ZoOm® 3D Face Liveness & 1:1 Verification Software
iBeta/NIST Certified Anti-Spoofing – Level 1&2
World-Leading 3D Matcher: 1/4,200,000 FAR @ <1% FRR
Universal 3D Liveness, KYC & Matching for +10 Billion Smart Devices & Webcams.
Ends Identity Theft.
UnSharable, UnPhishable & virtually Spoof-Proof.
Patented ZoOm-in user experience creates a 3D FaceMap with a simple selfie.
FaceTec Anchors Digital Identity
with the Most Secure Certified 3D Liveness Detection in History
ZoOm Links a User’s 3D Face to Their Account, & Verifies Liveness Every Time.
For Real Users
ZoOm makes Liveness Checks and 3D face authentication fast, easy and incredibly secure for everyone, regardless of their device. The same intuitive ZoOm UI provides Liveness Checks, Onboarding and Ongoing user Authentication. Simply center your face in the oval and move the camera a bit closer. That video-selfie verifies Liveness, matches the 3D FaceMap and provides instant access.
for Bad Actors
ZoOm provides access security for any app or webpage, unlocking everything from your car door to your bank account. During onboarding, a 3D FaceMap is created anchoring the chain of trust for ongoing password-free user authentication from any smartphone, tablet, PC or Laptop. ZoOm offers more security, flexibility, portability and convenience than any other biometric.
For all modern
smart devices & webcams
instant authentication after a 10-second onboarding
Works in real-world lighting conditions
Great with Glasses, Makeup & Beards
#1 IN THE WORLD
Can a Selfie Really Provide Security?
Obviously, selfies are easy to take. But the real question is whether or not they can provide effective access security. Typically they don’t, but ZoOm’s patented process isn’t just a selfie, it’s a quick face scan that results in both a 3D FaceMap and Liveness Data. ZoOm detects the difference between “likeness” and “liveness” to prevent masks, dolls, videos or photos from fooling the system.
Liveness detection algorithms must observe so many concurrent human traits that no spoof attempt could recreate them all at once. ZoOm’s 3D Face Matching compares the user to their previously-enrolled 3D FaceMap, and if the two FaceMaps highly match (4.2M+ FAR) the now proven-legitimate user is granted access.
ZoOm’s Encrypted 3D FaceMaps:
- Can’t Be Phished From Users
- Aren’t a Biometric Honeypot
- Stop Credential Sharing
- Stop Botnet Attacks
- Match 1:1 & 1:N Better
Want To Learn More?
No Liveness Data = No Honeypot Risk
There are two types of data required for every secure face authentication, Face Matching Data and Liveness Data. Each acts as a part of the same key, and both must be present to gain access. With ZoOm only the 3D FaceMap is ever stored, the ZoOm Server SDK automatically deletes the Liveness Data immediately after each session. Since the 3D FaceMap itself isn’t enough to gain access, new Liveness Data must be collected, time stamped, encrypted and verified for every new ZoOm session. Without storing Liveness Data there is no honeypot risk, and just as photos from Google, Facebook, Instagram or LinkedIn can’t spoof ZoOm, neither can a standalone 3D FaceMap.
HOW ZoOm WORKS
ZoOm observes the user’s head, neck, ears, hair, facial features and their environment as the camera is moved closer to the face. During the ZoOm motion, the camera’s view of the face changes and perspective distortion will be observed if the face is 3D. Conversely, no distortion occurs with 2D objects like photos or videos. FaceTec’s proprietary algorithms capture ~30 video frames while tracking the motion of the device. The result is dynamic perspective, 3D face authentication from a standard 2D camera.
FaceTec is not just another “Facial Recognition” company. Over the last five years, we dove more deeply into anti-spoofing than anyone else – ever. In our own lab we have performed tens-of-millions of spoof attempts with every conceivable type of media while finding ways to stop them. The ISO 30107-3 testing standard guides Anti-Spoofing testing of Biometric Systems conducted by the only NIST/NVLAP-accredited lab, iBeta.
Presentation Attack Detection tests include:
- 2D paper photos & digital images
- High resolution videos
- Image swap-in after liveness check
- Paper masks with eye & mouth cutouts
- Hollywood masks, wax figures & lifelike dolls
- Photos or video frames animated into avatars
- Video projections on 3D heads
- Sleeping users with closed eyes
- Impostors, lookalikes & identical twins
Passing the rigorous iBeta Level 1 & 2 tests results in an unsharable, unphishable biometric that is virtually impossible for criminals to recreate reliably using today’s media technology.
Why Other Biometrics Fail
- Despite constant hype, legacy biometrics will never replace passwords because they don’t have robust liveness detection, aren’t portable across devices, and can’t stop phishing, credential sharing or complicit user fraud. So trusting an unsupervised authentication remains impossible.
- Weak liveness detection – like wink, blink or smile – is easily spoofed by photos and avatar videos. It doesn’t matter how many weak factors you string together for MFA. If a cooperative user can spoof the system with self-captured media, then it can’t be considered secure.
- ZoOm’s robust liveness detection stops external threats like phishing, and internal threats like credential sharing and buddy punching.
- ZoOm is so secure it’s the ONLY factor in many high-security scenarios, such as car-sharing, border security, mobile banking and mobile payments.
- ZoOm is the new standard in biometrics because it’s universal, portable across-devices and across-platforms just like a password, but much more secure.
Biometric Best Practices
- Choose strong 3D liveness & anti-spoofing technology. Without it, you can’t trust unsupervised authentications and you will be at risk for security and PR problems.
