ANTI-SPOOFING FACE ID SENSING USING TWO CAMERAS
A security check system using face ID sensing for secure access to an electronic platform includes a first camera configured to form a near ideal image of an object, a second camera configured to form a modulated image of the object, and a computer memory configured to store face ID data of an authorized person. The security check system further includes a processing module configured to analyze the near ideal image of the object to extract a first set of facial signatures, analyze the modulated image of the object to extract a second set of facial signatures, compare the first set of facial signatures and the second set of facial signatures to the face ID data, and determine whether the object is the live face of the authorized person based on the comparison.
This application claims the benefit of U.S. Provisional Patent Application No. 62/793,341, filed on Jan. 16, 2019, the content of which is incorporated by reference in its entirety.
The following three U.S. Patent Applications (including this one) are being filed concurrently, and the entire disclosure of the other application is incorporated by reference into this application for all purposes:
application Ser. No. 16/361,197, filed Mar. 21, 2019, entitled “ANTI-SPOOFING FACE ID SENSING” (Attorney Docket No. 102768-1123280 (003010US)),
application Ser. No. ______, filed Mar. 22, 2019, entitled “ANTI-SPOOFING FACE ID SENSING USING TWO CAMERAS” (Attorney Docket No. 102768-1123281 (003020US)), and
application Ser. No. ______, filed Mar. 22, 2019, entitled “ANTI-SPOOFING FACE ID SENSING BASED ON RETRO-REFLECTION” (Attorney Docket No. 102768-1123282 (003030US)).
TECHNICAL FIELDThis disclosure relates to face identification (ID) sensing with anti-spoofing capabilities for secure access to in electronic platforms, including portable computing devices such as mobile devices, wearable devices, electronic payment systems, and larger systems.
BACKGROUNDElectronic devices, such as smart phones, tablets, and laptops, may be equipped with security access systems, such as face identification (ID), fingerprint sensors, and the like. For example, face ID may be used to unlock a smart phone, log in to apps and accounts, or even for mobile payments. There exists a risk that such security access systems may be spoofed by using a photograph or a video of a person, or using a statue of a person. Therefore, there is a need for face ID sensors that have anti-spoofing capabilities.
SUMMARYAccording to some embodiments, a security check system using face ID sensing for secure access to an electronic platform includes a camera. The camera includes an imaging lens configured to form a modulated image of an object positioned in front of the camera. The modulated image of the object includes deviations from an ideal image. The security check system further includes a computer memory configured to store face ID data of an authorized person. The face ID data is generated from one or more modulated images of a live face of the authorized person acquired by the camera during a registration process. The security check system further includes a processing module coupled to the camera and the computer memory. The processing module is configured to analyze the modulated image of the object to extract facial signatures, compare the facial signatures to the face ID data, and determine whether the object is the live face of the authorized person based on the comparison.
According to some embodiments, a face ID sensor includes an imaging lens configured to form a modulated image of an object. The imaging lens includes a transparent slab having a first surface facing the object, and a second surface opposite to the first surface. The imaging lens further includes a half-ball lens attached to the second surface of the transparent slab. The face ID sensor further includes a photodetector positioned substantially at a focal plane of the imaging lens, and configured to convert optical signals of the modulated image into electrical signals.
According to some embodiments, a method of security check using face ID sensing for secure access to an electronic platform is provided. The method is performed by a security check system that includes a camera, a computer memory, and a processing module. The method includes storing face ID data of an authorized person in the computer memory. The face ID data is generated from one or more images of a live face of the authorized person acquired by the camera during a registration process. The camera includes an imaging lens configured to form modulated images. The method further includes acquiring, using the camera, a modulated image of a first object positioned in front of the camera, analyzing, using the processing module, the modulated image of the first object to extract facial signatures, comparing, using the processing module, the facial signatures to the face ID data, and determining, using the processing module, whether the first object is the live face of the authorized person based on the comparison.
According to some embodiments, a security check system using face ID sensing for secure access to an electronic platform includes a first camera configured to form a near ideal image of an object, and a second camera that includes an imaging lens configured to form a modulated image of the object. The modulated image of the object includes deviations from the ideal image of the object. The security check system further includes a computer memory configured to store face ID data of an authorized person. The face ID data is generated from one or more near ideal images of a live face of the authorized person acquired by the first camera during a registration process, and one or more modulated images of the live face of the authorized person acquired by the second camera during the registration process. The security check system further includes a processing module coupled to the first camera, the second camera, and the computer memory. The processing module is configured to analyze the near ideal image of the object to extract a first set of facial signatures, analyze the modulated image of the object to extract a second set of facial signatures, compare the first set of facial signatures and the second set of facial signatures to the face ID data, and determine whether the object is the live face of the authorized person based on the comparison.
According to some embodiments, a method of security check using face ID sensing for secure access to an electronic platform is provided. The method is performed by a security check system that includes a first camera, a second camera, a computer memory, and a processing module. The method includes storing face ID data of an authorized person in the computer memory. The face ID data is generated from one or more near ideal images of a live face of the authorized person acquired by the first camera during a registration process, and one or more modulated images of the live face of the authorized person acquired by the second camera during the registration process. Each of the one or more modulated images corresponds to a respective one of the one or more near ideal images. The second camera includes an imaging lens configured so that a respective modulated image deviates from a corresponding near ideal image. The method further includes acquiring, using the first camera, a near ideal image of an object, acquiring, using the second camera, a modulated image of the object simultaneously with acquiring of the near ideal image, analyzing, using the processing module, the near ideal image of the object to extract a first set of facial signatures, analyzing, using the processing module, the modulated image of the object to extract a second set of facial signatures, comparing, using the processing module, the first set of facial signatures and the second set of facial signatures to the face ID data, and determining, using the processing module, whether the object is the live face of the authorized person based on the comparison.
