 202 to redirect 218 consumer 202 back to relying party 204.

  The consumer 202 may then return to the relying party 204 (220). If the embedded signal indicates successful verification, the consumer 202 may proceed to access the relying party 204 account. Upon returning to the relying party 204, the consumer 202 may attach a success signal backed by the identity provider 206 credentials. The identity provider 206 credentials may include, for example, the identity provider 206 electronic private key, the identity provider 206 digital watermark. On the other hand, if the embedded signal indicates verification failure, the consumer 202 may not access the relying party 204 account. Further, the consumer 202 may not even be redirected back to the relying party 204.

  FIG. 2B illustrates an example of an interaction between a consumer, a relying party, and an identity provider when authenticating a consumer when the consumer is unregistered with the identity provider, according to some embodiments. FIG. As described above in connection with FIG. 2A, this process may begin by the consumer 202 sending 208 an authentication request to access an account managed by the relying party 204. In some embodiments, presenting the authentication request may correspond to the consumer 202 selecting the biometric authentication 102, for example, to access an account managed at a financial institution. When the consumer submits an authentication request, the consumer may select (210) a biometric verification login for biometric authentication. The relying party server may redirect 212 the consumer to proceed to biometric verification upon selection of the biometric verification login by the consumer. The consumer 202 may then be redirected to the identity provider 206 server. For example, the consumer 202 may be consumer @ relying_party. By using a credential token in the form of com, a request to utilize biometric verification may be presented (214). The request may be presented to the identity provider 206 server, as shown in FIG. 2B.

  The identity provider 206 server may notify that the consumer 202 has not yet registered with the identity provider 206 biometric verification service. In response, the identity provider 206 server may ask the server of the relying party 204 whether the identity provider 206 may register the consumer 202 with the biometric verification service as requested by the consumer 202. . Some relying parties may have financially compensated the identity provider 206 for biometric verification. Instead, those relying parties may classify consumers into different classes according to the corresponding account profit. As an example, a consumer having a holding amount exceeding, for example, a threshold of $ 50k may receive a biometric verification service as a free service. Consumers with lower account amounts or shorter membership histories may need to pay a fee to the relying party 204 to receive the biometric verification service.

  If the server of the relying party 204 determines that the consumer 202 may register with the biometric verification service, it may indicate to the server of the identity provider 206 that registration of the consumer 202 may proceed (224). On the other hand, if the server of the relying party 204 determines that the consumer 202 need not be registered with the biometric verification service, the server of the relying party 204 obtains permission to register with the service requested by the consumer 202. May not notify the identity provider 206 server, and the identity provider 206 server may discard the registration request from the consumer 202. In particular, the identity provider 206 server may direct (224) the consumer 202 back to the relying party 204 using a registration failure flag.

  Once the identity provider 206 server obtains confirmation that the identity provider 206 may proceed with the registration of the consumer 202, the identity provider 206 server may perform a registration procedure for the consumer 202 (226). Specifically, the identity provider 206 may request the consumer 202 to register a biometric. Biometrics may include, for example, facial biometrics, fingerprints, palm prints, iris scans, and retinal scans. In the case of facial biometrics, the identity provider 206 server may request the consumer 202 to pose in front of, for example, a webcam, video camera, or smartphone camera. The camera device may be, for example, on the computing device of the consumer 202, or on an ATM, or in a bank's registered office. The camera device, or a computing device coupled to the camera device, may first send an acquisition frame to the identity provider 206 server. This acquired frame may be stored at the identity provider 206 as biometric information identifying the consumer 202. As an example, the identity provider 206 server, or computing device, may verify the biological nature of the registration session, as described above in connection with FIGS. 2A, 3A, 3B, 4, and 5.

  Also, consistent with the disclosure herein, the identity provider 206 server may initiate an irradiation pattern to be applied to the consumer 202 to increase the confidence that the biometric consumer is about to register for the service. . As described herein, a variety of illumination patterns for different separate spatial and temporal modulations can eliminate ambiguity associated with a single illumination response. For example, if the consumer 202 may not have responded to the maximum expected from a single exposure, or if a frame containing an accurate reflection response may have been lost due to sampling errors during video transmission The single irradiation response may be insufficient for the consumer 202 to determine with confidence that the consumer 202 is the person and the person that is trying to register for the service.

