Skip to main content

Overview

Introduction

MegaMatcher ID product family consists of two products - SDK and the Web Service. This document is designed to overview the MegaMatcher ID Web Service. In order to review the SDK, please refer to other documentation in Neurotechnology website.

MegaMatcher ID Web Service

MegaMatcher ID Web Service enables template extraction, verification and/or liveness detection without installing any additional software to the clients computer. All biometric operation are performed on remote software deployed on customers premises. All operations are performed on an image stream that is passed directly from the client via WebRTC channel.

Currently the product samples promote use cases where the client communicates to the MegaMatcher ID server through web browser, although native applications are possible. For these cases, please refer how to set up Janus/WebRTC connection natively on third party resources.

What's New

Version 2024.2

2025-02-28 release

  • Introduced database synchronization and high availability. Details can be found here.
  • Added two new ICAO warnings: Image Resolution which favours frames with higher resolution and Head Movement which prevents blurry images.
  • Added DisallowMultipleFaces parameter to to control capture failure when multiple faces are detected.
  • Expanded StrictQualityImageSize and StrictQualityTimeout properties to apply to all operations, not only when passive livenes is used.
  • Introduced a new Resolution Insufficient status.
  • ICAO positional warnings are now always returned, even if ICAO is disabled.
  • Significantly increased face tracking efficiency, accuracy, and functionality.
  • Significantly improved face detection accuracy while offering much better performance with rotated images.
  • Various other minor fixes and optimizations.

Version 2024.1

2024-11-05 release

  • Fixed database migration from FaceVerification to MegaMatcher ID.

2024-09-09 release

  • Updated version naming convention.
  • FaceVerification renamed to MegaMatcher ID.
  • Added support for voice modality.
  • Completely redesigned UI for the Demo and Management web pages, now offering an intuitive way to adjust parameters with clear guidelines. The Management page also features a new "Janus" tab listing active sessions with detailed information, and an "Exceptions" tab providing insights into minor errors.
  • Minimal API changes to facilitate multiple modalities. Details can be found here.
  • Various other small fixes and quality of life improvements.

Version 13.3

2024-03-13 release

  • Major stability update.
  • Numerous minor bug fixes.

2024-01-18 release

Version 13.2

2023-10-16 release

  • Resolved a minor frame selection issue during liveness checks and introduced a new time and extraction logic. The updated algorithm now ensures the final image has open eyes and meets quality standards.
  • Incorporated a new timeout parameter in mmid-ctl, with a default setting of 90 seconds, to efficiently manage service timeouts and avoid orphaned sessions.
  • keep-images now has 3 options (always/never/temporary(new default)) instead of 2 (true/false).
  • Added a Single Image LIT enabling execution of ICAO and/or Liveness checks on a single image.
  • Added ICAO+Liveness check support to the ImportImage operation.
  • Added background removal of ICAO token image with the possibility to change the color of the removed background.
  • Added TokenFaceBackgroundPercentage parameter, which regulates the ratio of the face to the token image.
  • Added a new function, which allows to conveniently convert templates to QR images.
  • Added support for GPU stream decoding.
  • Changed the default value of FramesToSkip from 20 to 100 for a better user experience.
  • Fixed a bug where Check Liveness operation would not allow to capture ICAO without Liveness also enabled.
  • Fixed a bug where MatchingThreshold parameter would be ignored.
  • Numerous other small fixes and quality of life improvements.

Version 13.1

2023-06-23 release

2023-06-09 release

  • Introduced new ICAO warnings accompanied by corresponding threshold properties (Occlusion, Resolution, MotionBlur, CompressionArtifacts, Overexposure, Underexposure, Glasses, Hat).
  • Added IcaoWarningsFilter property, allowing users to selectively ignore warnings without thresholds, such as positional warnings.
  • Enabled GPU support for biometric operations (note that stream decoding still utilizes the CPU). Further details can be found in the Configuring GPU usage section.
  • Added age estimation.
  • Average liveness score is now returned in the final result.
  • Check Liveness operation can now be used with only ICAO check enabled.
  • Lowered default ICAO threshold values.
  • Added support for version 2 licensing dongles, which are more robust and resilient.
  • Implemented numerous minor bug fixes and quality of life updates to enhance overall performance and user experience.

Version 13.0

2023-02-02 release

  • Updated iBeta certified liveness algorithm.
  • Liveness oval drawing in web sample.
  • Janus will first try to use VP9.
  • Show token images in web preview after capture.
  • PassiveLivenessSensitivityThreshold and PassiveLivenessQualityThreshold properties.
  • StrictQualityImageSize and StrictQualityTimeout properties.
  • MoveBack liveness action.
  • Free ReextractTemplate and ReextractTemplateFromImage operations.
  • New statuses (MotionBlur, CompressionArtifacts, TooFar, TooClose).
  • Internally reworked ICAO warnings.
  • Removed Upper limit for Matching Threshold.
  • Numerous minor bug fixes.