According to some embodiments, a method of security check using face ID sensing for secure access to an electronic platform is provided. The method is performed by a security check system that includes a first camera, a second camera, a computer memory, and a processing module. The method includes storing face ID data of an authorized person in the computer memory. The face ID data is generated from one or more near ideal images of a live face of the authorized person acquired by the first camera during a registration process. The method further includes acquiring, using the first camera, a near ideal image of an object, analyzing, using the processing module, the near ideal image of the object to extract a first set of facial signatures, and determining, using the processing module, whether the first set of facial signatures matches with the face ID data by comparing the first set of facial signatures to the face ID data. The method further includes, in response to determining that the first set of facial signatures does not match with the face ID data, denying access to the electronic platform. The method further includes, in response to determining that the first set of facial signatures matches with the face ID data, digitally modulating, using the processing module, the near ideal image of the object to obtain a first modulated image of the object using the processing module, and acquiring, using the second camera, a second modulated image of the object. The second camera includes an imaging lens configured so that the second modulated image of the object deviates from the near ideal image of the object. The method further includes comparing, using the processing module, the first modulated image of the object and the second modulated image of the object, and determining, using the processing module, whether the object is the live face of the authorized person based on the comparison.
According to some embodiments, a security check system using face ID sensing for secure access to an electronic platform includes a light source configured to provide a light beam to be incident on an object, a camera disposed adjacent the light source and configured to form an image of the object while the light beam is incident on the object, and a computer memory configured to store face ID data of an authorized person. The face ID data is generated from one or more images of a face of the authorized person acquired by the camera during a registration process. The security check system further includes a processing module coupled to the camera and the computer memory, and configured to analyze the image of the object to extract facial signatures and to determine whether there exists an indication of a retro-reflection of the light beam incident on the object, and compare the facial signatures to the face ID data to determine whether a match exists between the facial signatures and the face ID data. The processing module is further configured to, in response to determining that the match exists between the facial signatures and the face ID data and the indication of the retro-reflection exists, grant access to the electronic platform, and in response to determining that the match does not exist between the facial signatures and the face ID data or the indication of the retro-reflection does not exist, deny access to the electronic platform.
According to some embodiments, a security check system using face ID sensing for secure access to an electronic platform includes a light source attached to a frame of the electronic platform and configured to provide an incident light beam to be incident on an object, and a first camera attached to the frame of the electronic platform and configured to form a first image of the object while the incident light beam is incident on the object. The first camera is positioned adjacent the light source such that a retro-reflected light beam caused by the incident light beam is within a field of view (FOV) of the first camera. The security check system further includes a second camera attached to the frame of the electronic platform and configured to form a second image of the object while the incident light beam is incident on the object. The second camera is spaced apart from the light source such that the retro-reflected light beam is outside a FOV of the second camera. The security check system further includes a computer memory configured to store face ID data of an authorized person. The face ID data is generated from at least one of one or more first images of a live face of the authorized person acquired by the first camera during a registration process, or one or more second images of the live face of the authorized person acquired by the second camera during the registration process. The security check system further includes a processing module coupled to the first camera, the second camera, and the computer memory, and configured to analyze at least one of the first image of the object or the second image of the object to extract facial signatures, compare the facial signatures to the face ID data to determine whether a match exists, compare the first image of the object to the second image of the object to determine whether there exists an indication of the retro-reflected light beam in the first image of the object, in response to determining that the match exists between the facial signatures and the face ID data and the indication of the retro-reflected light beam, grant access to the electronic platform, and in response to determining that the match does not exist between the facial signatures and the face ID data or the indication of the retro-reflected light beam does not exist, deny access to the electronic platform.
According to some embodiments, a method of security check using face ID sensing for secure access to an electronic platform is provided. The method is performed by a security check system that includes a light source, a camera disposed adjacent the light source, a computer memory, and a processing module. The method includes storing face ID data of an authorized person in the computer memory. The face ID data is generated from one or more images of a live face of the authorized person acquired by the camera during a registration process. The method further includes shining a light beam produced by the light source on an object, acquiring, using the camera, an image of the object while the light beam shines on the object, analyzing, using the processing module, the image of the object to extract facial signatures and to determine whether there exists an indication of a retro-reflection of the light beam incident on the object, and comparing, using the processing module, the facial signatures to the face ID data to determine whether a match exists. The method further includes, in response to determining that the match does not exist between the facial signatures and the face ID data or the indication of the retro-reflection does not exist, denying access to the electronic platform, and in response to determining that the match exists between the facial signatures and the face ID data, and the indication of the retro-reflection exists, granting access to the electronic platform.
A control and processing module 230 may analyze the characteristics of the image 220 of the 3D object 202. For example, the control and processing module 230 may be configured to identify that the image 220 contains an image of a human face and extract facial signatures of the human face from the image 220. The control and processing module 230 may be further configured to compare the facial signatures in the image 220 with facial signatures of an authorized user stored in a face ID database 240. The face ID database may include face ID data of the authorized user generated during a registration process. For example, during the registration process, one or more images of the live face of the authorized user may be captured by the front camera 210. The images may be analyzed to extract the facial signatures of the authorized user. The facial images of the authorized user, as well as the facial signatures, may be stored in the face ID database 240 for subsequent security check.
