Best Liveness Detection Software in 2026: Features, Pricing, and Comparison

Every liveness detection vendor markets the same promise in 2026: stop deepfakes, block spoofs, prove a real human is present. The promise is identical; the engineering is not. The real decision is narrower: which vendor has independently proven its presentation attack detection, which also defends the injection attack surface, and which does it without wrecking your onboarding pass rate. That choice now carries regulatory weight, since NIST’s 2025 Digital Identity Guidelines (SP 800-63-4) make presentation attack detection mandatory for IAL2 remote identity proofing and require screening for AI-generated content. This guide compares the 10 strongest liveness detection software platforms on the criteria that actually change a procurement outcome.

What to look for in liveness detection software in 2026?

Most liveness demos look alike. The differences that should decide a vendor surface only against the criteria below.

Independent iBeta and ISO/IEC 30107-3 conformance

The most reliable signal is independent conformance testing. iBeta, a NIST/NVLAP-accredited lab, tests presentation attack detection against ISO/IEC 30107-3: Level 1 covers basic photo and screen spoofs, Level 2 higher-effort artefacts, and Level 3 sophisticated silicone, urethane, and resin masks. A vendor that cannot name its iBeta level and test date has not proven its claims.

Presentation attack versus injection attack defence

A presentation attack holds a fake to the camera. An injection attack pipes a synthetic video stream into the pipeline through a virtual camera, skipping the camera entirely. iBeta covers presentation attacks, so confirm separately how a vendor stops injected deepfakes, now the harder vector.

Technology ownership versus licensed liveness

Some vendors own their liveness models; others license and orchestrate third-party components. Ownership decides retraining speed against new attacks and gives one accountable chain of custody for sensitive biometric data.

Passive versus active liveness and pass rates

Active liveness asks the user to turn their head or blink; passive liveness analyses a single selfie with no gestures. Active adds assurance but also friction, and friction costs pass rates. The strongest solutions reach top-tier conformance with a passive flow.

Deployment, data residency, and how liveness is priced

Biometric data is special-category data under GDPR, and GCC and Southeast Asian regulators may require it to stay in-country, ruling out SaaS-only vendors for some buyers. Almost no vendor publishes pricing: Liveness sells as SaaS per verification, as API or SDK calls per request, or as annual on-premise licences. Cost per verification falls with volume, so benchmark on your own.

The 10 best liveness detection software platforms in 2026

As the publisher of this guide, we list Shufti first for transparency. The remaining nine vendors are listed alphabetically and described on the same factual basis. Details are sourced from vendor websites, the Gartner Magic Quadrant for Identity Verification 2025, public iBeta conformance listings, and verified review platforms.

• Shufti
• Daon
• FaceTec
• IDnow
• Incode
• iProov
• Jumio
• Onfido (Entrust IDV)
• Sumsub
• Veriff

Liveness detection software comparison at a glance

Vendor	Technology ownership	iBeta PAD level	Deployment	G2 rating	Trustpilot	Best fit
Shufti	Own IP (full stack)	Level 3	SaaS, Local Cloud, on-prem	4.4 (49)	4.8 (3,800+)	Full-stack IDV with top-tier liveness
Daon	Own IP	Level 1 and 2	SaaS, flexible	Not listed on G2	1 review	Enterprise biometric authentication
FaceTec	Own IP (pure-play)	Level 1 and 2	SDK, on-prem capable	4.5 (15)	1 review	Standalone 3D face liveness
IDnow	Own plus partner	Level 2	SaaS, EU residency	4.4	3.4 (16,000+)	EU video-ident, regulated onboarding
Incode	Own IP (full stack)	Level 3	SaaS	5.0 (52)	1 review	US enterprise IDV at scale
iProov	Own IP (pure-play)	Level 1 and 2	SaaS, flexible	No public reviews	No public reviews	Government-grade biometric assurance
Jumio	Own (liveness in-housed)	Level 2	SaaS	4.1 (16)	1.5 (82)	Large enterprise IDV deployments
Onfido (Entrust IDV)	Own plus partners	Level 2	SaaS	4.4 (111)	1.1 (363)	Entrust security stack buyers
Sumsub	Own plus partners	Level 2	SaaS	4.6 (112)	1.3 (256)	Crypto and fintech orchestration
Veriff	Own plus partner	Level 1 and 2	SaaS, EU residency	4.5 (63)	1.5 (213)	Fast SaaS verification, EU and US

Sources: Gartner Magic Quadrant for Identity Verification 2025, public iBeta conformance listings, vendor public sites, G2.com and Gartner Peer Insights profiles, Trustpilot profiles. Data accurate as of May 2026; verify with each vendor before procurement.

