Luxand Facial Recognition Widget

Authorize your website users using facial recognition

#3 Product of the DayDecember 04, 2019
Face recognition widget allows you to double up the security using face recognition as 2-FA or authenticate your website users with their faces. Just insert the code into your login page.
Discussion
Would you recommend this product?
14 Reviews4.3/5
Hey everyone, I'm Alex, co-founder of Luxand. We've been in the face recognition industry for 14 years and built a really reliable tech. We've gained the trust of large customers like P&G, Boeing, Samsung, LG, and Foxconn. We're excited to offer you a free widget to authenticate your website users. It’s very easy to set up (you only need to put a piece of JS code into your login page), and it’s very secure because it employes multi-factor authentication under the hood. You can use it for 2-FA to double up on security, using it instead (or along with) text messages and tokens. We have spoofing detection in place, so attackers could not use your pic to authorize. Try it yourself - it's a completely new experience to log into websites using your face. Hope you will like it! We'll greatly appreciate any feedback you may have.
Your "anti-spoof check" needs some work. I just recorded a short video of my face on my phone and your widget logged me in after I pointed the video (playing on my phone) at my webcam... I'm skeptical about your "we do not store any personal data" claim. When you say you store "templates", I presume you mean you're storing extracted facial keypoints or a face encoding after running the face through a convolutional neural network? That is personal data. It's a lossy encoding so not possible to restore the photo from the template but it's still personal data that could potentially be used maliciously if you get hacked. I'm also curious how vulnerable your liveliness detection / "anti-spoof check" is to some of the new "Few-Shot Adversarial Learning of Realistic Neural Talking Head models" work:
@alxcnwy Thank you Alex for your thorough tests! Your feedback is greatly appreciated. You have probably tried logging into our demo account :) The demo does not attempt to recognize you at all, and does not check if your face is live. The intention of the demo was to demonstrate the overall flow, not to authenticate a specific user (since we did not register your face before). Still perhaps we need to make this more clear :) You are correct that templates are created by analyzing the facial photo. The templates are indeed personal data, however they are not personal photos. Such templates are meaningless outside of our authenticating technology. Even if someone gets such templates, it is hard to come up with a scenario of where to use them. One surely could not use such a template to log into Apple FaceID. The talking head tech you mentioned is a real breakthrough in computer graphics. Still, if you generate - even very realistic - talking heads, you need to present them somehow to the camera. To make sure a face is live, our antispoofing tech analyzes the overall look of the face, not just the fact that it moves. Thus, if the face in front of the camera is not real, such a talking head would not allow to sign in. Thanks again for your feedback - it is very valuable for us :)
Hidden comment
Does this widget support mobile phones?
@alexander_boykov Thanks for asking! Sure, users can login using iOS and Android browsers.
@alex_konoplev1 thank you! I'm going to try it.
@alex_konoplev1 can you write here about security issues? Like apple face id - I somehow can trust Apple about it, but here what is the case?
@pdziedzicz Thanks for your question! We don't store any your photos on our servers - only the unique biometric template is stored; your photo could not be restored from that template. We also use strong SSL/TLS encryption so the data could not be intercepted by a third party.
Face recognition for a website? Wow, that's simply amazing!
@paul_shuteyev Yeah logging in using your face is really amazing! :) Thank you!