What is it ?
Face Recognition is a biometric software application capable of uniquely identifying or verifying a person by comparing and analyzing patterns based on the person's facial contours.
How cidaas makes use of Face Recognition as a part of Multifactor Authentication?
Face Recognition is one of the Authentication type cidaas uses to authenticate users through Authenticator application.
As a prerequisite, the admin must enable the Multifactor authentication settings in the admin dashboard -make sure Face Recognition is enabled here.
Once the above setting is done, users can now configure their profile to enable MFA, and face recognition. For the very first time, the user needs to set up his/her cidaas Authenticator account. To do this:
1. On the client web portal, the end user has to choose the type to of authentication to face recognition.
2. Run the authenticator App (free download from App/playstore)
3. Scan the QRCode.
4. Register the face by slowly blinking for a few seconds, till the face is captured as image on camera. The face-image will be sent to server for further processing along with the device-ID and the FCM token of the Smartphone.
5. This device-ID and FCM token is the basis for sending notifications during login.
6. When the user logs-in to the web portal/ any other service, he will get a notification to login. When he clicks that, the app asks for the verification of face. The user needs to verify his face on camera. If this matches with the originally configured data -stored in cidaas server, will the user be successfully authenticated.
Once the user has configured his face, each time he logs in to his web portal account, he gets a push notification. When the user clicks on this notification, he has to authenticate by verifying his face. When identified, the confirmation message is send to server and the user is successfully logged in as shown below.
Both the configuration and usage flows are explained below with concrete screenshots:
Face Recognition: Configuration
Download and Install the cidaas authenticator app from the below link, if not done so already.
On your dashboard page (web portal), go to Physical Verification Setup and select Configure button under the Face Recognition (cidaas authenticator app) option.
The following screen appears on the web.
To scan the QR code presented, open your downloaded cidaas authenticator app and click on **Add** tab.
Scan the QR Code displayed on your desktop.
Note: Instead of scanning QR Code on desktop, alternately, you can open cidaas-authenticator mobile app, and in physical verification section, choose any one verification.
If using the mobile browser, we don't need to scan qrcode. It will automaticaly ask for the appropriate authentication information, based on the verification type you choose.
After scanning, the login screen is displayed on your phone. Login with your credentials.
When you are authenticating, the loading screen will appear on your desktop.
Once logged in, you need to configure Face verification. When your face is detected and captured on camera, the setup is completed.
Face recognition is now successfully configured.
Then, your app and your desktop screen will look as shown in the figure:
Face Recognition: Usage
Login with passwordless authentication then enter your email and click Proceed. Select Face Recongnition (cidaas authenticator app) to login
The multiple device screen gets displayed
The screen waits for authentication
At the same time, push notification will be sent to the mobile that has authenticator app.
Click on that notification to view authentication request. The request shows the browser type, location and date/time, when the request was made (as in the below screen),
if you click allow button, it will continue to steps 4; Otherwise you won't be able to authenticate at this point.
On click of deny button the 'Notification Deny' screen will be shown, where user can select appropriate reason for denying the request and submit it. After that you won't be able to authenticate.
Now, you can see the Face verification screen. If you see a button "Start Detection", tap on it to invoke face detection. Verify your face on the camera. If it matches with the configured face, authentication is successful. For best results, you have to slowly blink your eyes so that the algorithms can detect your live face.
You are now successfully logged in.