#1. Shufti

Shufti is a UK-headquartered identity verification provider built entirely on owned intellectual property: OCR, liveness, document intelligence, KYC, KYB, and AML, all developed in-house rather than licensed. That ownership shows in liveness: in May 2026 Shufti became the first European company and third globally to achieve iBeta Level 3 passive liveness conformance under ISO/IEC 30107-3, recording 0% APCER and 0% BPCER across iOS and Android. The same owned stack makes Shufti a genuinely ‘glocal’ vendor, verifying a US driver’s licence with the same engineering control as a Vietnamese national ID.

Key strengths:

Shufti’s liveness runs on its own AI models, retrained in-house against new attacks on Shufti’s release timeline. The single-selfie passive flow needs no head turns, blinks, or prompts, keeping onboarding friction low while clearing the highest published PAD level. It sits inside a full stack with document verification at 99.7% OCR accuracy, KYC, KYB, and AML. Public clients include Binance, Stripe, and ByteDance.

Considerations:

Shufti’s Level 3 conformance was published in May 2026, so buyers comparing it against vendors with multi-year Level 2 histories are weighing a very recent top-tier result against longer public track records. Liveness is delivered within the broader platform, so teams wanting a liveness-only module should confirm that scope during procurement.

Deployment Options:

• SaaS
• Cloud
• Local Cloud
• On-premise for data-residency compliance

Certifications and recognitions:

• iBeta Level 3 conformance under ISO/IEC 30107-3
• DHS RIVR 2025 Top Performer: 98.49% True Accept Rate, zero false templates Creation events
• SOC 2 Type II, PCI DSS
• GDPR compliance, Cyber Essentials, Cyber Essentials Plus

Ratings (as of May 2026):

• Trustpilot: 4.8/5 (3,800+ reviews), the highest rating-and-volume combination among the vendors compared
• G2: 4.4/5 (49 reviews)

Best for:

Businesses needing top-tier, independently proven liveness inside a complete verification platform, especially under deepfake-heavy fraud or strict data-residency rules. One platform. Fully owned technology. Global coverage with real local depth.

#2. Daon

Daon is a biometric identity assurance vendor founded in 2000, with US operations in Fairfax, Virginia, and a leader in the 2025 Gartner Magic Quadrant for Identity Verification.

Key strengths:

Daon’s IdentityX platform combines face, voice, fingerprint, and behavioural authentication for both onboarding and ongoing access. Its 3D face liveness uses device movement to detect distortion, and Daon is widely deployed across banking and government.

Considerations:

Daon’s core strength is enterprise authentication breadth rather than standalone liveness, so buyers wanting only a liveness component should scope that explicitly. Public iBeta conformance is at Level 1 and 2.

Certifications and recognitions:

• ISO/IEC 30107-3 iBeta Level 1 and 2 conformance
• Leader, 2025 Gartner Magic Quadrant for Identity Verification

Ratings (as of May 2026):

• Trustpilot: one review only as of May 2026, too small a sample to form a rating
• Gartner Peer Insights: 4.6/5 (14 reviews) for the IdentityX platform

Best for:

Enterprises, especially banks, that want biometric onboarding and continuous authentication in a single platform.

#3. FaceTec

FaceTec is a US-based pure-play specialist in 3D face liveness and matching. Its patented 3D FaceMap technology builds a depth map from a standard 2D camera selfie.

Key strengths:

FaceTec ships as device and server SDKs, so customer biometric data can stay behind the customer’s own firewall. It was the first face authenticator independently certified to iBeta Level 1 and 2 PAD testing and runs a long-standing public spoof bounty program.

Considerations:

FaceTec covers liveness and face matching only, not documents, KYC, or AML, so it is combined with other tools in a wider stack. Public iBeta conformance is at levels 1 and 2.

Certifications and recognitions:

• iBeta Level 1 and 2 ISO/IEC 30107-3 PAD conformance
• Ongoing public spoof bounty programme

Ratings (as of May 2026):

• Trustpilot: one review only as of May 2026, too small a sample to form a rating
• G2: 4.5/5 (15 reviews)

Best for:

Teams that want a dedicated, self-hosted 3D liveness and face-matching component to embed in their own platform.

