A Guide to Liveness Detection Standards for Risk Managers
Liveness detection has become an essential aspect of fighting fraud amidst increasingly sophisticated deepfakes and other AI-powered attacks. But as liveness technology becomes more widely adopted, so does the need for clear, rigorous liveness detection standards that ensure these systems are both effective and trustworthy.
For fraud and risk leaders, understanding certified liveness detection benchmarks is no longer optional. It’s essential for staying compliant, minimizing false positives, and protecting both users and your bottom line.
Why Liveness Detection Standards Matter
Liveness detection determines whether a biometric input (like a face or fingerprint) comes from a real, present person, not a photo, video, mask, or deepfake. This helps stop presentation attacks, one of the most common ways fraudsters spoof identity systems.
However, any liveness detection system businesses put in place should adhere to the various certified industry standards. If they don’t, you risk falling short of KYC/AML regulations, allowing advanced attacks to slip through, creating frustrating false rejections for real users and losing trust.
That’s why adopting technology that adheres to recognized liveness detection standards is critical.
The 5 Most Important Liveness Detection Standards
In the following sections we will go over the leading global standards that define how liveness detection should be implemented, tested, and certified—across financial services, healthcare, government, and other high-risk industries.
Key Standards at a Glance
| Standard / Organization | Focus Area | Details |
| ISO/IEC 30107 Series | Global PAD (Presentation Attack Detection) Benchmark | – 30107-1: Defines PAD terms and concepts- 30107-2: Standardizes PAD data reporting- 30107-3: Describes PAD performance testing |
| NIST (SP 800-63B & FRVT) | U.S. Federal Digital Identity Guidelines | – SP 800-63B mandates liveness for biometric auth- FRVT includes real-world PAD evaluations |
| FIDO Alliance (FIDO2 & UAF) | Open Standards for Passwordless Biometric Authentication | Requires liveness detection in biometric logins for secure digital identity |
| iBeta PAD Testing | Independent Certification of Liveness Detection Systems | – Level 1: Tests basic attacks (photos, videos)- Level 2: Tests advanced attacks (3D masks, deepfakes) |
| Financial Standards (PSD2, PCI DSS) | Regulatory Compliance in Financial Services | – PSD2: Requires biometric liveness for SCA- PCI DSS: Advises anti-spoofing in card-not-present transactions |
Let’s take a closer look at each of these standards and organizations to understand how they shape biometric liveness detection and why they matter for secure identity verification.
1. ISO/IEC 30107 Series: The Global PAD Benchmark
Developed by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), the 30107 family is the de facto global benchmark for liveness detection, especially in biometric authentication. These include:
- ISO/IEC 30107-1:2016
Defines key terms and concepts related to presentation attacks and presentation attack detection (PAD). It lays the foundation for understanding spoofing threats and how to counter them. - ISO/IEC 30107-2:2017
Specifies how to structure and report PAD data, ensuring standardization in how systems communicate and handle attack detection results. - ISO/IEC 30107-3:2017
Describes how to test and evaluate PAD performance, including the metrics and scenarios needed to benchmark a system’s anti-spoofing capabilities.
These standards are crucial for any liveness detection vendor. Microblink’s platform is built with alignment to ISO/IEC 30107 best practices, ensuring that your identity workflows are protected against a wide spectrum of spoofing attacks.
2. NIST Standards: Federal Grade Guidelines
The U.S. National Institute of Standards and Technology (NIST) provides comprehensive guidance on digital identity, including liveness detection for companies doing business in the United states.
The NIST SP 800-63B standard recommends liveness detection as a requirement for biometric authentication, especially for high-assurance identity scenarios like government portals and healthcare systems.
Meanwhile, the agency also offers a Face Recognition Vendor Test (FRVT), which includes PAD evaluations that test real-world biometric systems against spoofing attacks using 2D photos, videos, and 3D masks.
A platform that follows the direction of NIST guidance gives organizations peace of mind that their biometric verification aligns with best-in-class government-grade expectations.
3. FIDO Alliance Standards
The FIDO Alliance, which promotes open standards for passwordless authentication, also provides guidance for biometric security:
The FIDO2 & FIDO UAF (Universal Authentication Framework) protocols support biometric logins and require liveness detection to prevent spoofing when authenticating users in digital ecosystems like banking apps and online portals.
Liveness detection that aligns with FIDO standards ensures your systems are ready for secure online identity verification, especially in fintech and mobile-first environments.
4. iBeta PAD Testing
For vendors, iBeta’s PAD testing has become the gold standard for independent liveness detection certification.This encompasses:
- Level 1 Compliance:
This evaluates resistance to basic attacks like printed photos or video replays on a smartphone screen. - Level 2 Compliance:
Tests against more advanced spoofing methods, such as high-res 3D masks, deepfake video, and injection attacks.
Microblink’s liveness detection technology has been evaluated in accordance with iBeta PAD test protocols, demonstrating its ability to defend against both basic and advanced spoofing threats.
5. Financial Industry Standards: PSD2 & PCI DSS
Biometric authentication is becoming the norm in financial services, but it must comply with strict regulations. These include PSD2 SCA (EU’s Payment Services Directive 2 – Strong Customer Authentication), which requires two-factor authentication for online payments and explicitly calls for biometric liveness detection as part of fraud prevention.
The Payment Card Industry Data Security Standard (PCI DSS) further advises the use of anti-spoofing measures in biometric payment systems to ensure secure card-not-present transactions.
Microblink helps financial services firms meet these compliance demands with robust liveness detection built into its identity platform—supporting faster verification without compromising regulatory alignment.
Microblink: Trusted Liveness Detection Technology Built on Leading Standards
Microblink’s AI-powered identity verification platform is designed from the ground up to meet global liveness detection standards, including:
- Alignment with ISO/IEC 30107-3 PAD testing
- Compatibility with NIST SP 800-63B guidelines
- Support for FIDO2 biometric authentication
- Integration with iBeta-tested liveness models
Whether you’re operating in finance, healthcare, or government, Microblink gives you certified liveness detection alongside powerful ID document scanning, watchlist screening, and fraud prevention tools. All accessible via flexible APIs for fast deployment.
As identity fraud techniques evolve, liveness detection standards are becoming more than just checkboxes—they’re the baseline for secure digital interaction.
Risk professionals shouldn’t have to chase certifications or wonder if their vendor meets evolving expectations. With Microblink, you don’t have to. Our solutions are built to align with global standards, so you can focus on preventing fraud, not parsing compliance docs.
Explore our liveness detection technology today and see how certified security can power a smoother, smarter onboarding experience.