Overview

MegaMatcher ID Web Service comes as a set of docker containers that are responsible for biometric data management and capturing from the client side.

The product consists of a database where captured biometric data is stored, management service for additional product configuration, biometric extraction service and Janus server that is responsible for retrieving video stream from the client side.

Client communicates with the product through mmid-web-server and mmid-management-web services.

mmid-web-server acts as a 'getting started' application which sources are provided as part of the product. Customer should explore the sources and use that to integrate MegaMatcher ID Web Service to its own product pipeline.

Services

Communication between services.

Web server

Provides a web interface for all remote biometric operations like template creation or verification. This is an entry point for the customer to enroll him to the database or validate its identity. This service comes also as a sample, so the product integrator can integrate the MegaMatcher ID server to its own pipeline.

Management web

Provides a web interface for managing enrolled subjects in the database or reviewing failed enrolls, managing licenses and operation parameters. This is an entry point for the system administrator who wants to change the system settings or manage enrolled users.

MMID Management

This service is the back end logic for managing MegaMatcher ID requests that come through Web or Management web services. The Management service is responsible for orchestrating operation workflow such as registering new operation requests, forwarding them to Janus service, opening or closing connections, and later on saving enrolled subject data to the database or returning the data on separate request.

MMID Janus

This service is responsible for capturing video stream from the client web browser through WebRTC channel. It acts as a middleware between users web camera and the Biostream service.

For more information about Janus server please refer to general Janus documentation.

MMID Biostream server

This service is responsible for decoding client's video stream and processing biometric operations. Biostream server internally uses the Neurotechnology VeriLook algorithm.

MMID Data service

Provides an interface for communicating with the database.

MMID DB

Database where biometric and other enrollment data is saved. Also, it is used for storing settings defined in the management service.

Getting started

After installing and starting the services it is possible to start enrolling or verifying users through the Web server port. The default port is 40005, therefore it can be accessed though the web browser on http://<server_ip>:40005. Note: the 40005 port can be changed during configuration, and if was - please change the link accordingly.

Enabling WebRTC on Chrome

If non localhost ip will be used to access the web server, browser will bring up a message that "WebRTC is not supported". This is due to WebRTC restrictions for untrusted sources. For application development purposes we recommend using the Chrome browser and disabling the restriction on specific ip. For production level application, https configuration should be used with a valid ssl certificate. For this, please see Enable SSL and Development with debug SSL certificate sections.

To disable WebRTC restriction on specific ip on Chrome browser please follow these instructions:

  1. Go to chrome://flags as an url
  2. Search for "Insecure origins treated as secure" setting
  3. Enable the setting and add you web server link (http://<server_ip>:40005) to the text box
  4. Save and restart the browser

Web component

After visiting your Web server address, you will be asked to allow the browser to access the camera. You should hit Allow otherwise the application will not work, as it will net get any images from the camera. If successful, you should be able to see your camera feed. You may click Enroll, enter your name and proceed enrolling to the database.

Please refer to web component documentation for more details

Management web component

Management interface can be accessed through 40004 port, therefore the url would be http://<server_ip>:40004. Please note, that Management web port can be changed during the server configuration or installation. The url should be changed accordingly.

The default user credentials are admin as username, and admin as password. After first login you should see Settings menu. Navigate to the Subjects menu to see the user enrolled during the first enroll.

Please refer to Management web component documentation for more details

Advanced configurations

Janus

Janus service configurations are located in /opt/megamatcherid/megamatcherid-server/mmid-janus under janus.jcfg and janus.transport.http.jcfg configuration files. Janus is configured by default to work in local network and might not work in production environments when access to the server is restricted by a firewall or private ip. Depending on the configuration, Janus might need to be configured to use STUN server or NAT related settings enabled.

To have Janus working efficiently in public networks janus.jcfg will need to be updated with the following settings:

nat: {
	stun_server = "stun.voip.eutelia.it"
	stun_port = 3478
	# In case you're deploying Janus on a server which is configured with
	# a 1:1 NAT (e.g., Amazon EC2), you might want to also specify the public
	# address of the machine using the setting below. This will result in
	# all host candidates (which normally have a private IP address) to
	# be rewritten with the public address provided in the settings. As
	# such, use the option with caution and only if you know what you're doing.
	# If you'd rather keep the private IP address in place, rather than
	# replacing it (and so have both of them as advertised candidates),
	# then set the 'keep_private_host' property to true.
	# Multiple public IP addresses can be specified as a comma separated list
	# if the Janus is deployed in a DMZ between two 1-1 NAT for internal and
	# external users.
	nat_1_1_mapping = "1.2.3.4"
	keep_private_host = true
}

For advanced Janus configuration and full available parameters please refer to janus.jcfg and janus.transport.http.jcfg.

Development

MegaMatcher ID Web Service provides a single view web sample to get familiar with product workflows and user application development located in Samples\MegaMatcherIdWebClientSample.

More documentation on developing applications can be found in Development section.