FacePass

A quick plugin that can be coupled with Auth0's simple identity management and authentication to provide Two Factor Authentication based on Facial Recognition.

Comment

Inspiration

Covid-19 crisis caused inconveniences in probably every aspect of our lives, and I think the one thing it led to the most globally was people working from home. And with that came the headache of ensuring enterprise data was safe. Immediately, firms shifted to multitude of existing security methods like 2FA via SMS or Emails, but having to wait for OTPs and to find your phone again and again at home was becoming troublesome, so we found a better solution!

What it does

Our tech provides a quick framework for developers to add facial recognition based Two factor authentication to their apps in under 5 minutes! All they have to do is copy and paste our custom rule!

The idea is that just like Auth0 makes it easy for developers to get started with authentication and identity management, we wanted to provide a method (sort of an SDK built atop Auth0's features) that can allow any developer using Auth0 to quickly add what we call FFA (Face Factor Authentication) to their products!

How we built it

We built this product using a combination of hooks and rules to extend the functionality of Auth0's authentication systems.

Once the user signup is complete, they are redirected to a URL which allows them to setup their FFA for the first time by clicking a still image and processing it with the powerful Azure's Cognitive Services Face API. Whenever next the user wishes to login into their app, they are redirected to a login page where they can verify their identity using another webcam snapshot, and if the person matches (Face Verification is also performed using Azure Face API), the login is authenticated, otherwise Auth0 never completes the login.

Tech used -

  1. Flask for backend
  2. Azure Cognitive Services Face API
  3. Auth0 simple login

Challenges we ran into

Working with hooks and rules was a big challenge but with Auth0 documentation we were able overcome it and make the process look seamless.

Accomplishments that we're proud of

We're proud to make this work with technology as complex as Facial Recognition and make it so easy for developers to integrate it with their own authentication systems.

What we learned

We learned how to integrate Auth0 with Facial Recognition by making the use of rules and hooks.

What's next for FacePass

FacePass is just getting started, and we have tons of things in mind for it going forward.

The most important aspect that we want to add on, but weren't able to, is liveliness detection. We understand the security risks that come with Facial Recognition, and believe that Liveliness detection is an absolute part of any security addition using Facial Recognition technologies. Surprisingly, this will be extremely easy to build using Azure's head pose detection, and considering it's part of the same Face API, it will add minimum overhead in the computation.

Built With

Share this project:

Updates