PalmSight

• 

  Sign Up page

• 

  Login page

Inspiration

PalmSight was inspired by CAPTCHA, two-factor authentication, and the playful ways people prove their identity online. I wanted to design a login system that was both secure and fun, without the hassle of remembering complicated passwords or writing them down.

What it does

PalmSight is a password-free authentication system that combines facial recognition with a custom hand gesture (thumbs up, peace sign, palm, etc.). Users sign up by registering their face and gesture of choice, and then log in by reproducing the same combination. It’s simple, personal, and unique—glasses on or off, casual or precise, you can make the gesture as easy or as challenging as you like.

How we built it

I used Node to create both the backend and frontend. JS was the main programming language alongside HTML and CSS for styling and setting up the webpage. All of the functional programming was done in JS, from mediapipe to cosine similarity. I used Mediapipe to identify both hands and the face. Mediapipe models were used to identify faces and hands, turn them into a vector, and then save them to the JSON database. For the login page, the camera captured and fed vector encodings to the back end, where it used cosine similarity to find if there was a match in the database. Face and Hands cosine similarities were compared separately, and if each of the values was over a threshold, they would combine to let the user log in.

Challenges we ran into

Due to time constraints, I was unable to get a Supabase database implemented, but this is the next step. I originally had a combined score for cosine similarity of both hands and face, but quickly decided to pivot from that idea due to similar combined scores over multiple users. I believe that the greatest challenge I ran into was getting started and figuring out where things go in the starter template that Node creates. I spent quite some time trying to figure out what goes where.

Accomplishments that we're proud of

Logging in has never been easier or more user-friendly/accessible. This is a fun and secure form of login that doesn't require you to memorize passwords or passkeys.

What we learned

I learned that while you may know a language pretty well, there are always nuances that will seem impossible. JS is a difficult language, and Node can be very confusing at times. Biometric systems need careful design choices to avoid overlap and ensure accuracy. AI is an amazing tool to help you figure out what you're doing. AI should be used in conjunction with human input. You shouldn't let AI do everything for you; you need to treat it like an extra team member. You need to be able to communicate well and understand what it is doing. AI is exploding with possibilities, but no one can truly do something well without understanding what it is they are doing.

What's next for PalmSight

Integrate with two-factor authentication (2FA) to improve security. Move from local JSON storage to a secure database like Supabase or Firebase. Test robustness on more users and edge cases (different lighting, angles, accessories). Explore how PalmSight could integrate into real websites and apps as a fun alternative to traditional passwords.

Built With

• css
• github
• html
• javascript
• json
• mediapipe
• node.js
• react