A group of students and professor Dr. D.J. Lee at BYU have come together to build an algorithm that could possibly bring two-factor authentication to facial recognition technologies in everything from cell phones to surveillance systems.
The project started almost two years ago as Lee and some students tried to think of an interesting research project. The group started looking into facial motion and how it could be analyzed.
That evolved into seeing if students are paying attention in class and it eventually morphed into improved security for facial recognition with the use of facial motion.
With the world of security constantly changing and hackers adapting to those changes, Lee acknowledged that nothing is perfect in terms of security.
“Fingerprinting is easy to do and people even make fake fingerprints,” Lee said. “The most common one is facial recognition and the biggest problem is, all of these can be used when the user is not aware. When you’re sleeping or unconscious, someone could use your biometrics to get into the system. It’s difficult, people come up with all kinds of ideas to hack into the system.”
He added that a company in Japan makes facial masks that look like people and some access social media pages to unlock devices needing facial recognition. Even algorithms can be fooled by photos and this technology can address the biggest concern, which is unintentional identity verification.
Two-factor authentication is not new technology, as companies like Apple and social media apps use it to verify someone’s identity, but integrating it into facial recognition is.
Lee said it is called Concurrent Two-Factor Identity Verification.
“Meaning you show your face and make the facial motion just once, you don’t have to do it twice,” Lee said. “With the facial motion, if people want to use your photo they cannot fool the system since the photo is not moving.”
The technology first uses facial recognition and then a secret phrase is mouthed, a movement with one’s lips is made, or a facial motion is made to satisfy the second step of authentication.
Even if a video is used, the chances of that video matching the secret facial motion are low, according to Lee.
Lee said that he could see this video being used on a computer, cell phones, or any piece of technology with a camera on it.
“There are many other applications,” Lee said. “People often ask me about their iPhones using this, and I say sure but we don’t necessarily have to compete with Apple. We don’t necessarily limit this to unlocking a phone or mobile device. This can be used for many different applications.”
Lee said other possible uses could occur in a car to start the engine, smiling at a camera to gain access to a hotel room, using it to gain access at an ATM, and even using facial motion in disabled people to control a computer.
When asked about using the technology in everyday life, Lee said it could be applied.
“I don’t know how many times a day we use identity verification,” Lee said. “If you pick up your phone you probably do it 20 times or more. Then you log into your BYU account and all of that can use this technology as long as there is a camera.”
The group working on the technology includes Lee, a Ph.D. student, and some undergraduate students as well. Lee said that they are all capable students that help to make the project an enjoyable experience.
The next step is a demonstration of the technology with the hopes of attracting some interest of people looking to help develop the algorithm further. Lee said he is confident that it can be developed further, allowing it to have an impact on daily life.