You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/ai-services/computer-vision/liveness-detection-shared-responsibility.md
+5-4Lines changed: 5 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -35,13 +35,13 @@ Azure liveness detection secures the connection in following ways:
35
35
36
36
A sophisticated attacker could alter or tamper with the client application, which could render the liveness result untrustworthy. Use different approaches depending on which platform your application uses:
37
37
38
-
#### [Mobile applications]
38
+
###Mobile applications
39
39
40
40
In both Android and iOS platforms, there are native and third-party solutions to check application integrity, such as [iOS App Attest](https://developer.apple.com/documentation/devicecheck/establishing-your-app-s-integrity), and [Android Play Integrity](https://developer.android.com/google/play/integrity). It's the application developer’s responsibility to incorporate the integrity check feature and respond promptly to potential hacks.
41
41
42
42
Azure liveness detection implements safeguards against untrustworthy runtime environments. The liveness detection SDK provides a digest of its liveness detection service calls, which can be passed to the application integrity APIs.
43
43
44
-
#### [Web applications]
44
+
###Web applications
45
45
46
46
Web applications run in the context of the browsers in which they're loaded. Modern browsers support robust application integrity checks. You are responsible for implementing the integrity checks of the web application that gets deployed to browsers. These responsibilities include, but aren't limited to:
47
47
@@ -63,7 +63,8 @@ In both Android and iOS platforms, application integrity solutions (including th
63
63
- Supply Chain Security for higher security baselines, which can ensure that the device is already managed and all its security policies are enforced from the point of manufacture.
64
64
65
65
These considerations are also applicable to Android and iOS platforms.
66
-
Azure Face API supports [Virtual Networks](/azure/virtual-network/) and [private endpoints](/azure/private-link/).
66
+
67
+
Azure Face API supports Virtual Networks and private endpoints. Refer to the [guide](../cognitive-services-virtual-networks.md).
67
68
68
69
Customer who use a high security baseline can reference a Device Management solution such as [Microsoft Defender for Endpoints](/defender-endpoint/).
69
70
@@ -85,7 +86,7 @@ Facial recognition technology, when used for access authorization, can be a targ
85
86
Azure provides the following mechanisms for monitoring liveness detection sessions:
86
87
- Monitoring traffic across multiple sessions on same correlation ID; respond when suspicious activity is monitored.
87
88
- API support for auditing to download liveness images during the liveness session lifespan.
88
-
- Azure keeps sufficient logs to further prevent repudiation attacks.
89
+
- Azure keeps sufficient logs to further prevent [repudiation attacks](/azure/security/develop/threat-modeling-tool-threats).
0 commit comments