YouLive API

Welcome to YouLive API, part of the Youverse Services suite.

The YouLive API provides generic facial liveness detection — verifying whether a presented face image or video originates from a real, live person rather than a spoof (e.g., a photo, screen replay, or deepfake).

This API is designed to be easily integrated into onboarding, KYC, and authentication workflows, helping ensure that biometric verifications are performed only on live individuals.

iBeta Compliance

YouLive has successfully passed iBeta Presentation Attack Detection (PAD) testing in accordance with ISO/IEC 30107-3 standards.
This certification confirms that the system meets internationally recognized criteria for detecting and preventing biometric spoofing attacks.
The evaluation, conducted by iBeta Quality Assurance, validated YouLive’s ability to reliably distinguish between live users and various types of presentation attacks — including printed photos, digital displays, and mask-based attempts.
Achieving iBeta compliance demonstrates Youverse’s commitment to industry-grade security, regulatory trustworthiness, and continuous validation of its biometric technologies.

ISO Level 1 ISO Level 2

YouLive supports two levels of liveness assurance:

  • ISO/IEC 30107-3 Level 1
    Detects simple presentation attacks such as printed photos or digital replays. Ideal for rapid, low-latency use cases where user experience is highly prioritized.

  • ISO/IEC 30107-3 Level 2 (Advanced Liveness)
    Adds robustness against sophisticated attacks including 3D masks, deepfake videos, and face injections. This level uses multi-frame temporal analysis and micro-movement cues for higher accuracy.

Both modes are accessible via the same endpoint, with the level defined in the request payload.

Key Benefits

Enhanced Security

YouLive applies advanced anti-spoofing algorithms to detect both simple and complex presentation attacks, including printed photos, screen replays, and 3D masks.
This ensures that biometric authentication is performed only on genuine, live users.

Frictionless User Experience

The API is optimized for speed and simplicity — a single selfie or short video is enough to complete the liveness check.
Users experience near-instant feedback, allowing seamless integration into mobile apps and web onboarding flows.

Scalable and Flexible Integration

YouLive can be deployed in various environments — cloud, hybrid, or on-premise — and easily integrates with existing identity systems, KYC platforms, or custom verification pipelines through simple REST endpoints.

Privacy and Compliance Ready

All processing is compliant with GDPR and aligned with ISO 27001 and ISO 42001 principles for AI governance.
YouLive performs liveness detection without retaining identifiable biometric data beyond the verification session, ensuring privacy by design.

Continuous Evolution

As part of the Youverse verification ecosystem, YouLive continuously evolves with new model versions, threat intelligence updates, and adaptive anti-spoofing mechanisms.
This ensures long-term resilience against emerging attack vectors and evolving compliance standards.

Use Cases

Banking & Fintech

YouLive enhances digital onboarding, loan approval, and account recovery processes by ensuring that users are physically present and not using spoofed or replayed images.

It helps prevent identity theft and synthetic fraud, enabling financial institutions to meet regulatory requirements for strong biometric authentication.

Gaming & eSports

In gaming environments, YouLive can be used to verify player identity, enforce age restrictions, and detect multi-account abuse.

It supports fair play in identity-based tournaments and helps build a trusted environment for both competitive and social gaming.

Telecommunications

Telecom providers can integrate YouLive to secure SIM registration, mobile account creation, and number portability workflows.

By ensuring that each face verification corresponds to a live individual, operators reduce the risk of fraudulent activations and account takeovers.

E-commerce & Marketplace Platforms

YouLive strengthens trust and safety by verifying the authenticity of users during high-value transactions, account creation, or delivery handovers.

It protects both merchants and customers against impersonation and fraudulent claims.

Mobility & On-demand Services

In ride-sharing, delivery, and other gig-economy platforms, YouLive ensures that the person providing or receiving a service matches the verified user profile.

This prevents impersonation, builds user trust, and ensures regulatory compliance in identity-sensitive contexts.

Government & Identity Programs

YouLive can be integrated into eID, digital passport, and citizen verification systems to guarantee that each biometric submission comes from a real person.

It supports both online and kiosk-based identity verification while maintaining compliance with privacy and data protection standards.

Endpoints

Liveness

Endpoint to perform facial liveness estimation. It accepts an image in Base64 format and a configuration set, returning a confidence score, status, and confidence level.

POST | {base_url}/liveness
Copy

Accepts: Process request

Success

Status Meaning Schema
200 OK Process response

Error responses

Status Meaning Schema
400 Bad Request Error response
401 Unauthorized Error response
403 Forbidden Forbidden response
405 Method Not Allowed Error response
409 Conflict Error response
500 Internal Server Error Error response

Schemas

Process request

Request processing of an image in base64 and the liveness configurations.

