A Dynamic Software Engineer Transforming Ideas into Real-World Impact

Projects.

Developing a Secure and Integrable Facial Recognition System: Anti-Spoofing, Device Authentication, Oauth, and an Open-Source Npm Package

Cover Image for Developing a Secure and Integrable Facial Recognition System: Anti-Spoofing, Device Authentication, Oauth, and an Open-Source Npm Package
Cyrus David Pastelero
Cyrus David Pastelero

Introduction

In the evolving world of digital security, I've developed an innovative solution, the Face Guardian - a robust authentication system for web applications. This system merges facial recognition technology and OAuth Protocol, with an emphasis on preventing the creation of fraudulent accounts.

System Overview

Face Guardian System

Face Guardian is a user-centric authentication system that uses facial recognition technology, unique device fingerprinting, and OAuth protocol. It's designed with a focus on user interaction and security, and it incorporates advanced features such as facial recognition, device ID verification, and OAuth authorization.

Functional Requirements

The functional requirements of the Face Guardian delineate its essential operations, providing a detailed overview of what the system is expected to perform to fulfill the outlined use cases. Each functional requirement is tied directly to a specific use case, ensuring that the system's functionality aligns with the users' needs and expectations.

Use Case Model

The use case model for Face Guardian outlines ten distinct use cases, each representing a specific interaction between the user and the system or between different components of the system. These use cases include user registration, user login, smiling face detection, device ID verification, issuing and validating OAuth authorization codes, issuing and validating access tokens, creating an application, and using the Face Guardian NPM package for system integration.

Implementation

Face Guardian stores face descriptors rather than full images for user privacy. The system uses the Histogram of Oriented Gradients algorithm and the dlib library for proficient facial recognition. To simplify integration, I developed a Node.js package of the Face Guardian, which is available on npm.

Usability Testing

The system underwent comprehensive usability testing, which included various tasks and user interviews. The results showcased a high level of user satisfaction attributed to the system's intuitive design and operation. However, to further enhance user experience, areas like error messaging and user guidance need further optimization.

Security Testing

Face Guardian demonstrated robust security measures by withstanding image replay attacks completely. Even though this is a significant achievement, the ever-changing landscape of potential threats necessitates continuous security testing against emerging types of attacks.

Performance Testing

Performance testing was facilitated through Vercel's Analytics and Speed Insights, revealing the system's impressive scalability and speed. Despite these successes, potential bottlenecks were identified under high-traffic conditions, suggesting a need for ongoing performance optimization.

Future Improvements

For future enhancements, considerations will be made for varying lighting conditions during facial recognition. Additionally, the system could potentially be upgraded by integrating other biometric authentication methods to further fortify security.

Project Development Process

  1. Requirement Gathering: Identified the need for a robust authentication system to prevent the creation of fraudulent accounts.

  2. System Design: Designed a system leveraging facial recognition technology and OAuth Protocol.

  3. Development: Developed the facial recognition system and encapsulated it into an easily integrable Node.js package.

  4. Usability Testing: Evaluated the system's usability, efficiency, and user satisfaction through various tasks and user interviews.

  5. Security Testing: Assessed the system's resilience against image replay attacks to verify its robust security measures.

  6. Performance Testing: Conducted a thorough analysis of the system's performance under varying traffic conditions using Vercel's Analytics and Speed Insights.

  7. Improvements & Future Directions: Identified areas for improvement in user guidance and error messaging, highlighted the need for continuous security testing and performance optimization, and proposed potential enhancements for future versions of Face Guardian.

Explore the complete project on Github and the package on npm.