ibeta – Bredemarket

Additional Ingenium Injection Attack Detection Testing…Result

There are numerous independent testing laboratories, holding testing certifications from various entities, that test a product’s conformance to the requirements of a particular standard.

For presentation attack detection (liveness), organizations such as iBeta and BixeLab test conformance to ISO 30107-3.

Vendors who submit their products to iBeta may optionally choose to have the results published; iBeta publishes these confirmation letters here.
In a similar manner, BixeLab publishes its confirmation letters here.

For injection attack detection, Ingenium tests conformance to CEN/TS 18099:2025, as well as testing that exceeds the requirements of that standard.

Unfortunately, I was unable to locate a central source of all of Ingenium’s testing results. So I had to hunt around.

Known Ingenium Injection Attack Detection Testing Results

Biometric Vendor	Ingenium Injection Attack Detection Test Level	Notes
FaceTec	2	Ingenium letter on FaceTec website
iProov	4	Bredemarket blog post “Injection Attack Detection, CEN/TS 18099:2025, and iProov“

And…that’s all I could find.

Ingenium’s testing is relatively new, as is the whole idea of performing injection attack detection testing in general, so it shouldn’t be surprising that vendors haven’t rushed to get independent confirmation of injection attack capabilities.

But they should.

A brief reminder on Ingenium’s five testing levels

I’ve mentioned this before, but it’s worth exploring in more detail, since I only discussed Level 4. Here’s a complete list of all five of Ingenium’s testing evaluation tiers:

Level 1: CEN Substantial: This tier is equivalent to the CEN TS 18099:2025 ‘substantial’ evaluation level. A Level 1 test requires 25 FTE days and includes a focus on 2 or more IAMs and 10 or more IAI species. It’s a great starting point for assessing your system’s resilience to common injection attacks.

Level 2: CEN High: Exceeding the substantial level, this tier aligns with the CEN TS 18099:2025 ‘high’ evaluation level. This 30-day FTE evaluation expands the scope to include 3 or more IAMs and a higher attack weighting, providing a more rigorous test of your system’s defenses.

Level 3: This level goes beyond the CEN TS 18099:2025 standard to provide an even more robust evaluation. The 35-day FTE program focuses on a higher attack weighting, with a greater emphasis on sophisticated IAMs and IAI species to ensure a more thorough assessment of your system’s resilience.

Level 4: A 40-day FTE evaluation that further exceeds the CEN TS 18099:2025 standard. Level 4 maintains a high attack weighting while specifically targeting the IAI detection capabilities of your system. Although not a formal PAD (Presentation Attack Detection) assessment, this level offers valuable insights into your system’s PAD subsystem resilience.

Level 5: Our most comprehensive offering, this 50-day FTE evaluation goes well beyond the CEN TS 18099:2025 requirements. Level 5 includes the highest level of Ingenium-created IAI species, which are specifically tailored to the unique functionality of your system. This intensive testing provides the deepest insight into your system’s resilience to injection attacks.

Oh, and there’s a video

As I was publicizing my iProov injection attack detection post, I used Grok to create an injection attack detection video. Not for the squeamish, but injection attacks are nasty anyway.

Grok.

Yoti iBeta Confirmation of Presentation Attack Detection Level 3

We’ve talked about Levels 1 and 2 of iBeta’s confirmation that particular biometric implementations meet the requirements of ISO 30107-3. But now with Yoti’s confirmation, we can talk about iBeta Level 3.

From iBeta:

“The test method was to apply 1 bona fide subject presentation that alternated with 3 artefact presentations such that the presentation of each species consisted of 150 Presentation Attacks (PAs) and 50 bona fide presentations, or until 56 hours had passed per species. The results were displayed for the tester on the device as “Liveness check: Passed” for a successful attempt or “Liveness check: Failed” for an unsuccessful attempt.

“iBeta was not able to gain a liveness classification with the presentation attacks (PAs) on the Apple iPhone 16 Pro. With 150 PAs for each of 3 species, the total number of attacks was 450, and the overall Attack Presentation Classification Error Rate (APCER) was 0%. The Bona Fide Presentation Classification Error Rate (BPCER) was also calculated and may be found in the final report.

“Yoti Limited’s myface12122025 application and supporting backend components were tested by iBeta to the ISO 30107-3 Biometric Presentation Attack Detection Standard and found to be in compliance with Level 3.”

Positioning, Messaging, and Your Facial Recognition Product Marketing

(Part of the biometric product marketing expert series)

By Original: Jack Ver at Dutch Wikipedia Vector: Ponor – Own work based on: Plaatsvector.png by Jack Ver at Dutch Wikipedia, CC BY-SA 4.0, https://commons.wikimedia.org/w/index.php?curid=95477901.

