API Reference

Liveness detection and face matching provide a secure biometric verification process to ensure user authenticity. The system first initiates a liveness session, generating a unique session ID to confirm real-time user presence. Using this session ID, the system then matches the live face against the registered user’s identity, preventing spoofing and enhancing security for digital authentication.

To ensure secure and reliable user verification, the liveness detection and face matching process consists of three key steps: 1️⃣ Start Liveness Detection Session, 2️⃣ Upload Frame, and 3️⃣ Match Liveness Face. These steps work together to authenticate users based on live face recognition and prevent spoofing attempts.

1️⃣ Start Liveness Detection Session:

  1. The client initiates a POST request to the /start-liveness-session/ endpoint.
  2. The backend generates a unique sessionId to track the liveness detection session.
  3. This sessionId is returned in the response and must be used in the next step.

2️⃣ Upload Frame

  1. The client captures a frame (image) from a live camera session.
  2. The client sends a POST request to the /upload-frame/ endpoint.
  3. This request must include the sessionId (generated in Step 1) and the captured frame as multipart/form-data (JPEG/PNG format).
  4. The backend processes the image for liveness detection, ensuring the frame is not spoofed (e.g., printed images or videos).
  5. The uploaded frame is associated with the ongoing liveness session and stored for further verification.

3️⃣ Match Liveness Face:

  1. The client sends a POST request to the /match-liveness-face/ endpoint.
  2. This request must include both the sessionId (from the previous step) and the userId of the registered user.
  3. The backend verifies if the captured live face matches the stored user profile.
  4. Upon successful validation, the API confirms whether the user's identity is authenticated based on the live face match.
    This process ensures that the user is both present and verified, enhancing security against spoofing attempts.