• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# Face Authentication
2
3
4
5## Introduction
6
7Face authentication (faceauth) supports recording, deletion, and authentication of user faces.
8
9faceauth is a biometric authentication executor supported by OpenHarmony. It registers face authentication resource information with the collaborative authentication framework based on the resource registration interface defined by collaborative authentication, and invokes camera functions according to the scheduling of the collaborative authentication framework to record, delete, and authenticate user faces.
10
11**Figure 1** Face authentication architecture
12
13![](figures/faceauth_architecture.png)
14
15Facial data is important biometric information of users. The following security measures are taken to protect the facial data during the authentication process:
16
17- Permission management: High access permissions are defined for face recording and deletion APIs, which can be invoked only by setter applications.
18- Secure storage and comparison of facial data: The faceauth HDI defines the adaptation interfaces for device vendors. Device vendors can implement secure facial data comparison and storage in a trusted execution environment (TEE). <sup>Note 1</sup>
19
20Note 1: The OpenHarmony open-source framework provides stub implementation of face authentication for developers to demo the face authentication function. The stub software implementation does not include secure storage and comparison of facial data in a TEE.
21
22## Directory Structure
23
24```
25//base/useriam/face_auth
26├── bundle.json              # Module description file
27├── figures                  # Figures used in the README
28├── sa_profile               # Service ability profile
29├── services                 # Service implementation
30└── ui                       # User interface for face recording
31```
32
33## Usage
34
35* To adapt to the face authentication function, device vendors must implement the interface defined in the IDL file **//drivers/interface/faceauth** file, **//drivers/peripheral/faceauth** provides interface the stub implementation for development reference.
36* The extraction, comparison, storage, and recording of facial data must be implemented in a secure environment (TEE/secure chipset) to ensure the highest security level in the system.
37
38## Repositories Involved
39
40[useriam_user_auth_framework](https://gitee.com/openharmony/useriam_user_auth_framework)
41
42[useriam_pin_auth](https://gitee.com/openharmony/useriam_pin_auth)
43
44**[useriam_face_auth](https://gitee.com/openharmony/useriam_face_auth)**
45
46[drivers_interface](https://gitee.com/openharmony/drivers_interface)
47
48[drivers_peripheral](https://gitee.com/openharmony/drivers_peripheral)
49