The control and processing module 230 may determine whether the facial signatures in the ideal image 220 matches with a face ID data stored in the face ID database 240. The control and processing module 230 may output a facial recognition decision via an output interface 250.
A processing unit of the mobile device 100 may grant or deny access based on the facial recognition decision. For example, if the control and processing module 230 outputs a positive facial recognition decision indicating a match, the processing unit of the mobile device 100 may grant access to the mobile device 100 (e.g., waking up the mobile device 100). On the other hand, if the control and processing module 230 outputs a negative facial recognition decision indicating a non-match, the processing unit of the mobile device 100 may deny access to the mobile device 100 (e.g., the mobile device 100 may remain locked).
The system illustrated in
According to some embodiments, a face ID sensor is configured to have spoofing detection capabilities by introducing image modulations.
The mobile device 400 may also include an optional illumination light source 420 positioned in close proximity to the second camera 410. The illumination light source 420 may provide illumination in a dark environment, thus enabling face ID sensing even when it is dark. The illumination light source 420 may be configured to emit infrared light (e.g., at about 940 nm wavelength) that is eye-safe. The illumination light source 420 may also be used for producing a retro-reflection of a user's eye, which can be combined with image modulations to detect spoofing, as described in more detail below.
The imaging lens 416 may have a field of view FOV2. In some embodiments, FOV2 may be wider than the FOV of a normal camera (e.g., FOV1 of the front camera 210 illustrated in
The imaging lens 416 of the camera 412 may be configured to form a modulated image 520 of a 3D object 502 (e.g., a face) placed within the FOV (e.g., FOV3) of the face ID sensor 410. The modulated image 520 may include relatively large distortions or other types of image aberrations, referred herein as image modulations. The image modulations may be sensitive to the depth variations of the 3D object 502, and thus may provide depth information for distinguishing a 2D photograph from a 3D object. Therefore, the face ID sensor 410 may enable detection of spoofing attempts using a photograph or a video of a person's face. The camera 412 that is configured to produce relative large image modulations may be referred herein as a depth-aware camera.
In image formation, distortion is a form of image aberration that causes deviation from rectilinear projection, i.e., a projection in which straight lines in a scene remain straight in an image. Common forms of distortion include barrel distortion and pincushion distortion. In a barrel distortion, image magnification decreases with distance from the optical axis. The apparent effect is that of an image which has been mapped around a sphere (or barrel). In a pincushion distortion, image magnification increases with the distance from the optical axis. The apparent effect is that lines that do not go through the center of the image are bowed inwards, towards the center of the image, like a pincushion. Some images may exhibit a mixture of barrel distortion and pincushion distortion.
Modulations in an image may be sensitive to the depth variations of an object. For example, the amount and characteristics of distortion may depend on the depth variations of the object.
Comparing
Referring again to
The control and processing module 530 may output a facial recognition decision via an output interface 550. A processing unit of the mobile device 400 may grant or deny access based on the facial recognition decision. For example, if the control and processing module 530 outputs a positive facial recognition decision indicating a match, the processing unit of the mobile device 400 may grant access to the mobile device 400 (e.g., waking up the mobile device 400). On the other hand, if the control and processing module 530 outputs a negative facial recognition decision indicating a non-match, the processing unit of the mobile device 400 may deny access to the mobile device 400 (e.g., the mobile device 400 may remain locked).
In the example illustrated in
Referring to
Shown on the right side of
The second detection branch may include an image modulation equalizer (IME) 930. The IME 930 is configured to add a modulation format to the ideal image 920 of the object 902 to obtain a second modulated image 940. In some embodiments, the modulation format may simulate the optical phases produced by the optical elements of the depth-aware camera 412 that cause the image modulations. Thus, the second modulated image 940 obtained by the IME 930 may be equivalent to a modulated image that would have been captured by the depth-aware camera 412 if the ideal image 920 is placed at the same position as that of the object 902 (e.g., like the 2D object 702 illustrated in
Referring to
On the other hand, as illustrated in
Any imaging system that can produce distortions or other types of image aberrations may be used as a depth-aware camera.
The slab 1110 may have an index of refraction n2. In some embodiments, the half-ball lens 1120 may have an index of refraction similar to the index of refraction n2 of the slab 1110. In some other embodiments, the half-ball lens 1120 may have an index of refraction different from the index of refraction n2 of the slab 1110. The medium surrounding the imaging lens 1100 may have an index of refraction n1. For example, the slab 1110 may be a piece of glass, which may have an index of refraction ranging from about 1.3 to 2 or greater, depending on the type of glass. The imaging lens 1100 may be surrounded by air, which has an index of refraction approximately equal to one. The combination of the half-ball lens 1120 and the slab 1110 may produce relatively large distortions (e.g., barrel distortions) and spherical aberrations, as discussed below.
