Review : KeyLemon Face Recognition

KeyLemon is a company from Switzerland specialized in face recognition and speaker recognition. This review is on their face recognition software also called KeyLemon.

A few years back we reviewed and fooled KeyLemon version 2.3.1, now let’s see how this biometric software has evolved.

KeyLemon replaces the standard MS Windows logon and session lock-out with a face recognition dialog using a standard webcam. Version 3.1.1. also includes the option to use speaker recognition.

For this article we tested KeyLemon version 3.1.1 gold edition on MS Windows 7 Home Edition, using a Logitech C500 webcam (1.3 megapixels).

Keylemon
Version	3.1.1
Price	Basic: free Bronze: 19.95 EUR Gold: 39.95 EUR
Hardware Requirements	64bit processor, 1GB RAM, 200MB hard drive space, USB webcam or integrated webcam
Supported OS	MS Windows Vista, MS Windows 7, 8, 8.1, MAC OS X 10.6 up to 10.10

Differences in between license versions

In the basic “free” version you can only use the standard face recognition feature to logon and unlock your computer. In the bronze version functionality is added so your computer automatically locks when you are no longer in front of the screen.
The gold version adds features of which the most important are adapting face models under different lighting conditions and setting level of security / ease of access.

Installation

Installation of KeyLemon is easy: download the executable file from the supplier website, execute it and after running the installer you are ready to enroll and start using this application.

Overview of functionalities

The KeyLemon Control Center is clear regarding the different configuration options and functionalities which can be enabled. Instructions provided on the interface are sufficient to get you started quickly.

Creating a new face model (enroll) in KeyLemon.

Highlights

LemonLogin makes that you can login or unlock the system using face recognition, alternatively the dialog presented by KeyLemon still allows you to enter a password for login.
LemonLock locks the session after a configurable period of inactivity, if it detects that you are no longer sitting in front of the computer.
In the gold edition you can store multiple face models allowing face recognition in different lighting conditions. Without this option KeyLemon might have difficulty performing face recognition at night when your face model was created during the day time, or vice versa.
In the gold edition you can configure the recognition accuracy (low – medium – high), a higher setting means it will be more difficult to fool the software but could also make it more difficult to perform valid logons.
In the gold edition you can activate eye blink detection. During the logon process KeyLemon will ask to blink your eyes, this liveness check will make it more difficult for someone to logon using an image or video.

Configuration options specific for the gold edition.

Does it work?

Security, false acceptance rate

For testing security, false acceptance rate, I chose the following setup:

recognition accuracy set to high
eye blink detection activated and requiring 1 blinks

I succeeded very quickly to fool KeyLemon. With only a picture of the subject, a bit of editing in Microsoft Paint and a smartphone I completed this hack of KeyLemon. See for yourself in the video below.

General useability, false rejection rate

For the purpose of this review I have created 7 face models in KeyLemon at different light conditions. The computer I used for the tests is installed close to a window on the south side, so light conditions vary a lot.

To test the false rejection rate, I chose a maxed out setup:

recognition accuracy set to high
eye blink detection activated and requiring 3 blinks
limit the time for login to 10 seconds

During my first test with this setup, the logon screen of KeyLemon crashed. After a reboot, the logon using 3 blinks of both eyes worked fine. Later on I had one similar crash in which the KeyLemon logon screen just froze and I had to logon using my password.

With the exception of the two crashes I had little difficulty logging on to my computer.

A disadvantage of the software is that you can have no separate configuration settings for individual users. Any user can change the security settings of KeyLemon and this will affect all user accounts using the software. My 7 year old son changed the number of eye blinks to ‘1’ on his own account, this also affected the logon process of my own account.

Conclusions

KeyLemon is not secure. Even at its highest face recognition accuracy settings it provides less security than a password. This face recognition software has a high False Acceptance Rate, it is easy to hack by anyone having only basic photo editing skills. The current liveness checks in KeyLemon are insufficient to detect the use of videos or photographs

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.