Hacker News new | past | comments | ask | show | jobs | submit login
Launch HN: Xix.ai (YC W17) – Securely authenticate in web apps by face
49 points by emilxix on Feb 28, 2021 | hide | past | favorite | 51 comments
Hi HN,

I’m Emil, here with our team at XIX.ai (https://getxix.com/). We are building “Entry” - a biometric identity provider that enables secure authentication in web apps by face on desktops using web cameras. It supports SAML 2.0, OIDC Connect, and OAuth 2.0 standards and can be easily integrated into existing app or infrastructure.

Users can securely authenticate in web apps by face, using regular web cameras without compromising privacy and security.

Entry helps organizations prevent phishing, insider threats, and account takeovers by adding Entry as a biometric factor to their workforce SSO. Companies that employ many contractors or vendors to access sensitive information can prevent fraud by verifying biometric identity during authentication.

Developers can use Entry to verify their customers (password resets), strong-authenticate users during high-value transactions (pushing code in master; deleting data, etc.), or streamline the login experience. (documentation and self-serve are coming soon. Please reach out if you'd like to try it now)

We came to the world of identity and access management somewhat unexpectedly. In the early days, we tested different product ideas and frequently pivoted while focusing on problems that could be solved with our core expertise, computer vision.

During our trial and error period, we were lucky enough to work with the team at DeliverFund, a non-profit organization fighting the problem of human trafficking and child exploitation.

More often than not, the only clue an analyst has is a photograph of a missing juvenile. With that photo, they need to search through the web to find any ad or other indications that may lead to the child. To locate a missing child or a victim of human trafficking, they had to manually scroll through thousands of online ads to find a potential match.

To solve this, we built a set of scrapers that capture online ads, indexes them, and makes them searchable. We took all images and ran them through face recognition and object detection models. This enabled analysts to drag and drop a child's photo and see if they are being trafficked from ads online.

With internal expertise, we were able to build the tool back in 2018. And this experience got us thinking: a malicious actor will make a wide-scale surveillance system with enough resources. It’s not a question of “if,” rather “when.” While brainstorming a potential solution, we’ve realized that, fundamentally, this is an information asymmetry problem. A feasible solution must be market-based, user-privacy-centered, and optimized for perfect information.

Such a solution must satisfy a few criteria: a) has to use a face as a biometric modality b) must be valuable enough for a large number of people to use it c) biometrics must be securely stored and 100% controlled and managed by the end-user d) And it has to deliver an order of magnitude improvement in overall security and usability in comparison to existing solutions. This brings us to the world of identity and access management.

Passwords can be easily compromised. Additional factor authentication is either convenient but phishable (SMS/Voice/Backup Codes/TOTP/Mobile Push) or phishing-resistant, but inconvenient, expensive, and not widely adopted (FIDO-keys, Webauthn).

Biometrics is a perfect solution but by no means a new idea. After all, we are using it already on our mobile phones (fingerprints, FaceID), specific Microsoft devices with Windows Hello, and other desktop devices with fingerprint sensors.

However, four key challenges prevented biometrics from being widely adopted: a) the need for a specialized sensor - depth perception for cameras or fingerprint sensors b) 2D webcams are easy to spoof with replay attacks, printed attacks, and mask attacks. c) Scalability, reliability, and cost-effectiveness. Products with ML at the core are notoriously computationally expensive and result in low margins. Accuracy also decays with data growth (more faces = higher chance of false positives), regressing the security over time. d) Privacy. How to avoid having a copy of my face on every website/SSO I login?

We’ve spent the last two years solving those challenges, and we’re happy to present to you Entry. It works with a regular desktop webcam and doesn’t require installing additional software. We’ve developed several anti-spoofing layers to make sure the system is secure. Entry is compliant with CCPA/GDPR and supports users from the state of Illinois ( arguably, the strictest biometric legislation in the USA)

Please give it a try https://getxix.com/. We’ve rolled out a public Okta instance with Entry set up as a factor to showcase it. We support Okta SSO out of the gate. Others (or working with OpenID Connect) require talking to support.

If you’d like to add Entry into your SSO, use it for your customers, or secure high-value transactions, let us know. Documentation is coming soon, but we can help now.




> We’ve developed several anti-spoofing layers to make sure the system is secure.

I don't believe this vague blanket claim. How much are you paying somebody who proves you wrong? A million dollars? No? Then I should assume anybody who can spoof this and would like a million dollars might do so unless the total value secured is assured to be less than one million dollars (in which case I expect this project will be gone by summer).

XIX ends up capturing a huge amount of facial recognition data and then storing it somewhere indefinitely in "the cloud" to inevitably get stolen and then no doubt we can expect a PR crafted apology and an insistence you've learned your lesson.