As illustrated in
Still referring to
Therefore, although the grazing incident light beam 1160 undergoes a relatively large refraction at the top surface 1112 of the slab 1110, there is no corrections further along the optical path to compensate for any modulations that may be resulted from the relatively large refraction. As a result, the resulting image may exhibit rather large modulations such as distortions (e.g., barrel distortions) and spherical aberrations. For example, the imaging lens 1100 may produce an image of a building similar to that shown in
It should be appreciated that
According to some embodiments, a method of security check using anti-spoofing face
ID sensing may utilize two cameras. A first camera may be a normal camera configured for nearly ideal imaging (e.g., a front camera of a mobile device); and a second camera may be a depth-aware camera configured to produce relatively large image modulations, such as the camera 412 illustrated in
At 1210, face ID registration is activated. For example, face ID registration may be activated by an authorized user of a mobile device by selecting face ID registration in “settings,” or when the mobile device is turned on by the authorized user for the first time after purchase.
At 1220, the normal camera may capture a first set of images of the authorized user's face. The first set of images may be ideal images of the authorized user's face that exhibit no or small image modulations. In some embodiments, the first set of images may include one or more images of the authorized user's face from different angles.
At 1222, a first set of facial signature maps may be extracted from the first set of images captured by the first camera. For example, facial recognition and image analysis algorithms may be used to extract the first set of facial signature maps.
At 1230, the depth-aware camera may capture a second set of images of the authorized user's face. The second set of images may exhibit relatively large image modulations. In some embodiments, the second set of images may include one or more images of the authorized user's face from different angles. The normal camera and the depth-aware camera may capture images of the authorized user's face simultaneously. That is, a pair of images, one by the normal camera and the other one by the depth-aware camera, may be acquired simultaneously when the authorized user's face is at a certain pose. Thus, images in the first set of images and images in the second set of images may have a one-to-one correspondence.
At 1232, a second set of facial signature maps may be extracted from the second set of images captured by the depth-aware camera, for example, by using facial recognition and image analysis algorithms.
At 1240, the first set of facial signature maps and the second set of facial signature maps may be linked into a set of data pairs.
At 1250, interpolation and other optional operations may be performed on the set of data pairs. For example, interpolation may be performed to cover a range of possible situations.
At 1260, a set of interpolated data pairs are saved in a face ID database, which may be used subsequently for security check, as discussed below with reference to
At 1310, security check may be activated. For example, security check may be activated when a user wakes up the mobile device from sleep mode or turns the mobile device on, or when the user touches a physical button (e.g., a sound volume control button) or plugs in a headphone. Security check may also be activated when a user tries to access an app or process a payment.
At 1320, an illumination light source may be turned on if the mobile device includes an illumination light source (e.g., the illumination light source 420 shown in
At 1330, the normal camera may capture one or more first images of the user's face. The first images may be of high quality and exhibit no or small modulations.
At 1332, the normal camera may output the high quality first images. For example, the high quality first images may be saved in a photo album.
At 1334, a first set of facial signature data may be extracted from the one or more first images captured by the normal camera.
At 1340, the depth-aware camera may capture one or more second images of the user's face. The second images may exhibit relatively large modulations, such as distortions. In some embodiments, the normal camera and the depth-aware camera may capture images of the user's face simultaneously, so that there is a one-to-one correspondence between each first image and a corresponding second image.
At 1342, a second set of facial signature data may be extracted from the one or more second images captured by the depth-aware camera.
At 1350, the first set of facial signature data and the second set of facial signature data may be used to evaluate whether they match with the set of data pairs stored in the face ID database 1260, e.g., obtained as illustrated in
In some embodiments, the evaluation may include two steps. In a first step, the first set of facial signature data may be used to determine whether the user's facial signatures match with the facial signatures of the authorized user. In a second step, the second set of facial signature data may be used to determine whether the second images are images of a 2D photograph instead of a live 3D face. Thus, the first step performs facial matching, and the second step performs spoofing detection. In some other embodiments, the second set of facial signature data may be used to determine whether the user's facial signatures match with the facial signatures of the authorized user; and in the second step, the first set of facial signature data may be used for spoofing detection. In some further embodiments, the first set of facial signature data and the second set of facial signature data may be used together for both facial matching and spoofing detection.
At 1370, if the evaluation result shows a non-match, access may be denied to the user. If the evaluation result shows a match, but spoofing is detected, access may also be denied to the user.
At 1380, if the evaluation result shows both a match and non-spoofing, access may be granted to the user.
According to some embodiments, a method of security check using anti-spoofing face ID sensing may utilize a normal camera and a depth-aware camera. The security check may include two steps: a facial matching step and a spoofing detection step. The images acquired by the normal camera during a registration process may be used to create a face ID database, which may be subsequently used for facial signature matching. Live images acquired by both cameras during security check may be used for spoofing detection, for example, based on the principal illustrated in
At 1410, face ID registration is activated. For example, face ID registration may be activated by an authorized user of a mobile device by selecting face ID registration in “settings,” or when the mobile device is turned on by the authorized user for the first time after purchase.
At 1420, the normal camera may capture a set of images of the authorized user's face. The set of images may be ideal images of the authorized user's face that exhibit no or small image modulations. The set of images may include one or more images of the authorized user's face from different angles.
At 1430, a set of facial signature maps may be extracted from the set of images captured by the normal camera, for example, using facial recognition and image analysis algorithms.
At 1440, interpolation and other optional operations may be performed on the set of facial signature maps. For example, interpolation may be performed to cover a range of possible situations.
At 1450, a set of interpolated facial signature maps are saved in a face ID database, which may be used subsequently in a security check process, as discussed below with reference to
At 1510, security check may be activated. For example, security check may be activated when a user wakes up the mobile device from sleep mode or turns the mobile device on. Security check may also be activated when a user tries to access an app or process a payment.