When marketing your facial recognition product (or any product), you need to pay attention to your positioning and messaging. This includes developing the answers to why, how, and what questions. But your positioning and your resulting messaging are deeply influenced by the characteristics of your product.

If facial recognition is your only modality

There are hundreds of facial recognition products on the market that are used for identity verification, authentication, crime solving (but ONLY as an investigative lead), and other purposes.

Some of these solutions ONLY use face as a biometric modality. Others use additional biometric modalities.

From Sandeep Kumar, A. Sony, Rahul Hooda, Yashpal Singh, in Journal of Advances and Scholarly Researches in Allied Education | Multidisciplinary Academic Research, “*Multimodal Biometric Authentication System for Automatic Certificate Generation*.”

Your positioning depends upon whether your solution only uses face, or uses other factors such as voice.

If your solution is only a face solution and does not include voice, your company will spend a lot of time trashing voice biometrics because of the demonstrated spoofs against voices.
Similarly, a face-only company will argue that facial recognition is a very fast, very secure, and completely frictionless method of verification and authentication. When opponents bring up the demonstrated spoofs against faces, you will argue that your iBeta-conformant presentation attack detection methodology guards against such spoofing attempts.
On the other hand, a company that uses multiple biometric modalities will argue that ANY single biometric modality can be spoofed, but that it is much, much harder to spoof multiple biometric modalities at once.

Of course, if you initially only offer a face solution and then offer a second biometric, you’ll have to rewrite all your material. “You know how we said that face is great? Well, face and gait are even greater!”

If biometrics is your only factor

It’s no secret that I am NOT a fan of the “passwords are dead” movement.

Too many of the tombstones are labeled “12345.” By GreatBernard – Own work, CC0, https://commons.wikimedia.org/w/index.php?curid=116933238.

It seems that many of the people that are waiting the long-delayed death of the password think that biometrics is the magic solution that will completely replace passwords.

For this reason, your company might have decided to use biometrics as your sole factor of identity verification and authentication.

Or perhaps your company took a different approach, and believes that multiple factors—perhaps all five factors—are required to truly verify and/or authenticate an individual. Use some combination of biometrics, secure documents such as driver’s licenses, geolocation, “something you do” such as a particular swiping pattern, and even (horrors!) knowledge-based authentication such as passwords or PINs.

This naturally shapes your positioning and messaging.

The single factor companies will argue that their approach is very fast, very secure, and completely frictionless. (Sound familiar?) No need to drag out your passport or your key fob, or to turn off your VPN to accurately indicate your location. Biometrics does it all!
The multiple factor companies will argue that ANY single factor can be spoofed, but that it is much, much harder to spoof multiple factors at once. (Sound familiar?)

So position yourself however you need to position yourself. Again, be prepared to change if your single factor solution adopts a second factor.

A final thought

Every company has its own way of approaching a problem, and your company is no different. As you prepare to market your products, survey your product, your customers, and your prospects and choose the correct positioning (and messaging) for your own circumstances.

And if you need help with biometric positioning and messaging, feel free to contact the biometric product marketing expert, John E. Bredehoft. (Full-time employment opportunities via LinkedIn, consulting opportunities via Bredemarket.)

In the meantime, take care of yourself, and each other.

Jerry Springer. By Justin Hoch, CC BY 2.0, https://commons.wikimedia.org/w/index.php?curid=16673259.

I Guess I Was Fated to Write About NIST IR 8491 on Passive Presentation Attack Detection

Remember in mid-August when I said that the U.S. National Institute of Standards and Technology was splitting its FRVT tests into FRTE and FATE tests?

Well, the FATE side of the house has released its first two studies, including one entitled “Face Analysis Technology Evaluation (FATE) Part 10: Performance of Passive, Software-Based Presentation Attack Detection (PAD) Algorithms” (NIST Internal Report NIST IR 8491; PDF here).

By JamesHarrison – Own work, Public Domain, https://commons.wikimedia.org/w/index.php?curid=4873863

I’ve written all about this study in a LinkedIn article under my own name that answers the following questions:

What is a presentation attack?
How do you detect presentation attacks?
Why does NIST care about presentation attacks?
And why should you?

My LinkedIn article, “Why NIST Cares About Presentation Attack Detection…and Why You Should Also,” can be found at the link https://www.linkedin.com/pulse/why-nist-cares-presentation-attack-detectionand-you-should-bredehoft/.