{
    "image": "string",
    "configuration": [configA, configB]
}
Copy

Properties

Name Type Required Restrictions Description
image string True BMP, PNG or JPG Base 64 image
configuration array False None Array of extensible configurations.

Process request config

Extensible configurations for biometric processing.

{
    "name": "string",
    "value": "string"
}
Copy

Properties

Property Value Description
name string Configuration name.
value string Configuration value.

Enumerable types

Property Value Description
name "liveness_method" Enables to select between different methods.
value "faster" Lightweight liveness method. Ideal for applications in which UX is prioritized. Equivalent to ISO/IEC 30107-3 Level 1 security.
value "merged" ISO/IEC 30107-3 Level 2 security models. More security, requires higher quality images.
name "selection_criteria" If multiple faces present you are required to select a criteria to analyze tha single face.
value "CLOSEST_TO_CAMERA" Selects the face that appears physically closest to the camera (largest bounding box). Ideal for single-user interactions.
value "CLOSEST_TO_CENTER" Selects the face nearest to the center of the frame, reducing off-angle detections. Recommended for multi-face images where the target is centered.
value "HIGHEST_CONFIDENCE" Selects the face with the highest detection confidence, ensuring the best-quality facial data when multiple faces are present.

Process Response

Processed image results. Each element of the array corresponds to a different face detected.

{
    "score": float,
    "status": string,
    "confidence_level": string
}
Copy

Properties

Property Value Description
score float Liveness confidence value
status string image analysis status.
confidence_level string Face center coordinate y.

Enumerable types

Property Value Description
status "VALID_IMAGE" Face successfully detected and image suitable for analysis.
status "SHARPNESS_ERROR" Image too blurred or lacking sufficient detail for reliable detection.
status "ILLUMINATION_ERROR" Lighting conditions inadequate (too dark, too bright, or uneven).
status "FACE_TOO_FAR" Detected face is too small or distant from the camera.
status "FACE_TOO_CLOSE" Face occupies too much of the frame and exceeds optimal bounds.
status "FACE_CLOSE_TO_BORDER" Face too close to image edge, risking partial crop or cutoff.
status "FACE_WITHOUT_PADDING" Face lacks sufficient background space around it for proper analysis.
status "FACE_CROPPED" Face is partially cut off or incomplete in the provided image.
status "FACE_OCCLUDED" Face partially covered (mask, hand, hair, or other obstruction).
status "FACE_ANGLE_TOO_LARGE" Head pose angle too extreme (yaw, pitch, or roll) for accurate analysis.
status "MULTIPLE_FACES" More than one face detected in the input image or frame.
status "INCONSISTENT_DETECTION" Detected face positions vary significantly across frames.
status "UNKNOWN" An unspecified or unexpected condition occurred during analysis.
confidence_level "Disabled" Confidence scoring is disabled for this operation or analysis configuration.
confidence_level "Low" Detection was inconclusive or of poor quality — potential borderline case or limited input conditions.
confidence_level "Medium" Equivalent to ISO/IEC 30107-3 Level 1 (Basic PAD) — resistant to simple presentation attacks such as printed photos or screen replays.
confidence_level "High" Equivalent to ISO/IEC 30107-3 Level 2 (Advanced PAD) — resistant to complex attacks such as 3D masks, deepfakes, and high-quality spoofing.

Error response

{
  "status_code": 400,
  "phrase": "string",
  "message": "string"
}
Copy

Integration guidelines

The YouLive API is designed for secure server-side (backend) integrations only.

Because the API requires an x-api-key for authentication and processes sensitive biometric data, all calls should be made from a trusted server environment — never directly from a web or mobile frontend.

Why Backend Integration?

warning Security of API Keys

Exposing your private x-api-key in frontend code (JavaScript, mobile apps, or browsers) risks unauthorized use and potential data breaches.

By keeping requests on the server, you ensure that credentials and traffic remain protected.

info Data Privacy & Compliance

Backend integration allows you to handle user images securely, apply encryption or anonymization, and comply with GDPR, ISO 27001, and AI governance requirements.

info Scalability & Control

Integrating on the backend gives you full control over logging, retries, monitoring, and model-level versioning without impacting the user experience.

info Centralized Decision Logic

Backend flows allow combining YouLive with other verification steps (e.g., YouAge or YouFace) through a single API gateway or orchestration layer.

Recommended Setup

primary Frontend Capture

Capture the user’s selfie using the official Youverse WebComponent or your own frontend implementation.