At 1520, an illumination light source may be turned on if the mobile device includes an illumination light source (e.g., the illumination light source 420 shown in
At 1530, the normal camera may capture one or more ideal images of the user's face. The ideal images may be of high quality and exhibit no or small modulations.
At 1532, the normal camera may output the high quality images. For example, the high quality images may be saved in a photo album.
At 1534, a first set of image signature data may be extracted from the one or more ideal images captured by the normal camera.
At 1540, the depth-aware camera may capture one or more modulated images of the user's face. For example, the modulated images may exhibit relatively large distortions (e.g., barrel distortions). The normal camera and the depth-aware camera may capture images of the user's face simultaneously, so that there is a one-to-one correspondence between the ideal images captured by the normal camera and the modulated images captured by the depth-aware camera.
At 1542, a second set of image signature data may be extracted from the one or more images captured by the depth-aware camera.
At 1550, the first set of image signature data extracted from the ideal images captured by the normal camera may be used to evaluate whether they match with the set of facial signature maps stored in the face ID database 1450, e.g., obtained as illustrated in
At 1560, if the evaluation result shows a non-match, access may be denied to the user.
At 1570, if the evaluation result shows a match, spoofing detection may be performed. According to some embodiments, the spoofing detection may use the ideal images captured by the normal camera and the modulated images captured by the depth-aware camera, as discussed below.
At 1580, an image modulation equalizer (IME) may be applied to the ideal images captured by the normal camera (obtained at 1530). The IME may digitally modulate the ideal images by adding a modulation format to the ideal images, thereby generating the digitally modulated images 1582. In some embodiments, the modulation format may contain the optical phases that would have been produced by the optical elements of the depth-aware camera. Thus, as discussed above with reference to
At 1584, a third set of image signature data may be extracted from the digitally modulated images 1582.
At 1570, the second set of image signature data 1542 and the third set of image signature data 1584 may be compared to determine whether the images are from a live 3D face or a 2D photograph.
As discussed above with reference to
At 1590, if the user passes the spoofing detection at 1570, access is granted.
At 1560, if the user fails the spoofing detection at 1570, access is denied.
According to some embodiments, a method of security check using anti-spoofing face ID sensing may utilize a single camera. The camera may be a depth-aware camera configured to produce relatively large image modulations, such as the camera 412 illustrated in
At 1610, face ID registration is activated. For example, face ID registration may be activated by an authorized user of a mobile device by selecting face ID registration in “settings,” or when the mobile device is turned on by the authorized user for the first time after purchase.
At 1620, the camera may capture a set of images of the authorized user's face. The camera may be configured to produce relatively large image modulations, such as distortions and other types of image aberrations. The set of images may include one or more images of the authorized user's face from different angles.
At 1630, a set of facial signature maps may be extracted from the set of images captured by the camera, for example, by using facial recognition and image analysis algorithms.
At 1640, interpolation and other optional operations may be performed on the set of facial signature maps. For example, interpolation may be performed to cover a range of possible situations.
At 1650, an interpolated set of facial signature maps are saved in a face ID database, which may be used subsequently for security check, as described below with reference to
At 1710, security check may be activated. For example, security check may be activated when a user wakes up the mobile device from sleep mode or turns the mobile device on. Security check may also be activated when a user tries to access an app or process a payment.
At 1720, an illumination light source may be turned on if the mobile device includes an illumination light source (e.g., the illumination light source 420 shown in
At 1730, the camera may capture one or more images of the user's face. The images may exhibit relatively large modulations, such as distortions.
At 1740, facial signature data may be extracted from the one or more images captured by the camera.
At 1750, the facial signature data is used to evaluate whether the facial signature data matches with the set of facial signature maps stored in the face ID database 1650, e.g., obtained as illustrated in
At 1760, if the evaluation result shows a non-match, access may be denied to the user.
At 1770, if the evaluation result shows a match, access may be granted to the user.
As discussed above with reference to
In some embodiments, the single camera may serve both as a face ID sensor and as a front camera. For example, the optical phases produced by the optical elements of the camera that cause image modulations may be transformed into a modulation format. The modulation format may be used to digitally correct the modulations in the images captured by the camera to produce high quality images (e.g., images that have no or small modulations). In other words, the modulated images may be digitally “demodulated” to produce high quality images.
Thus, optionally, at 1780, modulation correction may be performed on the images captured by the camera to obtain high quality (nearly modulation-free) images. At 1790, the high quality images may be output. For example, the high quality images may be saved in a photo album.
At 1802, face ID data of an authorized person is stored in the computer memory. The face ID data is generated from one or more images of a live face of the authorized person that are acquired by the camera during a registration process. The camera includes an imaging lens that is configured to form modulated images. For example, the modulated images include image modulations, such as distortions and/or other image aberrations, as discussed above.
At 1804, the camera acquires a modulated image of a first object positioned in front of the camera. The modulated image also include image modulations, such as distortions or other image aberrations.
At 1806, the processing module analyses the modulated image of the first object to extract facial signatures.
At 1808, the processing module compares the facial signatures to the face ID data.
