In electronic signature workflows, the liveness It functions as a biometric verification layer that helps confirm there is a real person in front of the camera, and not an attempt at fraud, especially when this proof of life is combined with... 3D facial recognition, which uses depth information to model the face.
The process tends to become more resistant to common tricks, such as the use of printed photos, video replay, and masks. In practice, the company reduces manual steps, gains traceability of what was done in each attempt, and improves the consistency of auditing the signature workflow.
For companies, the gains usually appear in two aspects of daily operations: less operational friction to release a signature that has already been approved on its merits, and more security to uphold the decision when someone later challenges a signature.
In other words, instead of treating biometrics as a "barrier," it's worth viewing it as an adjustable risk control: you calibrate the level of requirements according to the type of contract, the value involved, and the fraud profile of the sales channel. This prevents a simple process from becoming bureaucracy and, at the same time, closes the most obvious doors for automated attacks.
Summary
- How 3D facial recognition and advanced liveness complement each other in identity verification for signatures.
- Practical workflow: capture, biometric template, proof of life, decision by similarity, and fallback.
- Common attacks (photo, video, masking, deepfake) and controls to reduce risk.
- Evidence for auditing: technical records, event trails, and process integrity.
- KPIs to track: FAR, FRR, signing time and rejection rate.
Quick facts
- Na General Law on Data Protection (LGPD)Biometric data is treated as sensitive personal data, requiring a legal basis and enhanced care in its handling.
- O NIST report on facial recognition assessment It discusses variations in performance and reinforces the need for continuous testing and monitoring.
- According to Juniper ResearchThe adoption of facial recognition in payments is expected to scale globally, putting pressure on organizations to strengthen fraud controls.
How 3D facial recognition connects to advanced liveness.
3D facial recognition adds a dimension that 2D lacks: depth information. Instead of simply comparing textures and points on a flat face, the system attempts to reconstruct a "map" of the facial features, making it more difficult to use a static photo and improving robustness against simpler spoofing attempts.
Advanced liveness testing attempts to answer another question: did the sample come from a human being present at that moment, or from an artifact (photo, screen, video, mask, digital manipulation)? Combining the two reduces the risk of accepting a fake sample that still looks "similar" in 2D.
In practice, "3D" can mean different technical approaches: dedicated sensors (when available), multi-angle capture, analysis of light and shadow variation, or models that estimate depth from the video. The operational point is the same: to increase the cost of the attack.
In scalable fraud, the attacker seeks repeatability and low effort. When the flow demands temporal consistency, responsiveness to challenges, and signs of depth, the attack success rate tends to decrease and the cost per attempt increases, directly impacting the volume of fraud that goes undetected.
Practical end-to-end workflow
A typical workflow begins with guided capture. The user frames their face, the system validates minimum conditions (lighting, sharpness, centering), and collects images or video frames. Then, extraction occurs. biometric template, which is a mathematical representation used for comparison.
This template is not a "photo" and should not be treated as a mere image file, because it can allow identification. Therefore, it makes sense to have retention governance, encryption, and access control throughout the data lifecycle.
1) Capture and quality checks
Before making any decision, the system typically validates quality to reduce false negatives and prevent the user from repeating the process multiple times. It is also here that basic signs of attack are detected, such as screen edges, suspicious reflections, and compression patterns.
In sales environments, guidance needs to be objective: short instructions, clear error feedback, and low wait times. If the lead capture process is lengthy, the chance of abandonment increases, and this is reflected in the rejection rate, especially in mobile scenarios and on unstable networks.
2) Template extraction and normalization
After capture, the system normalizes the sample (e.g., adjusting rotation and scale) and extracts the template. For auditing purposes, it's worthwhile to log relevant parameters without exposing more raw content than necessary: model version, quality score, timestamp, and flow events.
When a model is updated, the company needs to monitor performance changes. An adjustment that improves the approval rate can, if poorly calibrated, increase risk. And the opposite is also true: excessive rigidity reduces fraud, but increases friction and operational costs.
3) Advanced liveness check and PAD
Liveness confirms signs of "life" and presence, while PAD (presentation attack detection) focuses on identifying attacks by presentation, such as photos, videos, or masking. To standardize evaluation, some tests use specific metrics and measurement plans, as described in... FRVT PAD from NIST, which defines how to measure performance in automated detection of presentation attacks.
This helps transform "seems safe" into comparable numbers, which is useful for supplier selection, architecture review, and defining internal risk policies.
In advanced liveness, it is common to combine signals such as: microexpressions and temporal consistency, lighting variation, screen edge detection, skin texture, eye reflex analysis, estimated depth checking, and active challenges (such as requesting a movement).