  When the consumer 202 is determined to be a living person and is registered with the biological verification service, the server of the identity provider 206 uses the signal that the authentication is successful to return to the relying party 204 to return to the consumer. 202 may be redirected (228). If the consumer 202 successfully registers with the program, the identity provider 206 server may provide a signal that the authentication was successful. On the other hand, if the consumer 202 cannot confirm that it is a living body or cannot identify itself as a person and cannot register with the verification service program, the server of the identity provider 206 can provide a signal that authentication has failed. . That signal may be embedded in a message to consumer 202 to redirect 218 consumer 202 back to relying party 204.

  The consumer 202 may then return to the relying party 204 (230). If the embedded signal indicates successful authentication, the consumer 202 may proceed to access the relying party 204 account. Upon returning to the relying party 204, the consumer 202 may attach a success signal backed by the identity provider 206 credentials. The identity provider 206 credentials may include, for example, the identity provider 206 electronic private key, the identity provider 206 digital watermark. On the other hand, if the embedded signal indicates an authentication failure, the consumer 202 may not access the relying party 204. Further, the consumer 202 may not even be redirected back to the relying party 204.

  In particular, in some embodiments, an initial registrant may be sent to the identity party 206 server after the initial registrant has successfully logged into the initial registrant's account at the relying party 204. . Registration may provide consumers with additional security features to prevent spoofing attacks. These security features may include biometric recognition, as detailed above. Indeed, in some configurations, biometric recognition may be used as a form of password authentication. That is, instead of password login, biometric recognition may be used.

  On the other hand, in some embodiments, the identity provider 206 may obtain a database for a large number of consumers who are trying to register with a biometric verification program. During the registration process, the identity provider 206 server may collect biometrics from consumers attempting to register. The server of the identity provider 206 may register the consumer after confirming that the consumer is the person who is making a valid registration request and is a living organism. Thus, in some embodiments, the identity provider 206 server may own a digital biometric copy of the consumer 202 when the consumer 202 is redirected from the relying party 204. When a digital biometric copy of the consumer 202 is available, the identity provider 206 server need only verify that the consumer 202 is living and authentic.

  Implementations of the subject matter and functional operations described herein include digital electronic circuitry, tangibly realized computer software or firmware, computer hardware including structures disclosed herein and their structural equivalents, Or it can be realized by a combination of one or more thereof. Implementations of the subject matter described herein can be implemented as one or more computer programs, ie, tangible for execution on a data processing device or for controlling the operation of a data processing device. Can be implemented as one or more modules of computer program instructions encoded on a non-transitory program carrier. The computer storage medium may be a machine readable storage device, a machine readable storage substrate, a random access memory device or a serial access memory device, or a combination of one or more thereof.

  The term “data processing apparatus” refers to data processing hardware and encompasses any type of data processing apparatus, device, and machine, such as a programmable processor, a computer, or multiple processors or Includes multiple computers. The device can also be a dedicated logic circuit such as, for example, a central processing unit (CPU), an FPGA (Field Programmable Gate Array), or an ASIC (Application Specific Integrated Circuit), or such a dedicated logic circuit can be Further may be included. In some embodiments, the data processing device and / or dedicated logic circuitry may be hardware based and / or software based. The apparatus can optionally include code that builds an execution environment for the computer program, eg configuring processor firmware, protocol stack, database management system, operating system, or one or more combinations thereof. Can contain code. The present disclosure relates to a data processing apparatus using a conventional operating system, such as, for example, Linux, UNIX, Windows, Mac OS, Android, iOS, or any other suitable conventional operating system. Or the use of a data processing device that does not use such a conventional operating system.

  A computer program, sometimes referred to as a program, software, software application, module, software module, script, or code, or a computer program that may be described as such, is a compiled or interpreted language, or It can be written in any form of programming language, such as declarative or procedural language, and the computer program is suitable for use as a stand-alone program or in a module, component, subroutine, or computing environment It can be deployed in any format, such as as another unit. A computer program may correspond to a file in a file system, but need not be. The program may be stored in a part of a file holding other programs or data, such as one or more scripts stored in a markup language document, or in a single file dedicated to the program, Alternatively, it can be stored in multiple coordinated files, such as a file that stores one or more modules, subprograms, or code portions. Deploy a computer program to be executed on one computer or on multiple computers located at one site or distributed across multiple sites interconnected by a communication network Can do. The portions of the program illustrated in the various drawings are shown as individual modules that implement various features and functions through various objects, methods, or other processes, but instead, the program may include several Submodules, third party services, components, libraries, etc. may be included. Conversely, the features and functions of various components can be integrated into one component as appropriate.

