Security and authenticity in online transactions have become fundamental in the most varied types of companies. This is where liveness comes in, an innovative technology that is transforming the way documents are digitally signed.
Imagine signing important contracts with just a selfie. This once seemed somewhat futuristic, but it is already part of our reality today thanks to liveness.
After all, it verifies in real time whether the person appearing in the selfie or video is really who they claim to be. This not only increases the security of digital transactions, but also resolves long-standing authentication issues such as the misuse of still photographs.
In this article, we will explain how this technology works and why it represents a significant leap forward in terms of digital security. Let's go ahead?
What is liveness and what role does it play in digital signatures?
Liveness is the technology that verifies in real time whether the person in a selfie or video is alive and present, preventing identity fraud and spoofing.Unlike traditional methods that only compare images, liveness analyzes signals such as eyes, mouth, nose, skin texture, and natural movements, ensuring greater security in digital signatures and biometric processes.
The term refers to the ability of a system to verify that the person in a selfie or video is alive and present at the time the image is captured. This goes beyond simple photo analysis; is a real-time check that seeks to ensure that the face shown is that of a real person, and not a static image or recording. This method is crucial to confirm authentic human presence at the exact moment of signing.
Therefore, the use of liveness represents a significant evolution in authentication of digital identities. After all, previously, the verification by selfie could be susceptible to flaws, such as using third-party photos to sign documents. This type of fraud could lead to legal challenges regarding the validity of signatures, putting the integrity of the signing process at risk.
With the introduction of liveness, these concerns are significantly reduced. When a user takes a selfie to authenticate a digital signature, the technology in question ensures that the face is captured in real time.
This effectively prevents the use of still photos or pre-recorded videos, providing an extra layer of security. This verification not only increases the reliability of the digital signature but also strengthens trust in online transactions.
Another benefit of liveness is its contribution to a experience safer and more efficient. Instead of long and complex authentication methods, users can validate their identity quickly and directly, with their cell phone in hand.
This simplified approach makes the digital signature process more accessible with less possibility of errors, benefiting both companies and their customers.
What is liveness detection (digital proof of life)?
O liveness detection, Also known as proof of life detection, is a technology that identifies whether the person performing authentication is actually a living human being present at that moment.
This technology is essential to increase the security of processes that use facial recognition, such as digital signatures, system access and identity validations. Without liveness, recognition systems could be fooled by photos, videos or even 3D masks.
The main goal of liveness detection is to prevent fraud by ensuring that the interaction is happening in real time with the right person. In other words, it differentiates a real face from an attempted spoof.
There are different liveness detection methods, which analyze characteristics such as eye movements, facial expressions, skin texture and even small variations in natural lighting on the face.
By incorporating liveness into digital processes, companies protect their systems against unauthorized access and offer greater security to their users — something that is especially important in sectors that deal with sensitive information, such as finance, legal and healthcare.
Types of liveness detection: active vs. passive
There are two main ways to perform proof of life detection: active liveness and passive liveness.
No active liveness, the system asks the person to perform a specific action, such as blinking, smiling, turning their face or following an object with their eyes. These simple actions prove that the person is alive and present, since it would be much more difficult for a fake image or video to perform these movements correctly.
Now at passive liveness, the system detects proof of life without requiring any action from the user. The technology analyzes micro details of the captured image, such as depth, skin texture and behavior of light on the face, to conclude whether it is a real interaction. Everything happens in the background, transparently to the user.
Each approach has its advantages: active liveness offers an extra layer of security, while passive liveness provides a more fluid and less invasive experience.
The choice between active and passive depends on the sensitivity of the application and the desired level of security. In many cases, combinations of both techniques are used to maximize fraud protection.
Technical operation of liveness detection
The technical operation of liveness detection combines artificial intelligence, image analysis and, in some cases, specialized sensors.
The process starts with the image capture or videos of the user's face, using the device's camera. Advanced algorithms then analyze several signals:
- natural movement: microexpressions, eye movements or head movements;
- skin texture: analysis of how light interacts with the skin surface;
- depth: checking the three-dimensionality of the face, differentiating flat images from real faces.
In active liveness, the system validates whether the user responded correctly to stimuli (such as blinking or smiling). In passive liveness, the verification is done automatically, without the need for interaction.
Some solutions even combine other technologies, such as heat detection or infrared pattern analysis, to reinforce the identification of living beings.
All this analysis happens in just a few seconds, providing a safe, fast and effective experience for the end user.
Compliance with LGPD and other regulations
The use of liveness detection involves the processing of sensitive biometric data — such as facial images —, which requires compliance with regulations such as General Law on Data Protection (LGPD) in Brazil.
According to the LGPD, biometric data is classified as sensitive personal data and requires special care in its processing. This includes:
- obtaining of explicit consent for the collection and use of data;
- clear purpose for the use of biometric information;
- transparency in privacy policies;
- implementation of security measures for data protection.
Furthermore, biometric data storage must be carried out securely, with retention policies that limit the storage time of information to the minimum necessary.
Companies that use liveness detection need to ensure that the collection, storage and use of this data respects all legal and ethical principles established by the LGPD, in addition to other applicable legislation, such as the GDPR in Europe.
Compliance not only avoids sanctions, but also strengthens users' trust in the service provided.
Challenges of liveness detection
Despite technological advances, liveness detection still faces some important challenges.
One of the main ones is the false positive or false negative rate. In some cases, the system may mistakenly identify a fraud attempt as valid (false positive) or reject a legitimate user (false negative), especially in poor lighting conditions or poor camera quality.
Another challenge is to ensure accessibility. People with physical disabilities, motor limitations or specific facial conditions may find it difficult to interact with systems that require specific movements, such as active liveness.