Every single time a person authenticates, video of their face is transmitted over the network. I have no doubt you'll say it's ephemeral and you don't store that video, but of course the users have no way to assure themselves of that, they just know they sent it.

Overall my impression is that this delivers markedly worse real world security than WebAuthn and has terrible privacy issues that can't be fixed.


Sorry, you feel this way, mate, but matters of "believe" are between you and your priest.

As for the "overall impressions", It is usually recommended to try something first and then form an impression. Otherwise, it's just an opinion


You know, I was very interested to hear how you’d respond, thinking you’d surely have substantive counterpoints or address the core argument.

This is probably the worst response possible, and makes me believe GP is correct, because you don’t have any real response to their critiques.


That’s not how this works. You’re claiming an incredible breakthrough: extremely high facial recognition accuracy using 2D input in an adversarial setting. Extraordinary claims require evidence.


As I've mentioned earlier, we will be publishing in-depth results soon. Meanwhile, you can read here the review of public datasets https://medium.com/xix-ai/quantifying-the-inherent-bias-in-m... Overview on adversarial examples is below. The upcoming post will cover the approach, performance and comparison. Stay tuned


Will this upcoming post address the storage and privacy concerns that were the main point of the GP?


I'm flabbergasted that any founder would respond like this.

A lot of people who would have given you the benefit of the doubt just got the opposite impression of your company after reading this response.


How can I try out seeing what exactly you store of the videos your receive to form an opinion?

Also how can I try out what happens when you get subpoenaed by a government for facial data of specific users or all users?


This is not something an individual can just form an impression on by themselves. It would take a large sample of people.


I love the idea, I had a similar one two years ago (https://github.com/AnandChowdhary/notes/blob/main/notes/2018...) to use “face unlock” but as an MFA method.

The one problem I had was that face detection using the webcam is not be accurate, e.g., it can be easily fooled using a printed photo of the person or changing the webcam input to use a static photo. With WebAuthn, however, this is not possible because it connects to the device’s native authentication. On macOS, for example, it’s much harder to spoof Touch ID.

How would you go about preventing such problems? Isn’t it better to provide an Auth0-style SDK to use WebAuthn with SSO, or do you think using this cloud based image recognition system is as foolproof as the native options?


That's right, successfully preventing spoofing attacks using 2D input is an extremely hard problem to solve. We've spent two years working on it. We published a high-level overview here - https://getxix.com/learn and plan to publish a deep-dive overview of the approach in the coming weeks.

For SSO, Entry can be added as SAML 2.0 Factor today. I agree if we would not have solved the spoofing problem, taking the Auth0-style route for native platforms is the way to go.


Relevant quote from the linked overview:

> Entry addresses the spoofing issue from 2D input by using an anti-spoofing algorithm that processes a sequence of images obtained from a single camera to build an accurate 3d face reconstruction based on facial key points. Additionally, it estimates the pixel distribution of the input image to detect attacks. Aggregation of both methods achieves high accuracy for detecting attacks on face recognition systems.


thanks for posting it here. It is still too high-level. We'd be publishing in-depth details soon.


This wouldn't seem to help, unless you correlate it with motion sensing data. You can build point clouds from deep fake videos just as easily as from real videos.


What stops an attacker from spoofing the webcam with a looping video of the subject staring at a camera instead of a still image or holding up a picture?


Several layers of anti-spoofing.

They detect mask-attacks, replay attacks (put the phone with video into the camera; highjack a webcam input and send a pre-recorded video faking to be real-time from zoom for example), and, of course, still images.

Give it a try!


Wouldn’t you still be vulnerable to attack via a 3D printed or resin cast face (possibly suitably painted)?


Or just tape a print out to a balloon.


> I love the idea, I had a similar one two years ago (https://github.com/AnandChowdhary/notes/blob/main/notes/2018...) to use “face unlock” but as an MFA method.

btw, https://gazepass.com does this as well.


It would be amazing if this could become the future, but as someone working in the adversarial robustness space I find it difficult to believe a system like this wouldn't be susceptible to adversarial patching...especially with whitebox access. It's been shown by Nicolas Carlini that nearly all adversarial defenses can be broken or are inherently flawed.

Very curious to see what makes this anti-spoofing algo different, will read the paper with interest.


right, adversarial attacks are tricky, we wrote about it a while ago - https://blog.ycombinator.com/how-adversarial-attacks-work/

In reality, the production-grade security comes from a compound effect of three components: face-recognition, antispoofing for face recognition, and traditional controls of industry-standard protocols like SAML 2.0, OIDC, etc. Taking one of three out of the equation renders security nonexistent.


Also worth mentioning that since we're cloud-based, we can shore up our threat assessment models to include browser fingerprinting, device details, IP address history, what network the user is on, etc. to better detect threats/spoofing.


These seem like the main added-values.


The thing with yubikeys is that, I can change them. I can't change my face or fingerprints. Use that for authentication reduces control over privacy and enables tracking across the web.