There is no single "method" that solves everything, because attackers evolve. The flow design must anticipate that a control will fail at some point, and therefore, robustness usually comes from signal overlap and the ability to investigate suspicious attempts with sufficient technical evidence.
4) Comparison by similarity threshold
In the comparison, the system calculates a similarity score between the current sample and the reference template, and decides based on a threshold. This threshold directly impacts two KPIs: FAR (false acceptance rate) and FRR (false rejection rate). Adjusting the threshold is a matter of risk versus experience.
In low-risk contracts, a cash flow might accept a slightly lower FRR (Frequency Reward Rate) to reduce abandonment. In higher-risk cash flows, increasing requirements and accepting more rejections might be a valid choice, provided there is a clear fallback mechanism to avoid stalling the operation.
5) Authentication and escalation fallback
When the system rejects an application due to liveness, low quality, or a score below the threshold, the workflow needs a fallback. Some common paths include: retrying with different instructions, validation by document and selfie, multi-factor authentication, or manual review based on evidence.
The goal of fallback is to maintain security without turning the process into a "queue." From a legal perspective, fallback also provides predictability: you can explain why a legitimate user was rejected and what exception procedure was applied, with a trail of what happened at each step.
Most common attacks and how advanced liveness reacts
Photo and video (replay) attacks still occur because they are cheap and scalable. Masks and 3D artifacts increase costs, but can be used in targeted fraud. Deepfakes pose a risk when the attacker manages to generate a plausible face or manipulate the video to "pass" as simple liveness.
Therefore, the focus is not only on blocking one type of fraud, but on reducing the attack surface with complementary signals. In technical assessments, the topic of PAD and rate nomenclature appears in NIST reports, which also cite standards such as ISO/IEC 30107-3 in the context of measurement and terminology, as in NIST IR 8381 report.
| Type of attack | Practical example | Useful controls | Operational risk if it fails |
|---|---|---|---|
| Printed photo or on screen | Image of face displayed on cell phone | PAD with texture, screen border, reflection analysis, depth check. | Undue acceptance in high volume |
| Video replay | User video blinking in a loop | Active challenges, temporal consistency, compression analysis, and repetition patterns. | Fraud with a low investigation rate |
| 3D Mask | Artifact with relief resembling a face. | Skin signs, microtexture, heat (when applicable), multi-signal check and risk score. | Targeted fraud in sensitive contracts |
| Deepfake | Near real-time video manipulation | Inconsistency detection, artifact analysis, active challenges, and attempt monitoring. | Disputes and reputational risk |
One point to note is that attackers tend to test the flow until they find a "weak point": a poor camera, low lighting, an unstable network, and repeated attempts. Therefore, attempt control is part of security. Limiting the number of attempts per time window, correlating device, IP, and behavioral patterns helps reduce automated attacks.
In a B2B scenario, it's also worth considering the acquisition channel: flows triggered by email and WhatsApp can be targets of social engineering, and biometrics become just one layer within a larger control of identity and intent.
Evidence and audit trail for dispute resolution.
In electronic signatures, security is not just about blocking fraud, but also about being able to demonstrate what happened when someone questions it. To achieve this, audit trails must record relevant events in the workflow: timestamps, liveness results, similarity scores, attempts, and reasons for rejection.
Depending on the design, associated "artifacts" such as capture images and technical metadata can also be stored. It is important to align this with data minimization: storing only what is necessary for auditing and compliance, for a defined period, with restricted access and access logs.
In best practices for remote identity verification, risks and countermeasures often include liveness mechanisms and audit trails, as described in ENISA guide about remote identity proofing.
In a legal context, this type of reference helps structure internal policies: when to require biometrics, what evidence to store, when to escalate to manual review, and how to justify exceptions. It also assists in supplier due diligence because it prioritizes technical and operational criteria over generic promises.
KPIs that help govern risk and attrition.
Without metrics, the team only notices a problem when a dispute arises or when operations complain about a rejection.
Monitoring KPIs allows you to adjust thresholds and controls before they generate costs. In addition to FAR and FRR, it makes sense to measure the confirmed fraud rate (by channel), average signup time (from submission to acceptance), rejection rate by reason (quality, liveness, score), abandonment rate at the biometric step, and the percentage of cases that fall back.
In parallel, comparing these indicators by device, browser, and time helps to identify attack patterns and technical bottlenecks.
| KPI | What does it measure? | How to use in practice |
|---|---|---|
| FAR | Probability of accepting someone who is unsuitable. | Increase requirements when the contract risk is high or when there are signs of an attack on the channel. |
| FRR | Probability of rejecting someone legitimate. | Review usability, capture quality, and threshold if there is an increase in rejection rates without a clear gain in fraud prevention. |
| Fraud rate confirmed | Frauds that went through and were validated later | Prioritize controls by channel and adjust fallback and retry blocking. |
| Subscription period | Total time to completion | Reduce friction with better feedback and more efficient quality checking. |
| Failure rate | Percentage failed the biometric step. | Separate issues by reason to avoid "blaming the user" when the problem is with the camera, lighting, or UX. |
Check out these related articles as well:
- Advanced electronic signature It is a concept that helps to understand how layers of authentication reinforce the validity of the process in higher-risk scenarios.