Send the Base64-encoded image securely to your backend.

primary Backend Processing

Your backend server (Node.js, Python, etc.) calls the YouLive API endpoint using your private x-api-key, receives the liveness response, and forwards only the decision back to the frontend.

primary Decision & Logging

Store the result and any relevant metadata securely for audit or analytics purposes.

Samples

The examples below demonstrate how to securely call the YouLive API in a backend context.

Python

import requests
import base64

# Encode your image (binary or path)
with open("selfie.jpg", "rb") as f:
    image_b64 = base64.b64encode(f.read()).decode("utf-8")

url = f'{base_url}/liveness'
headers = {
    "x-api-key": "YOUR_API_KEY"
}

payload = {
    "configuration": [
        {"name": "liveness_method", "value": value}
    ],
    "image": image_b64
}

response = requests.post(url, json=payload, headers=headers)
print(response.json())
Copy

Node.js

import axios from "axios";
import fs from "fs";

const url = `${baseUrl}/liveness`;

// Read and encode image as base64
const imageBuffer = fs.readFileSync("selfie.jpg");
const imageBase64 = imageBuffer.toString("base64");

const payload = {
  configuration: [
    { name: "liveness_method", value: value }
  ],
  image: imageBase64
};

axios.post(url, payload, {
  headers: {
    "Content-Type": "application/json",
    "x-api-key": "YOUR_API_KEY"
  }
})
  .then(response => console.log(response.data))
  .catch(error => console.error("Error:", error.response?.data || error.message));
Copy

OpenAPI Specification

The following OpenAPI 3.0 YAML defines the YouLive API endpoints, schemas, and security settings.
You can import it directly into tools such as Swagger UI, Postman, or Insomnia.

View OpenAPI YAML Specification ```yaml openapi: 3.0.3 info: title: YouLive API version: "2" description: > The YouLive API provides facial liveness detection, verifying if an image or video originates from a real, live person rather than a spoof attempt. servers: - url: Verify this value in your dashboard description: Production API server paths: /liveness: post: summary: Perform facial liveness estimation description: > Accepts a Base64-encoded image and configuration parameters, returning a liveness score, quality status, and confidence level. requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/ProcessRequest' responses: "200": description: Successful analysis content: application/json: schema: $ref: '#/components/schemas/ProcessResponse' "400": description: Bad Request content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' "401": description: Unauthorized content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' "403": description: Forbidden content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' "409": description: Conflict content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' "500": description: Internal Server Error content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' security: - api_key: [] components: securitySchemes: api_key: type: apiKey in: header name: x-api-key schemas: ProcessRequest: type: object required: - image properties: image: type: string description: Base64-encoded face image (JPG, PNG, BMP) configuration: type: array items: $ref: '#/components/schemas/ProcessConfig' ProcessConfig: type: object properties: name: type: string example: liveness_method description: > Configuration parameter name. Supported options: - **liveness_method**: Selects the liveness detection algorithm. - **selection_criteria**: Chooses which face to analyze when multiple are detected. value: type: string enum: - faster - merged - CLOSEST_TO_CAMERA - CLOSEST_TO_CENTER - HIGHEST_CONFIDENCE description: | Defines the configuration value, depending on the chosen `name`. **When `name` = `liveness_method`:** - **faster** – Lightweight liveness model, ideal for applications prioritizing user experience and speed (equivalent to ISO/IEC 30107-3 Level 1 security). - **merged** – Advanced liveness model with higher robustness against complex attacks such as deepfakes or 3D masks (ISO/IEC 30107-3 Level 2). **When `name` = `selection_criteria`:** - **CLOSEST_TO_CAMERA** – Selects the face closest to the camera (largest bounding box). Ideal for single-user interactions. - **CLOSEST_TO_CENTER** – Selects the face nearest to the image center. Recommended for centered subjects. - **HIGHEST_CONFIDENCE** – Selects the face with the highest detection confidence when multiple faces are present. ProcessResponse: type: object properties: score: type: number format: float example: 0.9737 status: type: string example: VALID_IMAGE confidence_level: type: string enum: [Disabled, Low, Medium, High] example: High ErrorResponse: type: object required: - status_code - phrase - message properties: status_code: type: integer example: 400 description: HTTP status code describing the error type. phrase: type: string example: Bad Request description: Short human-readable reason phrase. message: type: string example: Invalid image format. Expected Base64-encoded JPG or PNG. description: Detailed message explaining the cause of the error. ```

Contacts

Please check our github space for more information about our integration SDKs.
We are working to expand our current SDK offering. If you want to contribute please contact us.