Security Encyclopedia

Face Authentication

Face Authentication is a technology that enables people to access online services, physical settings, and other resources using images of their face.

Face authentication, also called face/facial recognition, relies on mobile and other devices’ native sensing technology. Some third-party biometric algorithms, however, are deployed as software that leverages device cameras for this purpose. Liveness detection — with the user prompted to nod, smile, or otherwise move during authentication, or continuously during the session — is often added as an additional security layer.

Some face authentication solutions are architected in a decentralized model using FIDO standards that ensure a consumer or employee face template is secured on the user’s mobile device. Here, a user’s face scan is verified locally against itself, a token is sent to the service provider, and access is granted. The biometric itself is not stored at the service provider (true secret).

Other face authentication solutions are architected in a legacy centralized scheme in which user templates are stored at the service provider, and matching is done against a library of all other users’ biometrics (shared secret). These systems are commonplace in criminal justice, international border crossings, and national security settings.


“Some airlines and retail establishments are using face authentication to deliver people a faster, more personal experience. Before opting into these services, it’s a good practice to ask the airline or store where the biometrics are stored.”