At 1810, the processing module determines whether the first object is the live face of the authorized person based on the comparison. For example, if the processing module determines that the facial signatures match with the face ID data, it may determine that the first object is the live face of the authorized person. On the other hand, if the processing module determines that the facial signatures do not match with the face ID data, it may determine that the first object is not the live face of the authorized person. As discussed above, if a 2D photograph of the face of the authorized person is used to spoof the security check system, a modulated image of the 2D photograph may exhibit different distortions than a modulated image of the live face, and thus may result in a non-match to the face ID data. Therefore, the processing module may determine that the first object is not the live face of the authorized person.
It should be appreciated that the specific steps illustrated in
At 1902, face ID data of an authorized person is stored in the computer memory. The face ID data is generated from one or more near ideal images of a live face of the authorized person acquired by the first camera during a registration process, and one or more modulated images of the live face of the authorized person acquired by the second camera during the registration process. Each of the one or more modulated images corresponds to a respective one of the one or more near ideal images. The second camera includes an imaging lens configured so that a respective modulated image deviates from a corresponding near ideal image. For example, as discussed above, the modulated image may include distortions and/or other types of image aberrations, whereas as the near ideal image may have very little or no distortions and/or other types of image aberrations.
At 1904, the first camera acquires a near ideal image of an object.
At 1906, the second camera acquires a modulated image of the object simultaneously with acquiring of the near ideal image.
At 1908, the processing module analyzes the near ideal image of the object to extract a first set of facial signatures.
At 1910, the processing module analyzes the modulated image of the object to extract a second set of facial signatures.
At 1912, the processing module compares the first set of facial signatures and the second set of facial signatures to the face ID data.
At 1914, the processing module determines whether the object is the live face of the authorized person based on the comparison.
It should be appreciated that the specific steps illustrated in
At 2002, face ID data of an authorized person is stored in the computer memory. The face ID data is generated from one or more near ideal images of a live face of the authorized person acquired by the first camera during a registration process.
At 2004, the first camera acquires a near ideal image of an object.
At 2006, the processing module analyzes the near ideal image of the object to extract a first set of facial signatures.
At 2008, the processing module determines whether the first set of facial signatures matches with the face ID data by comparing the first set of facial signatures to the face ID data.
At 2010, in response to determining that the first set of facial signatures does not match with the face ID data, access to the electronic platform is denied.
At 2012, in response to determining that the first set of facial signatures matches with the face ID data, the processing module digitally modulates the near ideal image of the object to obtain a first modulated image of the object using the processing module.
At 2014, the second camera acquires a second modulated image of the object. The second camera includes an imaging lens configured so that the second modulated image of the object deviates from the near ideal image of the object.
At 2016, the processing module compares the first modulated image of the object and the second modulated image of the object.
At 2018, the processing module determines whether the object is the live face of the authorized person based on the comparison.
It should be appreciated that the specific steps illustrated in
According to some embodiments, a security check system for secure access to an electronic platform may use anti-spoofing face ID sensing based on retro-reflection from a user's eye. Such a security check system may be able to detect whether a live face is being authenticated, or a photograph or a statue is being used to fool the security check system.
Retro-reflection may occur when the light beam 2130 emitted by the illumination light source 2120 shines on a human eye 2150. Retro-reflection is a phenomenon of light rays striking a surface and being redirected back to the source of light. As illustrated in
In comparison, a photograph or a statue that does not have a human eyeball 2150 may diffusely scatter the light beam 2130 shining on it, and may not produce the retro-reflected light beam 2140 directed back toward the illumination light source 2120. Thus, an image of a photograph or a statue may not contain a bright spot in the eye, as illustrated in the image of a photograph shown in
In some embodiments, the camera 2110 may be a normal camera that is configured to produce nearly ideal images that are modulation free. In some other embodiments, the camera 2110 may be a depth-aware camera that is configured to produce relatively large modulations, such as distortions, as discussed above.
Note that, if a spoofing attempt uses a picture of a human face on a display screen of another mobile device, such as a smart phone, to fool the face ID sensor, the display screen of the other mobile device may also retro-reflect the light beam 2130 shining on it. However, such a retro-reflected light beam will not only come from the eye of the human face, but also from other areas of the human face. Therefore, such a retro-reflected light beam will not result in the signature bright spot 2210 in the eye as shown in
At 2310, security check may be activated. For example, security check may be activated when a user wakes up the mobile device from sleep mode or turns the mobile device on. Security check may also be activated when a user tries to access an app or process a payment.
At 2320, the illumination light source 2120 may be turned on.
At 2330, the camera 2110 may capture one or more images of the user's face.
At 2340, facial signature data may be extracted from the one or more images captured by the camera.
At 2350, the facial signature data is compared to the facial signature maps stored in the face ID database 2390. The facial signature maps may be obtained from an authorized user during a registration process and saved in the ID database 2390 as discussed above.
At 2360, if the comparison shows a non-match, access may be denied to the user.
At 2370, if the comparison shows a match, spoofing detection may be performed, by analyzing the one or more images captured by the camera to evaluate whether a retro-reflection signature is present. If it is determined that the retro-reflection signature is absent, the security check system may determine that it is a spoofing attempt, and thus may deny access.
At 2380, if it is determined that the retro-reflection signature is present, the security check system may determine that it is not a spoofing attempt, and thus may grant access.
