Liveness, photo-of-a-photo, and screen-recapture fraud
Updated May 2026 · 6 min read
One of the oldest tricks in remote identity verification is presenting a picture of a picture. Instead of a live person, a fraudster holds up a printed photo, or points the camera at someone else’s image on a screen, to try to pass a face check. This guide explains the risk plainly and is honest about what current checks can and cannot do.
We would rather be measured than oversell. There is no magic switch that catches every fake, so the practical answer combines automated checks with a human reviewer for the uncertain cases.
The photo-of-a-photo problem
A face match compares a selfie with a document photo. On its own, it does not know whether the selfie came from a live person or from a photo of a photo. Two common attempts:
- Printed photo. Holding a printout of someone else’s face up to the camera.
- Screen recapture. Pointing the camera at a phone or monitor showing another person’s image or a previously captured selfie.
If a system only asks "does this face match the document?", a good enough fake can slip through. The face might match — because it is a real photo of the right person — while the capture is not live at all.
What capture-quality and recapture checks can flag
There are honest signals that a capture is not a live, direct photo. A printed or on-screen image often differs from a genuine one in ways software can notice:
- Capture quality. Blur, poor framing, glare, and low resolution are flagged, because they make any check less reliable and are common in recaptures.
- Screen-recapture signs. A photo of a screen can carry tell-tale traces — moiré patterns, screen glare, the edge of a device, or texture that looks flat rather than like skin.
These checks raise a flag when something looks off. They shift the odds and surface suspicious captures, rather than delivering a guaranteed verdict.
Being honest about the limits
We want to be clear about what these checks are not. They are quality and texture-based signals plus screen-recapture flagging. They are not a certified or active liveness system — we do not ask the person to blink, turn their head, or follow a moving prompt, and we do not claim to detect every spoof.
That honesty matters for two reasons. Overstating detection leads teams to trust a green tick they should not, and a determined fraudster with a high-quality setup can still try to defeat texture-only checks. Treat these signals as one input, not the whole defence.
Why a human reviewer is part of the design
Because the automated signals are not certain, uncertain cases should not be auto-approved. The sensible pattern is:
- Clean, high-quality captures with a good match can proceed under your policy.
- Flagged or borderline captures — possible recapture, poor quality, or an uncertain match — are routed to a human reviewer instead of being passed or failed automatically.
A reviewer looking at the actual images, with the flags and the reasons in front of them, catches things the automated checks are unsure about. The human is not a fallback bolted on at the end; they are how the uncertain middle is meant to be handled.
Where MiProof fits
MiProof runs capture-quality checks and flags likely screen recaptures, and it keeps the source images so a reviewer can judge for themselves. Uncertain cases are sent for human review rather than waved through. We do not market this as certified liveness detection, because that is not what it is. The aim is to raise the cost of a photo-of-a-photo attempt and make sure a person, not just an algorithm, looks at the doubtful cases.
Common questions
Does MiProof have certified liveness detection?
No, and we will not claim it does. What runs today is capture-quality checking and screen-recapture flagging, with uncertain cases routed to a human reviewer. It is not active or certified liveness.
Can these checks catch every fake selfie?
No. They flag many printed and on-screen recaptures and shift the odds, but a high-quality spoof can still try to get through, which is exactly why borderline cases go to a reviewer.
What happens to a flagged capture?
Rather than an automatic pass or fail, it is routed to a human reviewer who can see the images and the flags and make the call.
Want to see these checks on your own documents? Try a live demo or book a free process review and we will map them to your KYC tiers.