Biometric sensors are widely used to distinguish between individuals that are authorized to engage in an activity and individuals that are not authorized to engage in that activity. For example, fingerprint sensors are commonly used to determine whether a fingerprint provided by an individual matches information in a database, and if a match is determined, then the individual may be allowed to engage in an activity. For example, the individual may be allowed to enter a building or room, or allowed to use an electronic device such as a mobile phone or an application running on a mobile device.
Biometric sensors can be deceived (a.k.a. “spoofed”), and thereby permit an unauthorized individual to engage in an activity that is reserved for authorized individuals. Spoofing a fingerprint sensor may be accomplished in different ways. These include using a fake fingerprint, using body parts other than a finger, and using a dead finger from a person. Since it is unlikely that the particular type of spoofing to be used on a fingerprint sensor will be known in advance, it is important to guard against all types of spoofs. One method of guarding against spoofing involves determining whether the biometric object exhibits characteristics associated with liveness.
As more and more biometrics are used for user identification and/or verification, liveness detection becomes increasingly important in order to ensure access security and accuracy. Liveness detection is important because many methods of deceiving an identification system and/or verification system use spoofs that are not alive. For example, a latex finger may be made to have ridges and valleys resembling a fingerprint of an authorized user. When such a latex spoof is presented to a fingerprint sensor, the scanning system may falsely conclude that the latex spoof is the finger of an authorized user, even though the latex spoof is not part of a living being. Therefore, a system that is able to detect whether a biometric object is part of a live being would be useful in detecting the presence of a spoof. In such a system, if a determination is made that a biometric object is not part of a live individual, then the individual presenting the biometric object may be denied access (for example, access to a requested activity) even if the biometric information (such as a fingerprint) matches information in an associated identification/verification database.