Case Study: Secure Biometric Authentication Solution Based On Data Science
Client: US-based company providing services and software products for healthcare industry
Business goals: Provision of healthcare companies with a verification-as-a-service solution for secure access to sensitive health data
Product: Microservice-based Web software that enables biometric authentication in 3 steps: facial capture, voice recognition, and Q&A; API is available for integration with 3rd-party software
• Back End: Python 3, Django, Django REST Framework, Flask, Celery, MoviePy, ffmpeg, OAuth2, Java, Amazon S3, PostgreSQL, Redis, Plivo, CI/CD (Docker, Docker Swarm, Jenkins)
• Agile management framework, UI/UX design, manual testing, automated API testing
From an idea to a working product:
forming a vision within 2 days of brainstorming
Medical software and storage of private health information have advanced requirements towards security and precision—and secure access is the first step. Modern medical software should have an opportunity to replace password-based authentication with more secure biometric means, easily accessible on mobile devices.
Such was the idea that the CTO of the client company addressed us with. During his personal visit to our office, which lasted mere 2 days, we managed to form the vision and workflow of the future software product, as well as a tech stack for implementation.
Building a microservice-based architecture
The product is based on microservice architecture, which allows to distribute the scope conveniently. Each microservice becomes a separate subproject with its specific functionality, which makes it easier in writing, support, and enhancement. This also allowed us to select optimal languages and frameworks according to the goals and specifics of each microservice.
What we eventually received was high-quality, failsafe and horizontally scalable code with pipelined parallelism, independent updates, and wise distribution of developer effort with next to no down time.
WebRTC: streaming tool for authentication
Authentication includes 3 steps: facial capture, voice recognition, and questions that require correct answers. In order to make the product fast and not overload the front end, each step is performed on the server side.
There was an obstacle, however: audio/video streaming was available for all platforms bar iOS, where MediaStream Recording API is not supported by browsers. The problem was solved with OpenTok, an off-the-shelf WebRTC service that was integrated with the product and covered iOS just as perfectly.
Data Science: gathering datasets for precision of biometric recognition
The final highlight of this project is applied Data Science for proper biometric recognition. OpenCV was used for initial preparation of image processing. TensorFlow, Keras, and dlib were applied for actual face/voice recognition and for an antispoofing model. Finally, Tesseract OCR was used for recognition of text on the user's documents.
Our task included creation of a custom dataset with audio and video recordings of mobile users to improve recognition. As of now, all the models are continuously trained to keep the level of recognition and attack prevention at an all-time high.
3-step authentication: face, voice, Q&A
However advanced the software product can be under the hood, it's the simplicity of the user interface that attracts the user and wins their satisfaction. This product is no exception: the following screenshots perfectly illustrate each step that must be taken to gain the required access.
The final product became highly customizable, originally targeting the healthcare sector (e.g. health insurance companies), although viable for other spheres. Partnering businesses are currently able to integrate this verification tool with their own products via API. Another feature worth noting is single sign-on, in order to spread single authentication across multiple systems for the convenience of users.
Please feel free to contact us with your ideas and questions!