Was there an audit but independent privacy focused organization done of your claims? Till then any privacy claims are just claims. New day, new privacy friendly face recognition that will website big corporations to do tracking in the name of "kyc" and security


Entry was designed to protect end-user privacy against malicious actions in the first place. Not just because we want to "do good", but also because it is commercially viable: End-users get full control of their data forever free, while organizations deploy Entry to solve tactical issues like fraud, security, and phishing prevention. But, I guess, without an independent audit by "the big four" or alike, these are just my words.


Some general thoughts:

First, let me say that on mobile devices, I literally loathe Face ID. There are lots of reasons for this:

- Fingerprints are just more convenient. Apple, for example, argued the false positive rate way too high. For me, as a user, I'm more concerned about the false negative rate. I think Apple just wanted more screen real estate. They could've easily put the sensor on the back (eg like the Samsung Galaxy S8).

- I have poor vision. I have to look at my phone close, same with my computer. And no this isn't an issue of better glasses or surgery. This caused Face ID to fail because I'm not in the expected frame. So I have to hold my device further away and try again. This is incredibly annoying;

- Touch ID has a much lower false positive rate on whether to initiate a check. That's because you've pressed the button. Face ID has to guess and it guesses wrong (a lot);

- I can't speak for other manufacturers but Apple at least puts in arbitrary security controls like N failures mean having to use my passcode many times a day whereas with Touch ID it's actually super rare;

- Masks!

- Touch ID isn't dependent on sufficient lighting

More context: prior to Touch ID I didn't use a passcode on my phone at all. It was simply too annoying. Face ID, for me, is too close to having to use a passcode too often.

I mention this as context for why I personally think facial recognition as an authentication tech is a terrible user experience in many, many cases.

Desktop is probably a little better because issues like your face not being in frame are going to be less of an issue. In my case I still have to sit close to the screen but my face is still within frame.

Phone manufacturers make this approach more resistant to spoofing by using other sensors. You say you've spent effort to avoid spoofing and hopefully that's true. I would be concerned that there's only so much you can do with a single vision camera and no other sensors.

Phones (and tablets) also have the advantage in they have a single manufacturer. Desktops are still put together with independent peripherals. That's... less secure.

Lastly, it's not a given that someone using a desktop or a laptop has a camera that's facing them.


thank you for sharing your thoughts.

-> Fingerprints are just more convenient. Apple, for example, argued the false positive rate way too high. For me, as a user, I'm more concerned about the false-negative rate. I think Apple just wanted more screen real estate. They could've easily put the sensor on the back (eg like the Samsung Galaxy S8).

I agree, a matter of fact fingerprint sensor on the back of a phone is arguably the most efficient way to unlock a phone. With desktops, it varies quite significantly.

-> - Masks!

for what its worth, one user told us that they have successfully logged in while having a green mint facial care mask on..:)

-//-

By no means Entry is the best tool out there, nor we claim it to be so. Here are a few known flaws:

- if someone has two or three monitors and it is unclear where the camera is, it requires some time to get used to, which may be annoying - to your point, Entry will not work in a pitch-black room - Entry is by no means "fingerprints-fast": as a factor, Entry competes with the time it takes to reach a phone and click on push notification. For example, mean time to verify using Okta Verify (default mfa solution for okta sso) is ~21 seconds. For Entry it's 30 seconds. We still need to work on that (although our users still choose Entry over Verify, we ask to have both factors set up :) )


> mean time to verify using Okta Verify (default mfa solution for okta sso) is ~21 seconds.

My current client uses Okta Verify. It takes 5-8 seconds from clicking "Sign In" on my laptop to receiving the Okta push prompt on my phone to unlocking my phone and clicking "Yes, it's me" and then getting the full authenticated post-Okta desktop landing page.


That's great. It means that the subset of all users you've measured had their phones unlocked, next to the computer, and ready to click push notification


Cool idea and good on ya for your work with DeliverFund.

How is this better/different than the face identification built into the major platform providers accessible via WebAuthN? My understanding was that WebAuthN was supported by the latest version of major browsers: https://caniuse.com/webauthn


thank you. You are right, Webauthn taps into SDKs of platforms like iOS, Windows Hello, google's version of android. They use infra-red depth perception sensors to create a mesh of the user's face as ID and store it on the device's secure enclave. It can only be accessed and used on that device. For that reason, Apple users have to set up fingerprints separately on iPhones and Macs. The same will be for FaceIDs on the new-gen of Macs - users will be setting it up separately on different devices. We instead store biometrics in the cloud so it is not tied to a specific device.


Thanks, that makes the differentiation very clear.