  The processes and logic flows described herein can be executed on one or more programmable computers, thereby performing one or more functions to perform functions by manipulating input data to produce output. Run a computer program. The process and logic flow can also be performed by dedicated logic circuits such as, for example, a central processing unit (CPU), FPGA (field programmable gate array), or ASIC (application specific integrated circuit), Can also be realized as such a dedicated logic circuit.

  Computers suitable for executing computer programs include, for example, can be based on general purpose or special purpose microprocessors, or both, or any other type of central processing unit. Generally, a central processing unit receives instructions and data from read only memory or random access memory or both. The main elements of a computer are a central processing unit for executing instructions and one or more memory devices for storing instructions and data. In general, a computer further includes one or more mass storage devices for storing data, such as, for example, a magnetic disk, a magneto-optical disk, or an optical disk, or data from such a mass storage device. It is operably connected for receiving and / or transferring data to it. However, it is not essential for a computer to have such a device. The computer may also be a portable storage such as a mobile phone, personal digital assistant (PDA), portable audio player or video player, game console, global positioning system (GPS) receiver, or universal serial bus (USB) flash drive, for example. Can be incorporated into other devices such as devices.

  Computer readable media suitable for storing computer program instructions and data (temporary or non-transitory as appropriate) include any form of non-volatile memory, media, and memory devices, for example, EPROM Semiconductor memory devices such as EEPROM and flash memory devices; magnetic disks such as built-in hard disks or removable disks; magneto-optical disks; CD-ROM and DVD-ROM disks. The memory may store various objects or data, including caches, classes, frameworks, applications, backup data, jobs, web pages, web page templates, database tables, business information and / or dynamic information. The repository to store, as well as any other suitable information, such as any parameters, variables, algorithms, instructions, rules, constraints, or references to them. In addition, the memory may include any other suitable data, such as logs, policies, security data or access data, report files, etc. The processor and the memory can be supplemented by, or incorporated in, dedicated logic circuitry.

  In order to provide user interaction, an implementation of the subject matter described herein includes a display device for displaying information to a user, such as a CRT (cathode ray tube), LCD (liquid crystal display), or plasma monitor, for example. Furthermore, it can be realized on a computer comprising a keyboard by which a user can supply input to the computer, and a pointing device such as a mouse or a trackball. Also, other types of devices can be used to provide interaction with the user, for example, the feedback provided to the user can be in any form, such as visual feedback, audio feedback, or tactile feedback. Sensory feedback and input from the user can be received in any form, such as acoustic input, voice input, or tactile input. In addition, the computer can send and receive documents to and from the device used by the user, such as sending a web page to the web browser on the user's client device in response to a request received from the web browser, for example. Can interact with the user.

  The term “graphical user interface” or GUI may be used singly or in plural to describe each of one or more graphical user interfaces and a particular graphical user interface display. Thus, a GUI may represent any graphical user interface that processes information and efficiently presents information results to the user, such as but not limited to a web browser, touch screen, or command line interface (CLI). . In general, a GUI includes multiple user interface (UI) elements, such as interactive fields, pull-down lists, and buttons that can be manipulated by business suite users, some or all of which are associated with a web browser. Yes. These and other UI elements may relate to or represent web browser functionality.

  Implementations of the subject matter described herein can be implemented in a computing system that includes, for example, a back-end component as a data server, or in a computing system that includes a middleware component that is, for example, an application server. Implementation in a computing system that includes a front-end component, eg, a client computer, having a graphical user interface or web browser with which a user can interact with an implementation of the subject matter described in the document, or one or more such It can be implemented in any combination of back-end components, middleware components, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication such as, for example, a communication network. Examples of communication networks include a local area network (LAN), for example, a wide area network (WAN) that is the Internet, and a wireless local area network (WLAN).

  The computing system can include clients and servers. A client and server are generally remote from each other and typically interact through a communication network. The relationship between the client and the server by the computer program operates on each computer and is in a client-server relationship with each other.

  This specification includes details of many specific embodiments, which should not be construed to limit the scope of the invention or the claims that may be claimed, but rather the description of features It should be construed as specific to a particular embodiment of a particular invention. Certain features that are described in this specification in the context of separate embodiments can also be implemented in combination in one and the same embodiment. Conversely, some features described in the context of one and the same embodiment can also be realized in multiple embodiments separately or in any suitable sub-combination. In addition, features may be described above as functioning in several combinations, and even if originally so claimed, one from a combination according to a claim More than one feature may be deleted from the combination in some cases, and the claimed combination may relate to a sub-combination or a variation of a sub-combination.