According to some embodiments, a security check system may compare the image 2420 formed by the first camera 2110 and the image 2430 formed by the second camera 2410 to determine whether it is a live face being authenticated, or a photograph or a statue is being used to “spoof” the security check system. For example, if the image 2420 captured by the first camera 2110 shows a bright spot 2422 in the eye, while the image 2430 captured by the second camera 2410 does not show such a bright spot in the eye, the security check system may determine that it is a live face being authenticated. As another example, if neither of the two images 2420 and 2430 show a bright spot in the eye, the security check system may determine that it is not a live face being authenticated.
At 2510, security check may be activated. For example, security check may be activated when a user wakes up the mobile device from sleep mode or turns the mobile device on, or when the user touches a physical button (e.g., a sound volume control button) or plugs in a headphone. Security check may also be activated when a user tries to access an app or process a payment.
At 2520, the illumination light source may be turned on.
At 2530, the first camera may capture one or more first images of the user's face.
At 2534, a first set of facial signature data may be extracted from the one or more first images captured by the first camera.
At 2540, the second camera may capture one or more second images of the user's face. In some embodiments, the first camera and the second camera may capture images simultaneously, so that there may be a one-to-one correspondence between each first image and a corresponding second image.
At 2542, a second set of facial signature data may be extracted from the one or more second images captured by the second camera.
At 2550, the first set of facial signature data and/or the second set of facial signature data may be used to evaluate whether they match with facial signature maps stored in the face ID database 2560. The facial signature maps may be obtained from an authorized user during a registration process and saved in the ID database 2590 as discussed above.
At 2560, if it is determined that there is no match, access may be denied.
At 2570, if it is determined that there is a match, spoofing detection may be performed, by comparing the first images captured by the first camera and the second images captured by the second camera. As discussed above, if it is a live person being authenticated, the first images captured by the first camera may show a retro-reflection signature in the eye. Whereas, the second images captured by the second camera may not show a retro-reflection signature in the eye regardless of whether it is a live person being authenticated. Thus, if the retro-reflection signature is identified in the first images and not in the second images, it may be determined that a live person is being authenticated. On the other hand, if the retro-reflection signature is absent in both the first images and the second images, it may be determined that it is a spoofing attempt, and therefore access may be denied.
At 2580, if it is determined that a live person is being authenticated, access may be granted.
III. Anti-Spoofing Face ID Sensing Based on Both Image Modulations and Retro-ReflectionIn some embodiments, retro-reflection signatures may be used in combination with image modulations to detect spoofing. For example, referring to
As another example, referring to
At 2602, face ID data of an authorized person is stored in the computer memory. The face ID data is generated from one or more images of a live face of the authorized person acquired by the camera during a registration process.
At 2604, the light source shines a light beam on an object.
At 2606, the camera acquires an image of the object while the light beam shines on the object.
At 2608, the processing module analyzes the image of the object to extract facial signatures and to determine whether there exists an indication of a retro-reflection of the light beam incident on the object.
At 2610, the processing module compares the facial signatures to the face ID data to determine whether a match exists.
At 2612, in response to determining that the match does not exist between the facial signatures and the face ID data or the indication of the retro-reflection does not exist, access to the electronic platform is denied.
At 2614, in response to determining that the match exists between the facial signatures and the face ID data, and the indication of the retro-reflection exists, access to the electronic platform is granted.
It should be appreciated that the specific steps illustrated in
While this disclosure contains many specifics, these should not be construed as limitations on the scope of any invention or of what may be claimed, but rather as descriptions of features that may be specific to particular embodiments of particular inventions. Certain features that are described in this patent document in the context of separate embodiments can also be implemented in combination in a single embodiment. Conversely, various features that are described in the context of a single embodiment can also be implemented in multiple embodiments separately or in any suitable subcombination. Moreover, although features may be described above as acting in certain combinations and even initially claimed as such, one or more features from a claimed combination can in some cases be excised from the combination, and the claimed combination may be directed to a subcombination or variation of a subcombination.
Similarly, while operations are depicted in the drawings in a particular order, this should not be understood as requiring that such operations be performed in the particular order shown or in sequential order, or that all illustrated operations be performed, to achieve desirable results. Moreover, the separation of various system components in the embodiments described in this patent document should not be understood as requiring such separation in all embodiments.
Only a few implementations and examples are described and other implementations, enhancements and variations can be made based on what is described and illustrated in this patent document.
A recitation of “a”, “an” or “the” is intended to mean “one or more” unless specifically indicated to the contrary.
Ranges may be expressed herein as from “about” one specified value, and/or to “about” another specified value. The term “about” is used herein to mean approximately, in the region of, roughly, or around. When the term “about” is used in conjunction with a numerical range, it modifies that range by extending the boundaries above and below the numerical values set forth. In general, the term “about” is used herein to modify a numerical value above and below the stated value by a variance of 10%. When such a range is expressed, another embodiment includes from the one specific value and/or to the other specified value. Similarly, when values are expressed as approximations, by use of the antecedent “about,” it will be understood that the specified value forms another embodiment. It will be further understood that the endpoints of each of the ranges are included with the range.
All patents, patent applications, publications, and descriptions mentioned here are incorporated by reference in their entirety for all purposes. None is admitted to be prior art.