> in the cloud in the secure enclave

Choose one.


good catch, I've fat fingered it while editing the comment


Do you plan on using your face recognition tech with documents as well? I'm currently working in a Brazilian Fintech and we pay a third party for reading document IDs checking if the user face matches, and ensuring the user is really there alive in front of the camera.

The third party service we have now is well below expectations, so we would be glad to try out something new.


Absolutely, that's on the product map. KYC/AML and document verification use cases are super exciting but require some thoughtfulness around regulations. Sometimes it is easier to solve a hard technical problem than to navigate compliance requirements.


Checkout the PixLab API[1] which offer KYC document verification (IDs & Passports) and face recognition via the same WEB API.

1: https://dev.to/unqlite_db/implement-a-minimalistic-kyc-form-....


> c) biometrics must be securely stored and 100% controlled and managed by the end-user

I really was hoping this meant that biometrics were stored on the client. But, from reading the comments here it sounds like they’re stored in the cloud. Storing my biometrics in the cloud is gonna be a no from me.


On the price; $4.5 per user, for a store with 100 customers it will be $450 per month? Am I correct? and for 1000 it is $3500 per month?


Yes, you are right. To be clear, the pricing on the website is for the workforce identity (Entry as a factor to a Single Sign-on solution). If you are thinking about customer identity, we don't have pricing yet. Most likely, it will be volume-based. It would be great to brainstorm with you and come up with something that makes sense!


Biometrics is by no means perfect and it's definitely not safe for online services. It can be an extra layer of security, at best.

How to hack someone relying only on biometrics:

- Craft malicious app that looks entertaining and record whatever biometrics you're recording

- Hand your phone to victim

- Congrats, you have valid biometrics data (2d, depth information, fingerprint) you can use to login as a victim! Even better, they can't change their face or fingerprints

You can invalidate old entries and detect variations but you still have a unsafer model. I can see a use for it if it's massively convenient (Eg. Detecting users in a physical location from CCTV) but if the user needs to take a selfie to login on a website, that could become annoying fast.


HN, we want to address all the questions and concerns that have been brought up here. To do that effectively, are compiling a list of all of them and will be answering them live during an online event. If you are interested, RSVP here: https://forms.gle/ZWsiswJGLdLqaAoK7

Tentative agenda: Overview of the product

     - what is it, how it works
     - deep dive in tech 
     - security
     - comparison to other solutions
- Addressing individual concerns from HN comments

- Q&A


What advantage does your solution offer compared to Facetec's Zoom Login liveness detection product?

Context: We are imminent super-users of facial recognition to perform proof of life verification for our new tontine pensions platform (see https://tontine.com).


Have you seen the Tom Cruise deepfakes? I mean, if you can reliably detect deepfakes like this[0] then the product could be better sold as deepfake detection software.

[0]: https://www.youtube.com/watch?v=n3dPBiQa5bw


Have you thought about what kind of assurances users / buyers are looking for about robustness to attacks or false positives, but also about working correctly under normal variability (a mentioned by others)? And how to best communicate those assurances?


Communicating assurance is challenging. Finding a balance between "FAR/FMR/FNMR metrics" and "it's safe to use" is an art. Apple's faceID. for example, claims "1:1,000,000 chance a random person can unlock an iPhone", which, I guess, is a good enough proxy to communicate assurance for the intended audience. Answering the question, yes we thought about it, but still a work in progress.


Thanks for the answer. What I should have asked first is, do you think this is something that's important to your users, or are they happy to accept that there is research and engineering behind it that has concluded it is reliable and safe?

I'm asking because I've been in a similar situation (different area of computer vision) where nontechnical stakeholders are looking for assurances that the model is not going to fail under essentially unknown conditions. And same as you, we had some ideas, but it's hard to validate what best speaks to people, so was curious to hear if you had looked at it. Thanks!


Got it. Let me share with you our experience, and please take it with a grain of salt.

Early on, we've conducted a handful of end-user interviews - knowledge workers, various industries, fluent with computers. We conducted a series of hour-long video calls, recorded them with permission to re-watch them later, and asked the questions like - how do you think about privacy? How do you think about the performance of faceID or similar? How do you think about biometrics and privacy? Will you be open to try a solution that uses your biometrics from an unknown vendor? Etc.

The result, somewhat surprisingly, boiled down to a few bullet points: 1. Performance- "If it works and I can log in, that's enough assurance." 2. Privacy and data - "Have an FAQ section or show in me onboarding that you don't sell my data for surveillance - that's good for me."

We've been prepared to answer the "SOC 2 Type2 -style" question regarding performance and data privacy, but no one really cared. What users did care about is "can I add this app to my account?" and other feature requests.


Thanks, that's very interesting to hear.

I wonder if / how the concerns will change for different use cases, e.g KYC.

It may also be a question of educating users about the things they should care about.


Your face is not really a secret, hardly very secure, I'd say.


Lol good luck with a tablet mimicking a user




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: