This guide outlines the steps for integrating the Oz Liveness Web SDK into a customer web application for capturing facial videos and subsequently analyzing them on a server.
The SDK implements the ready-to-use face capture user interface that is essential for seamless customer experience and accurate liveness results. Under the hood, it communicates with Oz API.
Oz Liveness Web SDK detects both presentation and injection attacks. An injection attack is an attempt to feed pre-recorded video into the system using a virtual camera.
Finally, while the cloud-based service provides the fully-fledged functionality, we also offer an on-premise version with the same functions but no need for sending any data to our cloud. We recommend starting with the SaaS mode and then reconnecting your web app to the on-premise Web Adapter and Oz API to ensure seamless integration between your front end and back end. With these guidelines in mind, integrating the Oz Liveness Web SDK into your web application can be a simple and straightforward process.
Tell us domain names of the pages from which you are going to call Web SDK and email for admin access, e.g.:
In response, you’ll get URLs and credentials for further integration and usage. When using SaaS API, you get them from us:
For the on-premise Oz API, you need to create a user yourself or ask your team that manages the API. See the guide on user creation via Web Console. Consider the proper user role (CLIENT
in most cases or CLIENT ADMIN
, if you are going to make SDK work with the pre-created folders from other API users). In the end, you need to obtain a similar set of credentials as you would get for the SaaS scenario.
Add the following tags to your HTML code. Use Web Adapter URL received before:
Add the code that opens the plugin and handles the results:
Keep in mind that it is more secure to get your back end responsible for the decision logic. You can find more details including code samples here.
With these steps, you are done with basic integration of Web SDK into your web application. You will be able to access recorded media and analysis results in Web Console via browser or programmatically via API (please find the instructions here: retrieving an MP4 video, getting analysis results).
In the Web Plugin Developer Guide, you can find instructions for common next steps:
Customizing plugin look-and-feel
Adding custom language pack
Tuning plugin behavior
Plugin parameters and callbacks
Security recommendations
Please find a sample for Oz Liveness Web SDK here. To make it work, replace <web-adapter-url>
with the Web Adapter URL you've received from us.
For Angular and React, replace https://web-sdk.sandbox.ohio.ozforensics.com
in index.html.
Domain names from which WebSDK will be called:
www.yourbrand.com
www.yourbrand2.com
Email for admin access:
j.doe@yourcompany.com
Login: j.doe@yourcompany.com
Password: …
API: https://sandbox.ohio.ozforensics.com/
Web Console: https://sandbox.ohio.ozforensics.com
Web Adapter: https://web-sdk.cdn.sandbox.ozforensics.com/your_company_name/
In this section, we listed the guides for the server-based liveness check integrations.
Oz API is a rich Rest API for facial biometry, where you can do liveness checks and face matching. Oz API features are:
Persistence: your media and analysis are stored for future reference unless you explicitly delete it,
Ability to work with videos as well as images,
Asynchronous analyses,
Authentication,
Roles and access management.
The unit of work in Oz API is a folder: you can upload interrelated media to a folder, run analyses on them, and check for the aggregated result.
This step-by-step guide describes how to perform a liveness check on a facial image or video that you already have with Oz backend: create a folder, upload your media to this folder, initiate liveness check and poll for the results.
For better accuracy and user experience, we recommend that you use our Web and/or Native SDK on your front end for face capturing. Please refer to the relevant guides:
Before you begin, make sure you have Oz API credentials. When using SaaS API, you get them from us:
For the on-premise Oz API, you need to create a user yourself or ask your team that manages the API. See the guide on user creation via Web Console. Consider the proper user role (CLIENT
in most cases or CLIENT ADMIN
, if you are going to make SDK work with the pre-created folders from other API users). In the end, you need to obtain a similar set of credentials as you would get for the SaaS scenario.
You can explore all API methods with Oz Postman collection.
For security reasons, we recommend obtaining the access token instead of using the credentials. Call POST /api/authorize/auth with your login and password in the request body.
Get the access_token from the response and add it to the X-Forensic-Access-Token of all subsequence requests.
This step is not needed for API 5.0.0 and above.
With API 4.0.8 and below, Oz API requires video or archived sequence of images in order to perform liveness check. If you want to analyze a single image, you need to transform it into a ZIP archive. Oz API will treat this archive as a video.
Make sure that you use corresponding video-related tags later on.
To create a folder and upload your media into it, call POST /api/folders/ method, adding the media you need to the body part of the request.
In the payload field, set the appropriate tags:
The successful response will return code 201 and the folder_id
you’ll need later on.
To launch the analysis, call POST /api/folders/{{folder_id}}/analyses/ with the folder_id from the previous step. In the request body, specify the liveness check to be launched.
The results will be available in a short while. The method will return analyse_id that you’ll need at the next step.
Repeat calling GET /api/analyses/{{analyse_id}} with the analyse_id
from the previous step once a second until the state changes from PROCESSING
to something else. For a finished analysis:
get the qualitative result from resolution (SUCCESS
or DECLINED
).
get the quantitative results from results_media[0].results_data.confidence_spoofing
. confidence_spoofing
ranges from 0.0 (real person) to 1.0 (spoofing).
Here is the Postman collection for this guide.
With these steps completed, you are done with Liveness check via Oz API. You will be able to access your media and analysis results in Web UI via browser or programmatically via API.
Oz API methods can be combined with great flexibility. Explore Oz API using the API Developer Guide.
This guide outlines the steps for integrating the Oz Liveness Mobile SDK into a customer mobile application for capturing facial videos and subsequently analyzing them on the server.
The SDK implements a ready-to-use face capture user interface that is essential for seamless customer experience and accurate liveness results. The SDK methods for liveness analysis communicate with Oz API under the hood.
Before you begin, make sure you have Oz API credentials. When using SaaS API, you get them from us:
For the on-premise Oz API, you need to create a user yourself or ask your team that manages the API. See the guide on user creation via Web Console. Consider the proper user role (CLIENT
in most cases or CLIENT ADMIN
, if you are going to make SDK work with the pre-created folders from other API users). In the end, you need to obtain a similar set of credentials as you would get for the SaaS scenario.
We also recommend that you use our logging service called telemetry, as it helps a lot in investigating attacks' details. For Oz API users, the service is enabled by default. For on-premise installations, we'll provide you with credentials.
Oz Liveness Mobile SDK requires a license. License is bound to the bundle_id of your application, e.g., com.yourcompany.yourapp
. Issue the 1-month trial license on our website or email us for a long-term license.
In the build.gradle of your project, add:
In the build.gradle of the module, add:
Rename the license file to forensics.license and place it into the project's res/raw folder.
Use API credentials (login, password, and API URL) that you’ve got from us.
In production, instead of hard-coding login and password in the application, it is recommended to get access token on your backend with API auth method then pass it to your application:
To start recording, use startActivityForResult:
To obtain the captured video, use onActivityResult
:
The sdkMediaResult
object contains the captured videos.
To run the analyses, execute the code below. Mind that mediaList
is an array of objects that were captured (sdkMediaResult
) or otherwise created (media you captured on your own).
Install OZLivenessSDK via CocoaPods. To integrate OZLivenessSDK into an Xcode project, add to Podfile:
Rename the license file to forensics.license and put it into the project.
Use API credentials (login, password, and API URL) that you’ve got from us.
In production, instead of hard-coding the login and password in the application, it is recommended to get an access token on your back end using the API auth method, then pass it to your application:
Create a controller that will capture videos as follows:
The delegate object must implement OZLivenessDelegate protocol:
Use AnalysisRequestBuilder to initiate the Liveness analysis. The communication with Oz API is under the hood of the run method.
With these steps, you are done with basic integration of Mobile SDKs. You will be able to access recorded media and analysis results in Web Console via browser or programmatically via API.
In developer guides, you can also find instructions for customizing the SDK look-and-feel and access the full list of our Mobile SDK methods. Check out the table below:
Login: j.doe@yourcompany.com
Password: …
API: https://sandbox.ohio.ozforensics.com
Web Console: https://sandbox.ohio.ozforensics.com
Login: j.doe@yourcompany.com
Password: …
API: https://sandbox.ohio.ozforensics.com
Web Console: https://sandbox.ohio.ozforensics.com
Android sample app source codes
iOS sample app source codes
Android OzLiveness SDK Developer Guide
iOS OzLiveness SDK Developer Guide
Demo app in PlayMarket
Demo app in TestFlight