- Legal validity of electronic signature The debate begins when the team needs to structure internal policies for dispute resolution and auditing.
- LGPD and digital signature It contextualizes the handling of biometric data and audit trails throughout the document lifecycle.
Best practices for implementing the signature workflow.
To avoid rework, it's worth designing the use of biometrics by document "classes." A low-value contract can use liveness with a more permissive threshold and fewer attempts, prioritizing speed. Contracts with higher risk, on the other hand, can combine stricter liveness, a higher threshold, and fallback with additional verification.
This design also facilitates governance: the legal department approves rules by document type, and the technical team implements them as policy. In integrations, a common approach is to expose the result of the biometric step as an event in the workflow, allowing for end-to-end auditing.
Another practice is to separate automatic decisions from reviewable decisions. When the score is well below the threshold, it fails outright. When it is "close," the company can opt for automatic fallback instead of failing. This reduces FRR without excessively widening the FAR, provided the fallback has additional evidence.
For processes that require more robust evidence, the use of certified signatures may also be included in the policy, as discussed in signature with digital certificatewithout replacing biometrics, but as part of the set of controls in specific situations.
Security, LGPD (Brazilian General Data Protection Law), and continuous improvement in the lifecycle.
Since biometrics are sensitive personal data, the LGPD (Brazilian General Data Protection Law) requires a legal basis, transparency, and protection. In the workflow design, this translates to: collecting only what is necessary, clearly informing the data subject, protecting data in transit and at rest, limiting internal access, and defining data retention.
From a governance perspective, it is advisable to document policies: why the control is applied, how the threshold was defined, what the fallback criteria are, how incidents are handled, and how performance is reviewed. Continuous monitoring is part of the control, because fraud behavior changes and the technical environment changes as well.
Closure: Operational security with 3D facial recognition and liveness.
When 3D facial recognition and advanced liveness are integrated into the workflow with metrics, calibrated thresholds, and an audit trail, the result tends to be a more reliable and predictable process for both legal and operational teams. Security ceases to be merely a "yes or no" question and becomes a set of measurable decisions, with fallback and evidence for rebuttal.
To consolidate this continuous improvement in a subscription workflow, it makes sense to observe indicators, review policies, and maintain compliance with the LGPD (Brazilian General Data Protection Law), keeping 3D facial recognition as adjustable risk control. That said, we invite you now to click here to learn more about ZapSign's electronic signature solution.
Frequently Asked Questions (FAQ)
What differentiates 3D facial recognition from 2D facial recognition?
2D comparisons look at patterns in a flat image, while 3D incorporates depth cues, aiming to represent the relief of the face. In practice, this tends to make simple photo-based attacks more difficult, because the system looks for spatial coherence and not just texture. The exact design depends on sensors and the capture method, but the operational goal is to increase robustness against fraudulent presentation.
What is advanced liveness in facial biometrics?
Advanced liveness is a set of checks that attempts to confirm human presence at the time of capture. It can use passive cues (temporal consistency and texture) and active challenges (guided movements). In environments with a risk of fraud, proof of life helps reduce the acceptance of photos, videos, and manipulations, especially when combined with other layers of control and well-calibrated thresholds.
How do FAR and FRR influence the flow of subscriptions?
FAR relates to the risk of accepting someone inappropriate; FRR relates to the risk of rejecting someone legitimate. In signatures, the similarity threshold adjusts this balance. A higher threshold tends to reduce FAR and increase FRR, creating more rejection and possible abandonment. A lower threshold tends to do the opposite. Ideally, it should be calibrated by document type and channel.
What technical evidence is helpful in audits and disputes?
A useful audit trail records workflow events: timestamps, liveness results, similarity scores, reasons for rejection, number of attempts, and technical context information. In some cases, there is also controlled storage of capture images. The legal utility comes from the ability to reconstruct the decision-making path without exposing more data than necessary, while maintaining defined access and retention controls.
How to deal with the risk of deepfakes in facial verification?
Deepfakes increase the need for multiple signals and monitoring. Common controls include liveness with active challenges, detection of visual inconsistencies, analysis of compression patterns, and correlation of behavior (repeated attempts and devices). It also helps to have fallback when the score is in a gray area and to apply attempt limits per time window, reducing automated attacks at scale.
CEO of Henshin Agency and digital marketing consultant, fascinated by content marketing and an admirer of Japanese culture.