There are still concerns related to privacy e data protection, especially in contexts where storage of biometric images is necessary.
Furthermore, the emergence of technologies such as deepfakes (falsified hyper-realistic videos) represents a new type of threat that demands constant updates to liveness algorithms.
To overcome these challenges, it is essential to invest in robust, constantly evolving technologies and adopt transparent and responsible usage practices.
So liveness detection is a powerful tool — but to reach its full potential, it needs to be implemented with attention to technical, ethical, and legal limitations.
What is the difference between liveness and traditional digital authentication methods?
Traditional authentication methods like passwords, PINs, and security tokens have formed the foundation of digital security for decades. They require users to remember and enter unique credentials to access their accounts or sensitive information.
Although widely used, these methods have several vulnerabilities, including weak passwords, password reuse, and susceptibility to phishing attacks.
Liveness, on the other hand, uses physical and unique characteristics of individuals to establish their identity, such as the selfie, as mentioned previously.
This form of authentication offers significant advantages over traditional methods, such as greater accuracy, convenience, and resistance to brute force attacks. Therefore, the main advantage of biometric authentication lies in its accuracy.
Liveness identifiers are different for each person, reducing the risk of impersonation or unauthorized access. In contrast, traditional authentication can be compromised through weak passwords or PINs, making it susceptible to hacking attempts.
Therefore, when using liveness, your users no longer need to remember complex passwords or carry physical tokens; they can authenticate themselves with a simple touch or glance. This convenience promotes widespread adoption and encourages users to prioritize security.
How does liveness work to prevent fraud?
We will now present the most used methods for liveness detection and how they contribute to digital security.
Motion analysis
This method is based on tracking and analyzing the subject's movement. For example, in facial recognition systems, the system may instruct the user to blink, smile, or nod.
Legitimate users will respond with natural, involuntary movements that can be detected, while still images or videos cannot convincingly replicate these movements.
3D depth sensing
Despite the current limitation of resolution in cellular With 3D depth sensing capability, this technology is evolving. It allows for more sophisticated liveness analyses, detecting the presence of depth in the face, which is difficult to replicate with falsified representations.
Texture analysis
This technique involves examining the fine details and textures of the skin or fingerprint. Genuine leather exhibits unique characteristics and perspiration patterns that are difficult to replicate with a photo or synthetic material.
Tests and challenges
Liveness detection can also involve tests and challenges, where the system asks the user to perform specific actions, such as turning their head or speaking a random phrase. It analyzes responses to determine liveliness.
AI and machine learning
Advanced algorithms artificial intelligence and machine learning are employed to detect subtle transformations in the image that result in presentational attacks. This includes analyzing minuscule variations in facial expressions, pupil movement, and mouth shape, which are difficult to replicate in fake representations.
⚠️ Also check out these related articles 👇
➡️ Learn how to sign with a digital certificate
➡️ Understand what a digital signature verifier is for
➡️ What is a digital contract and how to adopt one for your company
What are the steps to use liveness?
Now, let's detail each step so you can use this technology effectively.
1- Create document
The first step involves creating the document that needs to be signed. This can be done on a digital platform that supports liveness technology. Here, you have the option to create a new Valid identity document or upload an existing one that requires a signature.
2- Select the document to sign
After the document is ready, the next step is to select it for the signing process. This step is crucial as it ensures that the correct document is being prepared to receive the necessary signatures.
3- Opt for advanced authentication
Then, you must choose the advanced authentication option on the platform. This choice is essential to enable the use of liveness, providing an additional layer of security to the signing process.
4- Select the liveness
With advanced authentication enabled, the next step is to specifically select liveness as your authentication method. This selection confirms the use of technology to verify the signer's identity securely and reliably.
5- Position signatures and headings
Depending on the document, you may need to position signatures and headings in specific locations. This step allows you to define exactly where signatures should be applied, ensuring the document is signed appropriately and as required.
6- Send the link to the signatory
Finally, after all the preparations and configurations, you must send the document link to the signer. Upon receiving this link, they will have access to the document and will be able to proceed with the signing process, using liveness to authenticate their identity.
What are the rules when using liveness?
Finally, let's look at the main rules below to ensure an adequate and efficient user experience.
Cost per use
Liveness, as an advanced functionality, involves a specific cost. Each use of this technology costs 15 credits, equivalent to R$1,50. This value is an important consideration for companies and individuals planning to utilize liveness on a large scale.
It is important to understand that credit discounts only occur after the document signature be completed successfully, ensuring that the cost is only associated with effectively authenticated and completed transactions.
System configuration
Liveness is configured with a flag in the Django system, default enabled as “nxcd” for all companies. This default setting means that initially all companies have access to liveness.
However, if a customer experiences difficulties with this functionality or chooses not to use it, it is possible to disable this flag. The ability to turn functionality on or off gives businesses flexibility to tailor its usage to their specific needs and preferences.
Authentication process
When using liveness, an authentication process is performed that includes recording a video to identify the presence of a human. This video is a crucial part of the process, as it is where the system analyzes and verifies the vivacity of the person signing the document. The video serves as proof that the signature was made by a real person present at the time of signing.
Attaching selfie and signature report
After video recording and successful liveness check, a selfie is attached along with a signature report. This selfie serves as an additional layer of proof, strengthening the authenticity of the signing process.
The signature report, in turn, provides details about the transaction, including liveness verification, offering complete documentation for audit and compliance purposes.
In conclusion, now that you know liveness, what are the steps to implement it and what rules must be followed, how about starting to use it in your company?
Click here to learn about this solution offered by us, at ZapSign!
Getúlio Santos is the CEO of ZapSign, a lawyer, technology enthusiast, and entrepreneur.