  Similarly, the operations are shown in the drawings in a particular order, which may be performed in the particular order shown or sequentially in order to obtain the desired result, or It should not be understood that all operations are performed. In some situations, multitasking and parallel processing may be effective. Furthermore, the separation of several system modules and components in the above embodiments should not be understood as such a requirement in any embodiment, but generally the described program components. It should be understood that and the system can be integrated into one software product or packaged into multiple software products.

  Specific embodiments of the present subject matter are described. As will be apparent to those skilled in the art, other embodiments, variations, and substitutions of the described embodiments are included within the scope of the appended claims. For example, the actions recited in the claims can be performed in a different order and still achieve desirable results.

  Accordingly, the above description of example embodiments does not define or constrain this disclosure. Other changes, substitutions, and modifications are possible without departing from the spirit and scope of the present disclosure.

Claims (63)

A computer-implemented method for detecting the biological nature of a face,
One or more processors process the first and second facial images of the subject acquired at first and second successive time points to identify the first and second corneal reflections of the object To do
Identifying a change in corneal reflection of the object with the one or more processors based on the identified first and second corneal reflections;
Comparing the identified change in corneal reflection of the object with motion associated with the first and second time points with the one or more processors;
Determining the biological nature of the subject's face based on the result of the comparison with the one or more processors. The method of claim 1, wherein comparing the identified change in corneal reflection of the object with motion.
Correlating the identified change in corneal reflection of the object with the motion;
Scoring matching quality based on the correlation results;
Comparing the scored matching quality with a predetermined threshold;
Determining the biological nature of the subject's face is
Determining that the subject's face is a living body in response to determining that the scored matching quality exceeds the predetermined threshold. The method of claim 1, comprising:
Determining an expected corneal reflection of the object at the second time point based on the identified first corneal reflection and the motion;
Evaluating the biometrics of the subject's face by identifying a degree of coincidence between the predicted corneal reflection and the identified second corneal reflection.   The method of claim 1, wherein the corneal reflection change of the object includes a change in the position of the corneal reflection of the object. The method of claim 4, wherein the motion is associated with movement of the object between a first and second position;
The first face image is acquired at the first time point when the object is at the first position, and the second face image is acquired at the second time point when the object is at the second position. To get the way. 6. A method according to claim 5, wherein
Receiving information on the movement of the object measured by a sensor;
Identifying the motion based on the received information of the movement of the object.   The method of claim 6, further comprising instructing the subject to move the object.   The method of claim 6, wherein the movement of the object is associated with a natural movement of the subject. The method of claim 6, wherein the one or more processors are included in a computing device;
The computing device includes the object and the sensor, wherein the object is a camera device, and the sensor includes at least one of an accelerometer, a gyroscope, or a global positioning system (GPS). ,Method. The method of claim 9, comprising:
Confirming that the object is moving by using the sensor;
Requesting the camera device to capture a face image of the subject. 6. The method according to claim 5, wherein the motion is a predetermined motion for the object,
The method wherein the object is moved from the first position to the second position based on the predetermined motion. 6. The method of claim 5, wherein the first and second facial images include a second object that is stationary when the object moves,
The method further includes identifying the motion based on a change in position of the second object in the first and second face images. 6. A method according to claim 5, wherein
The method further comprises transmitting a command to the controller that instructs the controller coupled to the object to move the object.   14. The method of claim 13, wherein the command includes a predetermined motion for the object, and the predetermined motion is different from a previous predetermined motion for the object. The method of claim 4, comprising:
Transmitting a command instructing to acquire the face image of the subject at successive time points including the first and second time points to the camera device;
Receiving the acquired facial image from the camera device.   The method of claim 15, wherein receiving the acquired face image from the camera device comprises receiving a video stream feed including the acquired face image from the camera device. 16. The method according to claim 15, wherein the camera device is moved from a first position to a second position between the first time point and the second time point,
The first face image of the subject is acquired at the first time point when the camera device is at the first position, and the subject at the second time point when the camera device is at the second position. A second face image of the person is acquired,
The method wherein the motion is based on movement of the camera device between the first and second positions. The method of claim 17, comprising:
Further comprising transmitting to the controller a second command that instructs the controller coupled to the object to move the object at the first and second time points;
