Liveness Detection
BiometricAnti-spoofing technology that verifies a biometric sample comes from a living person rather than a photograph, silicone mold, or other artificial replica. In smart card systems, liveness detection may be implemented in the sensor, the card's software, or a combination of both.
Liveness Detection -- Preventing Biometric Spoofing
Liveness detection (also called Presentation Attack Detection or PAD) is an anti-spoofing technology that verifies a biometric sample originates from a living person rather than an artificial replica -- a silicone fingerprint mold, a printed photograph, a 3D mask, or a replay of a captured biometric signal. In smart card systems, liveness detection is a critical defense layer that protects Match-On-Card biometric verification from being defeated by physical spoofs.
Detection Methods
Liveness detection techniques fall into two categories. Hardware-based methods use sensor characteristics to detect vitality signs: capacitive fingerprint sensors in biometric payment cards can measure sub-dermal features (blood flow, skin conductivity, pulse oximetry) that a silicone mold cannot replicate. Software-based methods analyze the biometric sample algorithmically, looking for texture patterns, spectral signatures, or motion characteristics that distinguish real tissue from artificial materials.
Implementation in Smart Card Systems
For biometric payment cards, liveness detection is typically integrated into the fingerprint sensor module rather than the card's secure element, since sensor-level detection can reject spoofs before any matching computation begins. The sensor firmware applies a liveness score to each captured sample; only samples exceeding the liveness threshold are forwarded to the card for MOC template matching. This two-stage pipeline -- liveness check followed by biometric match -- provides defense in depth without increasing on-card processing latency.
Standards and Evaluation
ISO/IEC 30107 defines a framework for testing and reporting presentation attack detection performance. The standard introduces metrics such as APCER (Attack Presentation Classification Error Rate) -- the proportion of attack presentations incorrectly classified as genuine -- and BPCER (Bona Fide Presentation Classification Error Rate) -- the proportion of genuine presentations incorrectly classified as attacks. These metrics complement the FAR/FRR framework by quantifying the systems resilience to deliberate spoofing attempts rather than just passive classification errors.
Related Content
Smart Card Fundamentals
Getting Started…Crypto coprocessor RSA, ECC, AES offload I/O Contact pad / RF antenna Communicate with reader The secure element…
Contact vs Contactless vs Dual-Interface
Getting Started…Contact Cards and ISO 7816 Contact cards expose a contact pad array with up to eight C-pads (C1–C8). Communication uses…
Smart Card Form Factors Explained
Getting Started…shrank. All three removable variants use the same contact pad layout and ISO 7816 electrical interface; only the…
SIM Card Types Explained
Getting Started…removes the plastic carrier while keeping the same contact pad layout defined in ISO 7816 — the electrical interface is…
Understanding ISO 7816
Standards & Protocols…tests, UV/X-ray resistance 2 Cards with contacts Contact pad layout, position, size 3 Electrical interface VCC levels,…
ISO 7816 Parts Guide
Standards & Protocols…tests 7816-2 Dimensions and location of contacts C1–C8 pad geometry, tolerances 7816-3 Cards with contacts —…
EMV Contactless Kernel Deep Dive
Standards & Protocols…payments above the floor limit without a terminal PIN pad interaction. Floor Limits and Terminal Risk Management…
Smart Card Readers and Middleware
Programming…Hardware Categories Category Interface Typical use Contact pad NFC Desktop contact reader USB-A / USB-C Development,…
Sıkça Sorulan Sorular
The smart card glossary is a comprehensive reference of technical terms, acronyms, and concepts used in smart card technology. It covers protocols (APDU, T=0, T=1), security (Common Criteria, EAL, HSM), hardware (SE, EEPROM, contact pad), and applications (EMV, ePassport, eSIM). It serves developers, product managers, and engineers.
Yes. SmartCardFYI provides glossary definitions in 15 languages including English, Korean, Japanese, Chinese, Spanish, Portuguese, Hindi, Arabic, French, Russian, German, Turkish, Vietnamese, Indonesian, and Thai.