Face recognition in controlled environments is nowadays considered rather reliable and very good accuracy levels can be achieved in controlled scenarios by state-of-the-art systems. However, even under these desirable conditions, digital image alterations can severely affect the recognition performance. In particular, our group first demonstrated (in the 2014, link) that automatic face recognition systems are very sensitive to the face morphing attack, where face images of two individuals are mixed to produce a new realistic face image containing facial features of both subjects.
Face morphing represents nowadays a big security threat particularly in the context of electronic identity documents because it can be successfully exploited for criminal intents, for instance to fool Automated Border Control (ABC) systems thus overcoming security controls at the borders. Identity verification at an ABC relies on the comparison of a live face image with a digital face image stored in a Machine Readable Travel Document (eMRTD) such as an e-passport. If a morphed image, which is similar enough to the face of two subjects, can be included in an eMRTD, then two persons can share the same document. In this scenario, a criminal could exploit the passport of an accomplice with no criminal records to overcome the security controls. In more details, the subject with no criminal records (i.e., the accomplice) could apply for an eMRTD by presenting the morphed face photo; if the image is not noticeably different from his/her face, the police officer accepts the photo and releases the document.
The attack will be successful if the morphed image contemporarily meets two conditions:
- It is able to fool the human expert, i.e., the morphed face must be very similar to the accomplice who applies for the document and no elements (e.g., morphing artefacts) of the image should raise suspicions;
- It fools the face recognition system used for automatic identity verification, meaning that the morphed face can be successfully matched with both subjects (criminal and accomplice).
Morphing attacks can be conducted on:
- Digital images;
- Printed-and-scanned (P&S) images.
The former use case is inspired by the practices of various countries which allow to upload a digital representation of the face image for various applications such as passport renewal in UK and visa application in New Zealand. The latter is used in many countries where the passport/visa/identity-card applicant is requested to provide an image such as in India and in most European countries and this leaves the opportunity for a malicious actor to morph the facial image before it is printed.
There are basically two families of approaches to deal with the morphing attack:
- Single‐image based, where the presence of morphing alterations is detected on a single image, such as the id photo presented to the officer at enrolment time or the face image read from an eMRTD during verification at an ABC gate;
- Image‐pair based (a.k.a. differential morphing attack detection), where the comparison between a live image (e.g., acquired at the gate) and that stored in the eMRTD is exploited for morphing attack detection.
Unfortunately, even if several Morphing Attack Detection (MAD) approaches have been proposed in literature, nowadays two major issues remain unsolved. In fact, currently available MAD solutions are still not able to:
- Deal with P&S images where fine details (i.e., digital processing artefacts) that could help to detect morphing are lost during the P&S process;
- Generalise across different databases.