In my previous post, I explored the capabilities of AWS Rekognition as a Digital Identity Verification provider. Now, let’s investigate whether AWS Rekognition, like Onfido and BioID, can detect deepfakes. According to the documentation, AWS Rekognition employs AI and machine learning within the Face Liveness feature to effectively detect spoofing attacks.
Let’s generate one light fake and test it using the Face Liveness feature. I used the Video Recorder Extension to capture the video that was sent to Rekognition during my Face Liveness attempt from the previous post. I created a light fake of Krzysztof using Vidnoz AI Tools.
I also merged it with the original video for better visibility.
The next film demonstrates a Face Liveness check using a light fake injected into the AWS console through the Chrome browser. If you’re curious about how the video injection is done, you can read about it here. AWS does not set a default threshold for the score that indicates whether a person passes the liveness check, so customers need to set their own threshold. Based on my previous tests, I conducted several liveness attempts, so let’s assume our threshold is 90. The first result was just 55. Notice the sequence of flashing colors, which differs each time. For the second attempt, the result was again only 55. The third attempt resulted in a score of 62.
So, all my attempts were unsuccessful.
A score of 62 is far from our target of 90.
Nevertheless, let’s take one of the frames and Krzysztof’s photo face extracted from his ID and test it using the Face Comparison feature.
As you can see, the similarity score is almost a perfect 100%. However, it’s important to note that the Face Comparison feature is not intended to detect deepfakes, but rather to compare facial traits between images. This highlights why the liveness check is so crucial for the digital identity verification process.
Let’s check if all the magic of Face Liveness lies in those flashing colors and their sequence, which is randomized each time. Here are another three attempts with an injected prerecorded video of my attempt from my previous post where the score was 99.93. The video is not manipulated, it depicts only me.
As you can see, all three results are just above 70, still far from 90. So, to successfully cheat AWS, it would probably be necessary to generate a deepfake in real-time, taking into account the new randomized sequence of colors.