A face is the most commonly used soft-biometric parameter for private and commercial purposes. It is used to access computers, ATMs, online banking, healthcare, government office operations, airports, border control, etc. Compared to conventional methods like passcode entry, ID cards, or keys, it is more practical and easier to access. Facial recognition has increased the chances of face spoofing in today’s world.

In global market share, facial recognition is falling behind fingerprints as the second most widely used biometric authentication method. Simultaneously, with its increasing utility, face spoofing attacks are also rising as the most tangible threat plaguing the current biometric systems.

What is Face Spoofing?

Face spoofing refers to “tricking” a facial recognition system to gain unauthorized access to a particular system. It is mostly used to steal data and money or spread malware. The malicious impersonation of oneself is a critical component of face spoofing to gain access to a system. It is observed in many identity theft cases, particularly in the financial sector.

In 2015, Wen et al. presented experimental results for cutting-edge commercial off-the-shelf face recognition systems. These demonstrated the probability of fake face images being accepted as genuine. The probability could be as high as 70%. Despite this, the vulnerabilities of face recognition systems to attacks were frequently overlooked.

How is Face Spoofing Done?

Face Spoofing attacks can be of two types: Presentation attacks and Indirect attacks.

Presentation Attacks

Presentation attacks are entirely based on biometric vulnerabilities and are carried out at the sensor level without requiring access to the system’s interior.

In these attacks, hackers attempt to gain access to the biometric system by impersonating real users using some (typically artificial) artefacts such as a face photo, a mask, a fake fingerprint, or a printed image of the iris.

In Face Spoofing, hackers use the pool of biometric information including people’s faces, eyes, voices, and behaviours, to gain access to face recognition systems. Hackers can carry out these attacks by following methods:

  • 2D Spoofing: This involves showing a still picture of a person’s face (printed or displayed on a digital device) to the face recognition system’s sensor.
  • Replay/Video Attack: By using a device that can reproduce video, an attacker could play a video of the authorized user and then present it to the sensor or camera. This way, behavioural and facial features will appear more “natural” to the sensor.
  • 3D Mask: This is a step up for sophisticated facial recognition systems where 3D reconstruction of the victim’s face is presented to the camera. Attacks of this nature assist in breaking additional security measures, such as depth sensors.
  • Robots that reproduce expressions, Cosmetic Surgery, and Makeup are some other methods of face spoofing.

Companies can overcome these attacks using Face Anti-Spoofing methods.

Indirect Attacks

Hackers target indirect attacks at the structure level, including databases, matching data, and communication channels. The attacker needs access to the system’s interior to carry out these kinds of attacks.

Companies can use Classical Cybersecurity Techniques rather than biometrics to prevent indirect attacks.

Effects Of Face Spoofing on People

Today, all forms of institutions are using face recognition systems, including the Unique Identification Authority of India (UIDAI), which provides identity to all residents of India. Face biometrics-based access control is common and not just limited to passwords on mobile devices or gaming consoles like the Xbox. Uber’s driver verification process, AirBnB’s demand for user face profiles, etc., use Automated face recognition systems. Mobile banking is a field that finds widespread applications of face recognition systems. Thus, there is a sea of vulnerabilities and opportunities for hackers to resort to spoofing practices and afflict cybercrimes on individuals, companies, organizations, and government bodies.

How to Detect it?

The Presentation Attack Detection (PAD) method that determines whether the source of a biometric sample is a live person or a fake representation is known as Liveness Detection. Algorithms are used to accomplish this by analyzing biometric sensor data for the determination of the authenticity of a source.

Face recognition systems attempt to distinguish between genuine and fake users using multiple methods:

  1. Sensors: Identifying any pattern resembling a live trait in the signal.
  2. Detection Equipment: Utilizing specialized hardware, such as 3D Cameras, to find signs of liveness.
  3. Method of Challenge-Response: Asking the user to interact with the system in a specific way to analyse their smiles, facial expressions, and head movements.
  4. Data Flow Graphs: creating and computing data flow graphs that enable the development and training of neural networks at any level of complexity.

A good spoofing detection technique must adhere to some practical standards:

  • The method should be non-invasive, meaning it shouldn’t suggest excessive contact with the user or harm the user’s well-being;
  • The processing time shouldn’t be excessive;
  • The method should detect spoofing attacks without impairing the performance of face recognition;
  • The method should be easy to integrate into existing face recognition systems; and
  • Ideally, there is no requirement for any additional hardware.

Face Spoofing Prevention

Anti-Spoofing is a technique that reduces fraud in facial recognition systems and related technology environments.

Local Binary Pattern (LBP) is a texture image analysis anti-spoofing technique that thresholds image pixels based on their nearby neighbours. LBP is obsolete and ineffective against a wide range of assaults. It does, however, have advantages when combined with other approaches.

Recognizing differences through eye blink detection involves searching videos for frame gaps and tallying them with the blink rate of an average human, i.e., 15 to 30 times per second where eyes close for about 250ms during a blink. Calculating the area of the eye regions and analyzing facial landmarks can both be used to implement eye blink detection.

Features of deep learning like Convolutional Neural Network (CNN) is an anti-spoofing technique that constitutes trained convolution kernels that detect things, the human eye cannot.

Active Flash utilizes the light reflections on a face to enable liveness detection. The goal is to alter the lighting situation by adding a second source of light from the device screen. The white background of the screen causes the appropriate reflection of the face.


Personal Data is an essential component of personal identity. Companies should preserve personal data. Systems that use facial recognition for authentication must be resistant to face spoofing attacks.

Anti-spoofing techniques should be on top priority right from the start of the system design to create a secure face recognition system that will work in a practical setting.


What is Spoofing?

In terms of IT security, spoofing is an attack in which cybercriminals assume another person’s or object’s identity online to win over a user or target and launch harmful attacks or steal data, money, or identity.

Which industries are most affected by Face Spoofing Attacks?

Face Spoofing attacks target high-security fields in business, government agencies, and developing small and medium-sized businesses.

What is the difference between Spoofing and Phishing?

Spoofing is when someone attempts to use the identity of a legitimate user. Phishing, on the other hand, is a phenomenon where a criminal uses deceptive social engineering techniques to steal a user’s private and sensitive data.

Which is the most effective and viable PAD solution?

Active Flash solutions are the most efficient with Static-Dynamic PAI, image input as well as user involvement. It is also cost-effective.