The method wherein the motion is based on movement of the camera device and movement of the object.   The method of claim 1, wherein the object comprises one of a camera device, a lighting device, or an object that is brighter than the surrounding environment. The method of claim 1, wherein the change in corneal reflection of the object includes a first illumination change on the object in the first and second corneal reflections;
The method
Obtaining a second illumination change on the object for the first and second time points;
Identifying a matching quality between the second illumination change obtained on the object and the first illumination change in the first and second corneal reflections,
Determining the biological nature of the subject's face is
Determining a biological character of the subject's face based on the identified matching quality and the result of the comparison. The method of claim 1, comprising:
The method further comprising determining that the subject has selected to use biometric verification for biometric authentication. The method of claim 21, comprising:
Further comprising sending to the identity provider computing device an authentication request for the subject to access an account managed by a relying party different from the identity provider, the authentication request comprising: A method comprising: biometric data of the subject and the determined vitality of the subject's face. A computer-implemented method for detecting the biological nature of a face,
One or more processors are used to identify the first and second facial images of the subject acquired at first and second consecutive times to identify the first and second postures of the subject's face. Processing with
Identifying the change in facial posture with the one or more processors based on the identified first and second postures;
Comparing the identified change in the facial pose with motion associated with the first and second time points with the one or more processors;
Determining the biological nature of the subject's face based on the result of the comparison with the one or more processors. 24. The method of claim 23, wherein comparing the identified change in the facial pose with motion.
Correlating the identified change in the facial pose with the motion;
Scoring matching quality based on the correlation results;
Comparing the scored matching quality with a predetermined threshold;
Determining the biological nature of the subject's face is
Determining that the subject's face is a living body in response to determining that the scored matching quality exceeds the predetermined threshold. 24. The method of claim 23, comprising:
Calculating the posture of the face at the second time point based on the identified first posture and the motion;
Evaluating the biometricity of the face by specifying a degree of coincidence between the calculated face pose and the second face pose identified from the second face image. .   24. The method of claim 23, wherein the motion is associated with relative movement of the face and a camera device configured to take a face image of the subject. 27. The method of claim 26, comprising:
Instructing the subject to move the camera device relative to the subject's face. 28. The method of claim 27, comprising:
Receiving movement information of the camera device measured by a sensor;
Identifying the motion based on the received information of the movement of the camera device. 27. The method of claim 26, wherein the one or more processors are included in a computing device;
The computing device comprises the camera apparatus and a sensor, wherein the sensor includes at least one of an accelerometer, a gyroscope, or a global positioning system (GPS).   24. The method of claim 23, wherein identifying the first and second poses of the face includes identifying at least one facial landmark of the face. A computer-implemented method for detecting the biological nature of a face,
Processing the face image of the subject acquired at a certain time with one or more processors to identify corneal reflections of the illuminator adjacent to the subject;
Determining at the one or more processors an expected corneal reflection of the illuminator based on the illumination of the illuminator at the time;
Comparing the identified corneal reflection of the illuminator with the expected corneal reflection of the illuminator with the one or more processors to obtain a comparison result;
Determining the biological nature of the subject's face based on the comparison result with the one or more processors. 32. The method of claim 31, wherein comparing the identified corneal reflection of the illuminator with the expected corneal reflection of the illuminator,
Correlating the identified corneal reflection of the illuminator with the expected corneal reflection of the illuminator;
Scoring matching quality based on the correlation results;
Comparing the scored matching quality with a predetermined threshold;
Determining the biological nature of the subject's face is
Determining that the subject's face is a living body in response to determining that the scored matching quality exceeds the predetermined threshold. 32. The method of claim 31, wherein
Activating the illuminator to illuminate based on an illumination pattern. 34. The method of claim 33, comprising:
Generating the illumination pattern of the illuminator. 34. The method of claim 33, wherein activating the illuminator comprises:
