Rtcaptcha: a Real-Time Captcha Based Liveness Detection System Erkam Uzun, Simon Pak Ho Chung, Irfan Essa, Wenke Lee

rtCaptcha: A Real-Time Captcha Based Liveness Detection System Erkam Uzun, Simon Pak Ho Chung, Irfan Essa, Wenke Lee

SMILE, AND YOU ARE AUTHENTICATED ATTACK CHANNELS OF BIOMETRIC AUTHENTICATION ENDLESS ARMS RACE vs A MORE FUNDAMENTAL ACCURACY ANALYSIS Face Verification Cloud Services APPROACH? Accuracy (%) Accuracy (%) Response Time Challenge ◉ Microsoft Cognitive Services IDEA: Base our solution (1 trial) (2 trials) (seconds) on a known hard problem Plain-text 90.3 100 0.77 ◉ Amazon Rekognition ◉ Face++ Captcha 88.8 98.4 0.93 ◉ Kairos Human Analytics Smile/Blink 85.5 100 5.01

CHALLENGE: Prove you SECURITY ANALYSIS are the real user by 67897:: Users in ,-.-/0: Man-powered Captcha solving services. reading the answer to the our user study. ,-. : OCR-based Captcha decoding services. CAPTCHA in front of the 1.2 camera please. ,-.345-: State-of-the art Captcha breaking tool.

Computer graphics will Captcha Captcha Recognition Accuracy (%)

ADVERSARIAL MODELS vs DEFENSE SYSTEMS NOT help since you can Sample Scheme 67897: Atc>?@ AtcABC AtcDEF> NOT generate the right 24G90-.H9I7842J. 87.1 96.7 0 77.2 AND THAT IS ONLY THE BEGINNING… . 3D Face video without solving the Still Video Model, K39/I7842J. 94.1 100 0 58.8 3D Mask CAPTCHA. Image Replay DL- Attack L9I:4MI7842J. 87.7 96.7 0 2.2 Attack Attack Based OUR APPROACH: rtCAPTCHA 24G90-.H9 88.0 91.5 0 N/A Attacks Send randomized challenges as CAPTCHA 0H2954 Captcha Captcha Response Time (seconds) CHpa CHpa CHpa CHca Sample Scheme Auth. Send Captcha 67897: Atc>?@ AtcABC AtcDEF> Motion Request Challenges Extra 24G90-.H9I7842J. 0.90 22.11 2.98 10.27 Blink, consist., H/W,e.g., K39/ 0.73 12.33 2.79 5.98 Smile… Texture, ? If I7842J. IR, Depth -Display Detection Reflect. Captcha resp. L9I:4MI7842J. 0.89 15.05 3.30 15.50 Camera Captcha Analysis match. & -Get voice 24G90-.H90H2954 1.02 20.88 3.03 N/A ! ≤ ! & response "#$% '()*+ Face and voice COMPROMISING ATTACK EXAMPLE -Grab face verified CONCLUSIONS 3D Model Fitting - Fit face model on a Verified Image Credit: IBM Future of Identity Study A ◉ Smile/blink etc. detection is weak against spoofing. malicious Capture 3DMM. ◉ rtCaptcha: Audio/image analysis à CAPTCHA UNFORTUNATELY… CRAZYTALK HAPPENED… app, has enough raw - Synthesize facial texture. ◉ rtCaptcha: Very limited time to; access to material, e.g., - Transfer 3D face to a VR USER STUDY The free sample of the tool CrazyTalk can create cartoon cam., mic., victim’s face environment. * Break Captcha version of a person and defeat all tested systems…. etc. - Give real-time challenge Challenges * Synthesize voice/face of the victim. 100% impersonation against Face API (MS), Face++ response. ◉ ⦿ Plaintext – Numeric and Phrases (Alipay) ◉ Limitation: rtCaptcha needs audible response, which ⦿ Numeric Captchas – reCaptcha, Ebay, Yandex could NOT be usable in certain environments. ◉ 90% impersonation against Amazon Rekognition ⦿ Animated Phrase Captchas – reCaptcha Also defeats existing liveness detection THREAT MODEL ⦿ Blink/Smile ◉ You can make the cartoon smile, blink, nod, talk whenever you want Automated compromising attacks. ◉ Camera, microphone and device kernel are compromised. ◉ No form of attestation. ◉ Known client-server protocol. ◉ State-of-the art synthesizers and Captcha breaking tools. Authentication server is NOT compromised. Genuine Spoofed Genuine Spoofed ◉ MS Face API : 68% Similarity Smile: Smile: Amazon Rec : 74% Similarity 0.001 0.421 Face++ : 88% Similarity Kairos : 75% Similarity

POSTER TEMPLATE BY: www.PosterPresentations.com