DEVELOPING AN ENTERPRISE VERIFICATION-AS-A-SERVICE SOLUTION
An enterprise verification-as-a-service (EVaaS) product [Name is under NDA] that enables biometric authentication using face and voice recognition.
KEY FACTS:
Country
USA
Industry
Security, Services
Cooperation period
2017 - 2023
Cooperation type
Dedicated development team of 12 experts
KEY FACTS:
Country
USA
Industry
Security, Services
Cooperation period
2017 - 2023
Cooperation type
Dedicated development team of 12 experts
THE STORY BEHIND
Back in 2007, Verizon revealed in its Data Breach Investigations Report that 80% of hacking-related breaches were due to stolen passwords or weak, easily guessable passwords. At that time, a US-based company began developing an enterprise verification-as-a-service (EVaaS) solution to secure access to sensitive data for various businesses across the USA. They envisioned a cutting-edge, microservice-based single sign-on (SSO) software that harnessed biometric authentication through both face and voice recognition. MobiDev fully managed the process of bringing this product vision to life, ensuring seamless and secure access for the client’s users.
INDUSTRY CHALLENGES
In addition to maintaining stringent standards for protecting users’ sensitive biometric data, our client emphasized the importance of high accuracy and reliability in facial and voice recognition under various conditions. The web-based SSO application needed to perform flawlessly regardless of lighting conditions, face angles, or background noise. Balancing security and convenience was also crucial, as overly complex or intrusive authentication processes could deter users.
HOW WE DELIVERED
1
Completed detailed tech exploration before starting the development
During the consulting stage, the MobiDev team finalized the product vision, functional and non-functional requirements, and created a set of design assets. Alongside detailed business analysis, the dedicated experts performed machine learning research, covering data set reviews, high-level architecture solution suggestions, and ML algorithm recommendations. These results were essential for building the subsequent app development roadmap and confirming a tech stack that would optimally meet the project requirements.
2
Provided the client with ML algorithms research
As the project was in its initial stages, the MobiDev team focused on identifying the most suitable combination of datasets to ensure optimal software performance. Dedicated AI experts collected initial data sets of voice and photo samples as well as evaluated over 10 available solutions to validate US driver’s licenses/passports and choose an OCR module. It was crucial to assess the accuracy of these solutions in real-world scenarios. Ultimately, the team chose Google Vision as the preferred option for integration into the product.
3
Implemented Microservice-Based Architecture and chose WebRTC protocol
After conducting an analysis, the MobiDev team confirmed the adoption of a microservice-based architecture. Each microservice operates as an independent subproject, streamlining writing, maintenance, and enhancement tasks. Furthermore, this architecture grants flexibility in selecting the most suitable solutions and frameworks customized to the specific goals and needs of each microservice. Additionally, WebRTC was selected as a vital component of the tech stack for processing media data on the server, facilitating facial capture and voice recognition functionalities.
4
Implemented enhanced security features
Since the developed software is web-based, it operates not only on smartphones but also on almost any computer with camera and audio capabilities. Unlike mobile apps, this web app cannot use the built-in, expanded functionality of smartphones for identity verification. Therefore, the MobiDev team, in collaboration with the client, developed ways to overcome technical limitations by using a range of supplementary services, such as liveness detection techniques (prompting users to smile, blink, etc.), and incorporated anti-spoofing measures that prevent presentation attacks.
TECHNICAL DETAILS
Backend
Python 3, Django, Django REST Framework, Flask, Celery, OAuth2, Java, PostgreSQL, Redis, CI/CD (Docker, Docker Swarm, Jenkins)
Frontend
JavaScript, React, WebRTC (OpenTok)
Multimedia Processing
MoviePy, ffmpeg
Cloud
Amazon S3
Testing
Manual and automated API testing
3rd party integrations
BarCode readers, Plivo
Data science and Machine Learning
TensorFlow, Keras, dlib, OpenCV, Google Vision
OUTCOMES
Even though the product had enterprise roots, infusing it with a startup spirit was essential for development. The MobiDev team fully engaged in the project, brainstorming innovative ideas and devising practical solutions. Notably, features such as face anti-spoofing, question generation through NLP, and the inclusion of additional voice and photo datasets were all conceived and integrated by the development team. Consequently, the current product operates successfully, fulfilling the demanding needs of the healthcare, insurance, and banking sectors.