- Don’t expect users to buy a specific device just for your biometric. It needs to work on what they already own.
- Insist on a straightforward, intuitive interface. Users must prefer the biometric or they won’t use it.
- Server-side matching is the only biometric model that can truly replace passwords, enable cross-platform logins, simplify device upgrades and allow multiple devices/user. On-device matching isn’t future-proof.
- Choose a diverse algorithm. Don’t be accused of having a “biased” biometric just because the training sets used to create it were too homogeneous. ZoOm trained with users from over 160 countries.
- Get the Forrester Report: The State Of Facial Recognition For Authentication And Verification
ZoOm vs.Face ID
Face ID is a specialized hardware sensor that unlocks one specific phone. Face ID, along with fingerprint readers are “Decentralized Biometrics” which can never replace passwords because the users’ data never leaves the device and no identity can be proven to a 3rd party. ZoOm runs on over 10 billion supported devices because it is a 100% software solution that provides the flexibility of cross-device, cross-platform face authentication, and is the only biometric in the world to successfully pass the iBeta Level 1&2 PAD ISO 30107-3 tests.
Apple's Face ID
|Purpose||Universal 3D Face Authentication||Conveniently unlock an iPhone X or XS|
|Installed Base||10+ Billion Smart Devices [Android (85%) + iOS (14%) & Webcams||Under 5% of in use iOS devices have Face ID|
|Portable||Yes, Cross-Device & Cross-Platform||No, one device only, biometric data can never leave that device|
|Technology||Software: Real-time Computer Vision + 100% FaceTec built proprietary AI||Hardware:Infrared Camera Array ($25) and Neural Network Chip ($26)|
|Interface||Proprietary, Intuitive 3D Video Selfie: ~2 Seconds||Glance at phone to unlock in few hundred milliseconds (claimed)|
|SDK Info||Easy-to-integrate for Android/iOS, plugins for Xamarin, Cordova, Phonegap, Ionic and Appcelerator||No stand-alone SDK possible, special hardware is required|
|Liveness & Depth Detection||TrueLiveness® detection observes & measures 3D Depth, skin texture, eye reflections, eye focus, and many more human traits.||TrueDepth uses projected infrared dots, and needs a special neural network chip to determine if the user is a match and is 3D|
|IP||2 US Patents on the 3D ZoOm process issued, +10 additional patents pending globally||20+ infrared related patents from the purchase of PrimeSense in 2013|
|FAR/FRR||1/100,000 - 1M depending on lighting and camera - 3-5% FRR in normal lighting||1/1M (Self Attested) However, numerous False Accepts have been observed|
|Identical Twins||1/500+ Identical Twin FAR||Apple says, “If you have a Twin, use a PIN.”|
|Children||No observed issues authenticating children, but check local laws before using in your area.||Apple says, "Children under 13 should not use Face ID"|
|3rd Party Testing/Certs||iBeta – Certified Level 1&2 Spoof Detection iBeta – DEA EPCS Biometric Subsystem Certification UL – Presentation Attack Detection Testing Praetorian Security – Black-Box Penetration Testing||None Publicly Stated|
|Additional Features||Face Image Audit Trail, Multiple-Device, Cross-Platform , Liveness/Match Confidence Score, Store FaceMaps in a Blockchain||Apple says the biometric data will never leave the device, but will store images on device for future upgrades to algorithms|
Clients & Partners
FaceTec is proud to highlight just a few of the organizations providing ZoOm’s class-leading biometric security.
- Supports iOS 8.3+ & Android 4.3+ devices & webcams
- Available in 30+ languages with easy customization
- Portable, cross-device, cross-platform 3D face matching
- Unrivaled liveness detection, Certified PAD Level: 1&2
- False Acceptance Rate (FAR) of 1/100,000 – 1,000,000
- Encrypted FaceMap storage on managed/private cloud
- Lightweight & easy-to-integrate SDKs
- Simple, straightforward and secure RESTful API
- Codebase Tested by Praetorian Security
- Plugins for Xamarin, Appcelerator/Titanium, Phonegap, Cordova, Ionic & React Native
View the ZoOm Configuration Options
ZoOm is free for many organizations – See Pricing
Ready to integrate?
ZoOm via FaceTec Managed API is free for educational use and to developers. Enterprises, businesses and those who wish to host the ZoOm Server SDK on their Cloud/Server are billed monthly based on usage.
ZoOm via Managed API is Free for:
- Educational use
ZoOm is Billed Per User or Per Session for:
- Large & small businesses
- Enterprise accounts
- Government agencies
Case Studies & Resources
Learn more about ZoOm’s use cases, interface, security and 3rd-party testing, below.
Independent 3rd-Party Testing & Certifications
OWASP: Black & White-Box Pen Testing
ZoOm SDK Penetration Testing
FIDO Member Since 2014
Simpler Stronger Authentication
June 6, 2019
Israel-based startup ZenGo has just launched a cryptocurrency wallet that uses some clever cryptography powered by ZoOm to make...READ MORE
May 22, 2019
Powered by FaceTec’s ZoOm, Yoti has been approved as a digital ID for age-restricted purchases such as energy drinks,...READ MORE
May 17, 2019
Startup ZenGo has implemented a password-free security architecture … including biometric 3D face authentication … provided by FaceTec’s ZoOm...READ MORE
Founded in 2013, FaceTec is the world leader in 3D Face Authentication software with offices in San Diego, CA, Summerlin, NV, New York, NY & London, England.