Activating the illuminator in response to determining that the subject has selected to use biometric verification for biometric authentication.   32. The method of claim 31, wherein identifying the corneal reflection of the illuminator comprises identifying the corneal reflection of the illuminator by at least one of color, shape, position, or pattern. Including.   32. The method of claim 31, wherein the illuminator includes two or more illumination sources each having an individual color at an individual location.   38. The method of claim 37, wherein illumination of the illuminator is based on temporal illumination patterns of the two or more illumination sources.   40. The method of claim 38, wherein the two or more illumination sources each generate burst illumination with an individual duration.   40. The method of claim 39, wherein at least one of the two or more illumination sources has different illumination shapes with different durations.   38. The method of claim 37, wherein illumination of the illuminator is based on a spatial illumination pattern of the two or more illumination sources.   42. The method of claim 41, wherein each of the two or more illumination sources has an illumination on state or an illumination off state.   32. The method of claim 31, wherein the illuminator includes one or more physical light sources, each at an individual light wavelength.   32. The method of claim 31, wherein the illuminator includes one or more digital illumination sources that are displayed on a screen to provide individual illumination colors.   45. The method of claim 44, further comprising generating the digital illumination source.   32. The method of claim 31, wherein the illuminator is positioned such that illumination from the illuminator is obliquely incident on the subject's eye. 47. The method of claim 46, comprising:
The method further includes instructing the subject to change a relative position between the illuminator and the eye of the subject. 32. The method of claim 31, comprising:
Receiving at least a portion of a video stream feed from a camera device, wherein the portion of the video stream feed includes facial images of the subject taken at successive points in time by the camera device. . 49. The method of claim 48, comprising:
Processing a second face image of the subject acquired at a second time point that is continuous to the time point of the first face image to identify a second corneal reflection of the illuminator; ,
Determining a second expected corneal reflection of the illuminator based on a second illumination of the illuminator at the second time point different from the first illumination;
Comparing the identified second corneal reflection of the illuminator with the second expected corneal reflection of the illuminator to obtain a second comparison result;
Determining the biological properties of the subject's face based on the comparison result and the second comparison result. 32. The method of claim 31, comprising:
Transmitting the determined vitality of the subject's face to an identity provider computing device. 32. The method of claim 31, comprising:
Further comprising sending to the identity provider computing device an authentication request for the subject to access an account managed by a relying party different from the identity provider, the authentication request comprising: A method comprising: biometric data of the subject and the determined vitality of the subject's face. A computer-implemented method for detecting the biological nature of a face,
In order to identify the first and second corneal reflections of the illuminator adjacent to the subject, the first and second facial images of the subject acquired at first and second consecutive time points, respectively, Processing on one or more processors;
Identifying a change in the corneal reflection of the illuminator with the one or more processors based on the identified first and second corneal reflections;
Comparing said identified corneal reflection change of said illuminator with said illumination change of said illuminator associated with said first and second successive time points in said one or more processors;
Determining the biological nature of the subject's face based on the result of the comparison with the one or more processors. 53. The method of claim 52, comprising:
Activating the illuminator to change illumination of the illuminator based on the illumination change.   53. The method of claim 52, wherein the illumination change of the illuminator is a change in illumination color, illumination shape, illumination position, illumination on / off status, or illumination duration change. A method comprising at least one of them.   55. The method of claim 54, wherein identifying a change in the corneal reflection of the illuminator comprises changing the corneal reflection of the illuminator in color, shape, position, on / off state, or duration. A method comprising identifying at least one of them.   53. The method of claim 52, wherein the illuminator includes first and second illumination sources having first and second colors at first and second positions, respectively. 57. The method of claim 56, wherein the illumination change of the illuminator includes a change in temporal illumination pattern of the first and second illumination sources,
The method wherein the first and second illumination sources each generate burst illumination with an individual duration.   58. The method of claim 57, wherein at least one of the first illumination source or the second illumination source changes its illumination shape with a different duration. 57. The method of claim 56, wherein the illumination change of the illuminator includes a temporal change in a spatial illumination pattern of the first and second illumination sources,
The method wherein at least one of the first illumination source or the second illumination source has an illumination on / off state that changes over time. 53. The method of claim 52, wherein the illuminator is
One or more physical light sources of each individual light wavelength, or
A method comprising at least one of one or more digital illumination sources displayed on a screen to provide individual illumination colors. A computer-implemented method for detecting the biological nature of a face,
One or more processors process the first and second facial images of the subject acquired at first and second successive time points to identify the first and second corneal reflections of the object To do
Identifying a change in corneal reflection of the object with the one or more processors based on the identified first and second corneal reflections;
Comparing the identified change in corneal reflection of the object with a known change associated with the first and second time points with the one or more processors;
Determining the biological nature of the subject's face based on the result of the comparison with the one or more processors.   62. The method of claim 61, wherein the known change is a camera device motion.   62. The method of claim 61, wherein the known change is an illumination change of an illuminator.