From https://www.linkedin.com/pulse/why-nist-cares-presentation-attack-detectionand-you-should-bredehoft/

Using “Multispectral” and “Liveness” in the Same Sentence

(Part of the biometric product marketing expert series)

Now that I’m plunging back into the fingerprint world, I’m thinking about all the different types of fingerprint readers.

The optical fingerprint and palm print readers are still around.
And the capacitive fingerprint readers still, um, persist.
And of course you have the contactless fingerprint readers such as MorphoWave, one that I know about.
And then you have the multispectral fingerprint readers.

What is multispectral?

Bayometric offers a web page that covers some of these fingerprint reader types, and points out the drawbacks of some of the readers they discuss.

Latent prints are usually produced by sweat, skin debris or other sebaceous excretions that cover up the palmar surface of the fingertips. If a latent print is on the glass platen of the optical sensor and light is directed on it, this print can fool the optical scanner….

Capacitive sensors can be spoofed by using gelatin based soft artificial fingers.
From https://www.bayometric.com/fingerprint-reader-technology-comparison/

There is another weakness of these types of readers. Some professions damage and wear away a person’s fingerprint ridges. Examples of professions whose practitioners exhibit worn ridges include construction workers and biometric content marketing experts (who, at least in the old days, handled a lot of paper).

The solution is to design a fingerprint reader that not only examines the surface of the finger, but goes deeper.

From HID Global, “A Guide to MSI Technology: How It Works,” https://blog.hidglobal.com/2022/10/guide-msi-technology-how-it-works

The specialty of multispectral sensors is that it can capture the features of the tissue that lie below the skin surface as well as the usual features on the finger surface. The features under the skin surface are able to provide a second representation of the pattern on the fingerprint surface.
From https://www.bayometric.com/fingerprint-reader-technology-comparison/

From https://www.crunchbase.com/funding_round/lumidigm-series-b–66e3e8f5

Multispectral sensors are nothing new. When I worked for Motorola, Motorola Ventures had invested in a company called Lumidigm that produced multispectral fingerprint sensors; they were much more expensive than your typical optical or capacitive sensor, but were much more effective in capturing true fingerprints to the subdermal level.

From https://newsroom.hidglobal.com/hid-global-acquires-biometric-leader-lumidigm-enhances-authentication-portfolio

Lumidigm was eventually acquired in 2014: not by Motorola (who sold off its biometric assets such as Printrak and Symbol), but by HID Global. This company continues to produce Lumidigm-branded multispectral fingerprint sensors to this day.

But let’s take a look at the other word I bandied about.

What is liveness?

KISS, Alive! By Obtained from allmusic.com., Fair use, https://en.wikipedia.org/w/index.php?curid=2194847

“Gelatin based soft artificial fingers” aren’t the only way to fool a biometric sensor, whether you’re talking about a fingerprint sensor or some other sensor such as a face sensor.

Regardless of the biometric modality, the intent is the same; instead of capturing a true biometric from a person, the biometric sensor is fooled into capturing a fake biometric: an artificial finger, a face with a mask on it, or a face on a video screen (rather than a face of a live person).

This tomfoolery is called a “presentation attack” (becuase you’re attacking security with a fake presentation).

From https://www.iso.org/obp/ui/#iso:std:iso-iec:30107:-3:ed-2:v1:en

But the standards folks have developed ISO/IEC 30107-3:2023, Information technology — Biometric presentation attack detection — Part 3: Testing and reporting.

From https://www.ibeta.com/iso-30107-3-presentation-attack-detection-confirmation-letters/. Bookmark it. I did.

And an organization called iBeta is one of the testing facilities authorized to test in accordance with the standard and to determine whether a biometric reader can detect the “liveness” of a biometric sample.

(Friends, I’m not going to get into passive liveness and active liveness. That’s best saved for another day.)

[UPDATE 4/24/2024: I FINALLY ADDRESSED THE DIFFERENCE BETWEEN ACTIVE AND PASSIVE LIVENESS HERE.]

Multispectral liveness

While multispectral fingerprint readers aren’t the only fingerprint readers, or the only biometric readers, that iBeta has tested for liveness, the HID Global Lumidigm readers conform to Level 2 (the higher level) of iBeta testing.

There’s a confirmation letter and everything.

Click to access 210211-HIDGlobal-V-Series-PAD-Level-2-Confirmation-Letter.pdf

From the iBeta website.

This letter was issued in 2021. For some odd reason, HID Global decided to publicize this in 2023.

Oh well. It’s good to occasionally remind people of stuff.