FaceLiveness
Enables you to integrate live facial verification and fingerprint authentication technology into your Android applications, offering a seamless and secure way to authenticate users.
Current Version
FaceLiveness
4.1.0
Requirements
Minimum Android SDK API version:
minSdk 26(Android 8 Oreo)Android SDK API version to compile:
compileSdk 34
To publish your app on the Google Play Store, you must complete a data safety form. Since we integrate with the FingerPrintJS SDK, you'll need to provide the following information:
Does your app collect or share any of the required user data types?
Yes.
What type of data is collected?
Device or other identifiers.
Is this data collected, shared, or both?
Collected.
Is this data processed ephemerally?
Yes.
Why is this user data collected?
Fraud Prevention, Security, and Compliance.
versionName and versionCode are mandatory for the SDK to work correctly.
SDK Dependencies
FaceLiveness leverages the following external SDKs:
iProov Biometrics Android
9.1.2
Fingerprint Pro Android
2.7.0
These dependencies are easily managed through Gradle and are bundled with the SDK for ease of installation.
Runtime permissions
CAMERA
Capturing the selfie in live facial verification policies
Yes
Installation
If your version of Gradle is earlier than 7, add these lines to your build.gradle.
If your version of Gradle is 7 or newer, add these lines to your settings.gradle.
Add support for Java 8 to your build.gradle file. Skip this step if Java 8 is enabled.
Add the SDK version to the dependencies section in your build.gradle file
Instantiating the SDK
First, create an object of type FaceLiveness. This object is for you to configure all your business rules:
Builder method
String mobileToken
Yes
.setStage(CAFStage stage)
Used to redirect the SDK to the desired stage in caf api. The method takes as parameter an enum CafStage to select the environment:
CAFStage.PRODset production environment.CAFStage.BETAset beta environment.
No. The default is CAFStage.PROD
.setFilter(Filter filter)
Used to change the SDK filter, that has the following options:
Filter.NATURALFilter.LINE_DRAWING
No, the default is LINE_DRAWING
.setEnableScreenshots(boolean bool)
Used to enable screenshots during the SDK scan. Disabled by default for security reasons.
No, the default is false
.setLoadingScreen(boolean bool)
Used to enable a default loading progressbar during loading events. You can set your customized loading screen instead, using the onLoading method below.
No, the default is false
.setImageUrlExpirationTime(Time time)
Used to customize the image URL expiration time, that has the following options:
Time.THREE_HOURSTime.THIRTY_DAYS
No, the default is null
.setFaceLivenessBaseUrl(String baseURL)
Used to enable the use of reverse proxy to execute face liveness. If used, the certificates must be set with the setCertificates method.
No, the default is the original IProov URL
.setCertificates(String[] certificates)
Used to set pinned certificates for reverse proxy implementation.
No, the default is an empty list
.setAuthenticationBaseUrl(String baseURL)
Used to enable the use of reverse proxy to execute SDK's authentications.
No, the default is the original Caf's URL
Reverse proxy
In order to implement reverse proxy settings, you must follow these instructions:
FaceLiveness reverse proxy
Set your proxy to communicate with `wss://us.rp.secure.iproov.me/wsΒ΄.
Use the method
.setFaceLivenessBaseUrlto set the URL on which the FaceLiveness must run.The URL's protocol must be WSS.
Use the method
.setCertificatesmethod to set the certificates, which are base64-encoded SHA-256 hash of certificate' Subject Public Key Info.Certificates are needed in order to make Faceliveness reverse proxy work.
Authentication reverse proxy
Set your proxy to communicate with the URL that corresponds the CAFStage you are using:
CAFStage.PROD -> https://api.public.caf.io/v1/sdks/faces/
CAFStage.BETA -> https://api.public.beta.caf.io/v1/sdks/faces/
CAFStage.DEV -> https://api.public.dev.caf.io/v1/sdks/faces/
Use the method
.setAuthenticationBaseUrlto set the URL on which the authorization requests must run.The URL's protocol must be HTTPS.
Consulting a policy
To authenticate a user, use the .startSDK() method. You must enter the personId, your app's Context and a VerifyLivenessListener object.
Parameters
String personId
Identifier of the user who will perform the face liveness verification. It's recommended to use the user's identification document in this field, such as their CPF (Brazilian document ID), but it could be any other value.
Yes
Context context
Your app Context
Yes
VerifyLivenessListener listener
Response Listener
Yes
Example
VerifyLivenessListener options
onSuccess
The execution has ended with success, you have to use the faceLivenessResult and check for the results of the SDK.
onFailure
The execution has ended with failure, you have to use the faceLivenessFailureResult and check for the results of the SDK.
onError
The execution has ended with error, you have to use the sdkFailure and check for the error results of the SDK.
onCancel
The execution has been cancelled by the user.
onLoading
The SDK is loading, you can use this method to set a action in your app, for example a loading.
onLoaded
The SDK is not loading anymore, you can use this method to set a action in your app, for example, you can stop your previous loading.