Claims
1. A security check system using face ID sensing for secure access to an electronic platform, the security check system comprising:
- a first camera configured to form a near ideal image of an object;
- a second camera comprising an imaging lens configured to form a modulated image of the object, the modulated image of the object including deviations from the ideal image of the object;
- a computer memory configured to store face ID data of an authorized person, wherein the face ID data is generated from: one or more near ideal images of a live face of the authorized person acquired by the first camera during a registration process; and one or more modulated images of the live face of the authorized person acquired by the second camera during the registration process;
- a processing module coupled to the first camera, the second camera, and the computer memory, the processing module configured to: analyze the near ideal image of the object to extract a first set of facial signatures; analyze the modulated image of the object to extract a second set of facial signatures; compare the first set of facial signatures and the second set of facial signatures to the face ID data; and determine whether the object is the live face of the authorized person based on the comparison.
2. The security check system of claim 1, wherein the modulated image of the object includes distortions.
3. The security check system of claim 2, wherein the distortions comprise barrel distortions.
4. The security check system of claim 2, wherein the distortions include depth information of the object.
5. The security check system of claim 1, wherein the imaging lens of the second camera comprises:
- a transparent slab having a first surface facing the object, and a second surface opposite to the first surface; and
- a half-ball lens attached to the second surface of the transparent slab.
6. The security check system of claim 5, wherein the imaging lens of the second camera further comprises an aperture positioned at the second surface of the transparent slab, a center of the aperture substantially coinciding with a center of the half-ball lens.
7. The security check system of claim 5, wherein the transparent slab has a first index of refraction, and the half-ball lens has a second index of refraction that is substantially equal to the first index of refraction.
8. The security check system of claim 1, wherein the first camera has a first field of view (FOV), the imaging lens of the second camera has a second FOV greater than the first FOV, and the second camera further comprises:
- FOV converter optics positioned in front of the imaging lens and configured so that the second camera has a third FOV substantially equal to the first FOV.
9. The security check system of claim 8, wherein the FOV converter optics comprises a telescope.
10. A method of security check using face ID sensing for secure access to an electronic platform, the method performed by a security check system including a first camera, a second camera, a computer memory, and a processing module, the method comprising:
- storing face ID data of an authorized person in the computer memory, the face ID data generated from: one or more near ideal images of a live face of the authorized person acquired by the first camera during a registration process; and one or more modulated images of the live face of the authorized person acquired by the second camera during the registration process, each of the one or more modulated images corresponding to a respective one of the one or more near ideal images, wherein the second camera comprises an imaging lens configured so that a respective modulated image deviates from a corresponding near ideal image;
- acquiring, using the first camera, a near ideal image of an object;
- acquiring, using the second camera, a modulated image of the object simultaneously with acquiring of the near ideal image;
- analyzing, using the processing module, the near ideal image of the object to extract a first set of facial signatures;
- analyzing, using the processing module, the modulated image of the object to extract a second set of facial signatures;
- comparing, using the processing module, the first set of facial signatures and the second set of facial signatures to the face ID data; and
- determining, using the processing module, whether the object is the live face of the authorized person based on the comparison.
11. The method of claim 10, wherein each of the one or more modulated images of the live face of the authorized person and the modulated image of the object includes distortions.
12. The method of claim 11, wherein the distortions comprise barrel distortions.
13. The method of claim 11, wherein the distortions contain depth information of the live face of the authorized person or the object.
14. The method of claim 10, wherein the face ID data includes one or more data pairs, each data pair generated from a respective one of the one or more ideal images of the live face of the authorized person and a corresponding one of the one or more modulated images of the live face of the authorized person.
15. The method of claim 10, further comprising:
- in response to determining that the object is not the live face of the authorized person, denying access to the electronic platform; and
- in response to determining that the object is the live face of the authorized person, granting access to the electronic platform.
16. A method of security check using face ID sensing for secure access to an electronic platform, the method performed by a security check system including a first camera, a second camera, a computer memory, and a processing module, the method comprising:
- storing face ID data of an authorized person in the computer memory, the face ID data generated from one or more near ideal images of a live face of the authorized person acquired by the first camera during a registration process;
- acquiring, using the first camera, a near ideal image of an object;
- analyzing, using the processing module, the near ideal image of the object to extract a first set of facial signatures;
- determining, using the processing module, whether the first set of facial signatures matches with the face ID data by comparing the first set of facial signatures to the face ID data;
- in response to determining that the first set of facial signatures does not match with the face ID data, denying access to the electronic platform; and
- in response to determining that the first set of facial signatures matches with the face ID data: digitally modulating, using the processing module, the near ideal image of the object to obtain a first modulated image of the object using the processing module; acquiring, using the second camera, a second modulated image of the object, wherein the second camera comprises an imaging lens configured so that the second modulated image of the object deviates from the near ideal image of the object; comparing, using the processing module, the first modulated image of the object and the second modulated image of the object; and determining, using the processing module, whether the object is the live face of the authorized person based on the comparison.
17. The method of claim 16, further comprising:
- in response to determining that the object is not the live face of the authorized person, denying access to the electronic platform; and
- in response to determining that the object is the live face of the authorized person, granting access to the electronic platform.
18. The method of claim 16, wherein the imaging lens of the second camera is configured such that the second modulated image of the object includes distortions.
19. The method of claim 18, wherein the second camera has a set of distortion parameters, and digitally modulating the near ideal image of the object comprises applying the set of distortion parameters to the near ideal image of the object.
20. The method of claim 16, wherein the first camera has a first field of view (FOV), the imaging lens of the second camera has a second FOV greater than the first FOV, and the second camera further comprises:
- FOV converter optics positioned in front of the imaging lens and configured so that the second camera has a third FOV substantially equal to the first FOV.