FACE_LIVENESS_MIN - ID Verification - Alibaba Cloud Documentation Center

Passive liveness detection (FaceLiveness) is a service that determines whether a pre-captured facial image, submitted to an API operation, is a real face. The algorithm primarily detects basic presentation attacks, such as screen replays and printed photos. This service is suitable for low-risk business scenarios or for use with an offline facial recognition software development kit (SDK). If your business requires a high level of security for identity verification, integrate the App or Web SDK.

API description

API operation name: FaceLiveness
Request method: HTTPS POST
Description: Performs liveness detection on a facial image.
This API is subject to an exclusive queries per second (QPS) limit. For more information, see ID Verification server-side API QPS limits.
Endpoint:
Note
An internal network is a private communication network for Alibaba Cloud products within the same region. If your application server is deployed in an Alibaba Cloud region, you can use the VPC endpoint to access the ID Verification service for a more secure and stable network connection.
China (Hong Kong)
- Public endpoint: cloudauth-intl.cn-hongkong.aliyuncs.com
- VPC endpoint: cloudauth-intl-vpc.cn-hongkong.aliyuncs.com

Online testing and integration

Note

Before you debug and integrate, read Use OpenAPI Explorer to debug and integrate server-side API operations. This document explains how to call API operations on the OpenAPI platform and how to obtain the SDK and its sample code.

You can run this operation in OpenAPI Explorer to test it and generate SDK sample code.

Image format requirements

Image format: JPG, JPEG, or PNG.
Image size: Recommended 50 KB to 100 KB, maximum 1 MB.
Image resolution: The resolution must be between 640 × 480 pixels (height × width) and 1920 × 1080 pixels. We recommend scaling the short side to 720 pixels with a compression ratio greater than 0.9. The photo height must be greater than the width. An image with a width greater than its height may affect detection results.
Note
When you pass parameters in base64 format, ensure that the original image size does not exceed 0.6 MB to stay within the 1 MB data transmission limit.
Image quality recommendations:
- The face must be complete, clear, and unobstructed. The subject must be facing the camera directly. We recommend using images captured by the front-facing camera.
- The face should occupy more than 60% of the image area. A smaller face reduces the detection accuracy.
- If an image contains multiple faces, the algorithm crops the largest face by default. We recommend that you avoid using images with multiple faces.

Request parameters

You can specify the image using one of the following parameters.

FacePictureBase64
FacePictureUrl

Name	Type	Required	Description	Example
ProductCode	String	Yes	The product solution to use. Set the value to FACE_LIVENESS_MIN to use the passive liveness detection API.	FACE_LIVENESS_MIN
SceneCode	String	No	A custom authentication scenario ID. You can use this ID to query related records in the console. The ID can be up to 10 characters in length and can contain letters, digits, and underscores (_).	1234567890
MerchantBizId	String	Yes	A custom unique business identifier. You can use this identifier to track and troubleshoot issues. The identifier can be up to 32 characters in length and can contain letters and digits. Make sure the identifier is unique. Note Alibaba Cloud servers do not check the uniqueness of this value. For better tracking, ensure this value is unique.	e0c34a77f5ac40a5aa5e6ed20c35****
MerchantUserId	String	Yes	A custom user ID or another identifier for a specific user, such as a mobile number or email address. For security, desensitize this value in advance, for example, by hashing it.	123456789
FacePictureBase64	String	Yes	The Base64-encoded image. If you use this parameter to pass the facial image, check the image size. Do not pass an oversized image.	base64
FacePictureUrl	String	Yes	The URL of the portrait image. The URL must be an HTTP or HTTPS link accessible over the Internet.	https://***
FaceQuality	String	No	Specifies whether to return the facial image quality score. The default value is F. T: Return. F: does not return the score.	F
Crop	String	No	Specifies whether to allow cropping of the facial image. The default value is F. T: Allow F: Forbidden	F
Occlusion	String	No	Specifies whether to enable occlusion detection. The default value is F. T: On. F: Disabled	F

Response parameters

Name		Type	Description	Example
HTTP Status Code		Integer	The HTTP status code.	200
HTTP Body	RequestId	String	The request ID.	130A2C10-B9EE-4D84-88E3-5384FF0****
	Result.TransactionId	String	The unique ID for the entire authentication process.	hksb7ba1b28130d24e015d694361****
	Code	String	The response code.	Success
	Message	String	A detailed description of the response code.	Success
	Result.Passed	String	The authentication result. Valid values: Y: The authentication is passed. N: The authentication is not passed.	Y
	Result.SubCode	String	The code that corresponds to the verification result. For more information, see ResultObject.SubCode error codes.	200
	Result.ExtFaceInfo	String	The results of the passive liveness detection. The value is in the JSON format. For more information, see ExtFaceInfo.	`{ "faceAttack": "N", "faceQualityScore": 88.62, "faceOcclusionResult": "N" }`

Response codes

HTTP status code	Code	Message
200	Success	Request successful.
400	MissingParameter	Parameter cannot be empty.
400	InvalidParameter	Invalid parameter.
401	UnqualifiedPhoto	The uploaded image is unreadable or the image resolution does not meet requirements. We recommend changing the image. Ensure the photo is clear, has normal exposure, is complete without occlusion, and has no significant angle deviation.
	DataDuplication	Both Base64-encoded image and URL image address are provided. Choose only one of these parameters.
	ToolargeImage	The image size is too large. We recommend compressing the image or changing the upload method.
	DownloadTimeout	URL image download timeout.
	NoFaceDetected	No face detected in the uploaded image.
403	Forbidden.RAMUserAccessDenied	You need to grant the RAM user the AliyunAntCloudAuthFullAccess permission. For more information, see Authorize RAM users to access the service.
	Forbidden.AccountAccessDenied	Ensure that you have activated ID verification and your account has no overdue payment.
	Throttling.Api	API request is blocked due to throttling.
500	InternalError	Internal system error. Provide feedback to engineers for troubleshooting.

ResultObject.SubCode error codes

Error code	Billed	Description and suggestion
200	Yes	Authentication passed.
205	Yes	Liveness detection has inherent risks.

ExtFaceInfo

Name	Type	Description	Example
faceQualityScore	Double	Optional. The quality score of the live face. The value ranges from 0 to 100.	88.62
occlusionResult	String	Optional. Indicates whether the face is occluded. Y means the face is occluded. N means the face is not occluded.	N
faceAttack	String	Indicates whether a presentation attack was detected on the captured face. Y means an attack was detected. N means no attack was detected.	N
faceAge	String	The predicted age of the person in the image. The prediction may fail, resulting in an empty value.	30
faceGender	String	The predicted gender of the person in the image. The prediction may fail, resulting in an empty value. M: Male F: Female	M