SDK Results
Success cases
FaceLivenessResult (Class)
String signedResponse
Signed response from the CAF server confirming that the captured selfie has a real face. This parameter is used to get an extra layer of security, checking that the signature of the response is not broken, or caused by request interception. If it is broken, there is a strong indication of request interception.
SignedResponse params
requestId
Request identifier.
isAlive
Validation of a living person, identifies whether the user passed successfully or not.
token
Request token.
userId
User identifier provided for the request.
imageUrl
Temporary link to the image, generated by our API.
personId
User identifier provided for the SDK.
sdkVersion
Sdk version in use.
iat
Token expiration.
The isAlive parameter is VERY IMPORTANT, as it dictates whether the validation process proceeds or halts. When isAlive: true, the user gains passage to continue their journey; conversely, if isAlive: false, the user is deemed invalid and access to further stages of the journey should be denied. This parameter plays a pivotal role in guiding the flow of operations.
Error cases
In the event of execution errors, you will receive an object of type SDKError. This object encompasses an enum containing the errorType, and a description.
SDKError (Class)
String description
Error description.
ErrorType errorType
Return the type of the error.
ErrorType (Enum class)
CAMERA_PERMISSION
Indicates that the device does not have permission to access the camera, either due to user denial or missing app permissions.
NETWORK_EXCEPTION
Indicates a network-related error, such as no internet connection, server timeouts, or network congestion.
SERVER_EXCEPTION
Indicates a server-side error, which may include server misconfigurations, processing failures, or service interruptions.
TOKEN_EXCEPTION
Indicates an issue with the provided authentication token, such as being invalid, expired, or lacking necessary permissions.
UNSUPPORTED_DEVICE
Indicates that the device hardware or software does not meet the minimum requirements for facial recognition.
MULTI_WINDOW_UNSUPPORTED_EXCEPTION
Indicates that the user attempted to use facial recognition in split-screen or multi-screen mode, which is not supported.
CAPTURE_ALREADY_ACTIVE_EXCEPTION
Indicates that a facial recognition capture is already in progress. A new capture cannot start until the current one completes.
CAMERA_EXCEPTION
Indicates an error occurred while acquiring or using the camera, typically when using external camera support.
FACE_DETECTOR_EXCEPTION
Indicates an error occurred with the face detector during the facial recognition process.
UNEXPECTED_ERROR_EXCEPTION
Indicates an unrecoverable error occurred during the facial recognition transaction.
INVALID_OPTIONS_EXCEPTION
Indicates an error occurred when applying the specified options for facial recognition.
CERTIFICATE_EXCEPTION
Indicates that there are no valid certificates for the proxy URL, preventing secure communication.
IMAGE_NOT_FOUND_EXCEPTION
Indicates that the image that has been captured couldnβt be found to be validated.
TOO_MANY_REQUESTS_EXCEPTION
Indicates that the server has received more requests than itβs prepared to handle.
Failure cases
In the event of execution failures, you will receive an object of type SDKFailure. This object encompasses an enum containing the failureType, description and a signedResponse.
FaceLivenessFailureResult (Class)
String signedResponse
Signed response from the CAF server confirming that the captured selfie has a real face. This parameter is used to get an extra layer of security, checking that the signature of the response is not broken, or caused by request interception. If it is broken, there is a strong indication of request interception.
String failureType
In case of a specific failure, return the error type.
String failureMessage
In case of a specific failure, return the instructions to avoid the error.
Failure Types
All failure reasons are exclusively returned in GPA liveness validation flows. In LA (Liveness Assurance) flows, any failure will consistently return the generic UNKNOWN error, regardless of the specific issue encountered.
UNKNOWN
Try again
β
β
TOO_MUCH_MOVEMENT
Keep still
β
β
TOO_BRIGHT
Move somewhere darker
β
β
TOO_DARK
Move somewhere brighter
β
β
MISALIGNED_FACE
Keep your face in the oval
β
β
EYES_CLOSED
Keep your eyes open
β
β
FACE_TOO_FAR
Move your face closer to the screen
β
β
FACE_TOO_CLOSE
Move your face farther from the screen
β
β
SUNGLASSES
Remove sunglasses
β
β
OBSCURED_FACE
Remove any face coverings
β
β
MULTIPLE_FACES
Ensure only one person is visible
β
β
Last updated