iBeta Certification Datasets — How to pass on the First Try

August, 2025, by Axon Labs

What iBeta PAD Certification Means

ISO 30107-3 defines how to evaluate liveness detection systems against presentation attacks at the sensor (camera) during acquisition. iBeta operationalizes that standard into two progressive certifications:

iBeta Level 1 certification: resistance to common, readily available 2D presentation attack instruments (PAIs) in cooperative conditions
iBeta Level 2 certification: resistance to more sophisticated or varied PAIs and less predictable capture conditions
iBeta Level 3 certification: resistance to targeted, high-sophistication attacks with custom, hyper-realistic artifacts and curated test environments that give testers more time to engineer optimal attempts; initially available for face PAD under ISO/IEC 30107-3

iBeta PAD Certification Requirements

Level	Typical attacker sophistication	PAI cost limit	Time limit	Test volume	APCER limit	BPCER limit
1	Simple attacks: printed photo, image on a screen	≤ 30 USD	8 h per PAI	6 types × 150 attacks + 50 bona-fide (≈ 900 attempts)	0%	≤ 15%
2	Medium complexity: dynamic video, 3D prints, latex/silicone masks	≤ 300 USD	≤ 24 h per PAI; total 2–4 days per type	5 types × 150 = 750 attacks + 250 bona-fide	≤ 1%	≤ 15%
3	Targeted high-end attacks: custom hyper-realistic masks, controlled scene (lighting, background, motion)	No fixed limit; budget agreed per system	Time and conditions set individually	Parameters defined ad hoc; PASS/FAIL evaluation	≈ 0% (strict PASS/FAIL)	≤ 10%

APCER vs BPCER Definitions

APCER vs BPCER definitions:

APCER (Attack Presentation Classification Error Rate): the proportion of attack presentations incorrectly accepted as genuine
BPCER (Bona Fide Presentation Classification Error Rate): the proportion of genuine (live) presentations incorrectly rejected as attacks

Practical notes:

Lower APCER is critical for fraud prevention; lower BPCER drives user experience.
A single decision threshold must be fixed before testing; changing it mid-test invalidates results
Many teams monitor EER (the point where APCER=BPCER) during R&D, but certification is judged at the fixed operating threshold you declare

What Are the Types of Attacks in iBeta Certification?

Level 1

Attack Name	Comment	Source
Printed photograph	Typical in Level 1 PAD tests; ID R&D explicitly mentions “photo printouts.”	iBeta whitepaper, ID R&D news
Digital photo on screen (smartphone/laptop)	“Mobile device-based photos” were used as PAI on both devices	ID R&D news
Video replay (short videos on smartphone/laptop screen)	Level 1 examples include “short videos displayed on a smartphone or laptop screen”; ID R&D confirms videos shot and displayed on phones and laptops	iBeta whitepaper, ID R&D news
HD challenge/response video	Listed for Level 1 as “high-definition challenge/response videos”	Biometric Update – Veridas Level 2 article
Paper mask	Classified as a “typical PAD Level 1 attack species”	iBeta whitepaper
Cutout mask (with cutouts)	PAI description includes “a cutout or a mask” in their Level 1 testing	ID R&D news

Examples of attacks from real cases

Below is a summary of the test results according to the ISO/IEC 30107-3 (Level 1) standard from the iBeta Quality Assurance laboratory. Five types of attacks (Presentation Attack Instruments, PAI) were used in the tests:

Source: https://www.innovatrics.com/awards/level-1-ibeta-presentation-attack-detection-conformance/

Another company that has passed iBeta shared the results of passing the iBeta Level 1 certification according to ISO/IEC 30107-3, as described in this article. Six types of Presentation Attack Instruments (PAI) participated in the testing:

We have compiled a complete dataset for passing iBeta Level 1. Our clients have already used it to successfully pass certification:

Level 2

Attack Name	Comment	Source
Silicone mask	Listed in “typical PAD Level 2” attacks; Veridas notes “3D masks made of … silicone”	iBeta whitepaper, Biometric Update – Veridas
Latex mask	Explicitly listed as Level 2 example	iBeta whitepaper, Biometric Update – Veridas
Resin mask	Also named in typical Level 2 attack list	iBeta whitepaper, Biometric Update – Veridas
3D animation / 3D animation software	Typical in L2 PAD; 1Kosmos lists “3D animation software” among attack tools	iBeta whitepaper, 1Kosmos press release
3D-printed mask	Listed as one of the attack tools used in L2 evaluation	1Kosmos press release
Contoured mask	Named among the PAIs in their Level 2 test	1Kosmos press release
2.5D felt-printed mask	Specific mask type applied against the 1Kosmos solution in L2 testing	1Kosmos press release
Realistic dolls	Listed for Level 2 as an example of “more sophisticated methods”	Biometric Update – Veridas

Examples of attacks from real cases

The company mentioned above has also successfully passed the iBeta Level 2, as described in this article. Five types of Presentation Attack Instruments (PAI) participated in the testing:

:For iBeta Level 2, we also have a dataset. Based on our experience, there are enough attacks in it to successfully pass certification:

Ensure GDPR-Compliant Face Dataset

To ensure GDPR-compliant face dataset practices across R&D and certification:

Explicit purpose & consent: use signed, revocable consent tailored to training/validation, separate from production KYC consent
Data Protection Impact Assessment: document risks, mitigations, and residual risk acceptance
Retention policy: define and enforce time-bound retention; auto-purge when the purpose ends or consent is withdrawn
Cross-border transfers: if applicable, use approved transfer mechanisms and vendor DPAs
Subject diversity and fairness: monitor performance by demographics to minimize disparate impact

Success stories of our clients

Accelerate Your AI Development Today

Speed up your AI projects with our high-quality, ready-to-use datasets. Enjoy easy integration, fast deployment, and reliable biometric data collection

Get Started with Axon Labs