#4. IDnow

IDnow is a German identity verification provider with deep DACH-region presence, strong in regulated videoident and eIDAS qualified electronic signatures through its ARIADNEXT acquisition.

Key strengths:

IDnow pairs automated liveness and document checks with an expert-assisted videoident option for cases where regulators require human review and offers EU data center hosting.

Considerations:

IDnow’s focus is the European regulated market, so coverage and pricing weigh to EU use cases. Liveness conformance is at iBeta Level 2, and its high-volume consumer Trustpilot reviews are mixed.

Certifications and recognitions:

• ISO/IEC 27001
• iBeta Level 2 conformance
• eIDAS Qualified Trust Service Provider status via ARIADNEXT

Ratings (as of May 2026):

• Trustpilot: 3.4/5 (16,000+ reviews)
• G2: 4.4/5

Best for:

EU-headquartered financial services that need regulated videoident and eIDAS-grade electronic signatures.

#5. Incode

Incode is a San Francisco-based identity verification vendor founded in 2015, built on in-house AI, and a Leader in the 2025 Gartner Magic Quadrant for Identity Verification.

Key strengths:

In March 2026, Incode became the first vendor to pass iBeta Level 3 PAD testing on both iOS and Android, with 0% APCER and 0% BPCER for passive selfie liveness. Liveness sits inside a full IDV, KYC, and KYB platform.

Considerations:

Incode is SaaS-first and US-centric in deployment, without the on-premise option some data-residency-bound buyers need. Hard-market non-Latin document depth is narrower than vendors built for those regions.

Certifications and recognitions:

• iBeta Level 3 conformance under ISO/IEC 30107-3
• NIST Facial Recognition Vendor Test top performer
• Leader, 2025 Gartner Magic Quadrant for Identity Verification

Ratings (as of May 2026):

• Trustpilot: one review only as of May 2026, too small a sample to form a rating
• G2: 5.0/5 (52 reviews)

Best for:

US enterprises in finance, gaming, and hospitality that want top-tier passive liveness inside a full IDV platform.

#6. iProov

iProov is a London-based biometric specialist focused purely on liveness and face verification. Its Dynamic Liveness uses patented Flashmark illumination to confirm a genuine person is present in real time.

Key strengths:

iProov is engineered for the injection attack surface as well as presentation attacks and is heavily deployed by governments, including the UK Home Office, GovTech Singapore, and the US Department of Homeland Security.

Considerations:

iProov delivers liveness and face verification only, not documents, KYC, or AML. Public iBeta conformance is at levels 1 and 2, and it sells through direct enterprise and government procurement.

Certifications and recognitions:

• ISO/IEC 30107-3 iBeta levels 1 and 2 conformance
• eIDAS Level of Assurance High
• FIDO Alliance face verification certification

Ratings (as of May 2026):

• iProov maintains G2 product listings but carries no published user reviews on G2 and no notable Trustpilot profile as of May 2026. It is better assessed through its independent certifications and public-sector deployments.

Best for:

Governments and large enterprises that need the highest-assurance biometric liveness as a standalone layer.

#7. Jumio

Jumio is a US-headquartered identity verification provider with one of the category’s largest enterprise customer bases. It in-housed its liveness technology, previously licensed from iProov, in late 2024.

Key strengths:

Jumio offers passive liveness with deepfake screening inside an end-to-end IDV and AML platform and achieved iBeta Level 2 PAD conformance in 2025.

Considerations:

Jumio reported an 88% year-on-year rise in injection attacks against its platform in 2025, underlining the injection challenge category-wide. Its consumer Trustpilot rating is low, mostly from rejected legitimate users.

Certifications and recognitions:

• ISO/IEC 27001:2022
• SOC 2 Type 2, PCI DSS
• iBeta Level 2 conformance

Ratings (as of May 2026):

• Trustpilot: 1.5/5 (82 reviews)
• G2: 4.1/5 (16 reviews)

Best for:

Large enterprises that want liveness within an established, broad IDV and compliance platform.

#8. Onfido (Entrust IDV)

Onfido, a UK-founded identity verification provider, was acquired by Entrust in 2024 and now operates as Entrust IDV. It was a leader in the 2025 Gartner Magic Quadrant for Identity Verification.

Key strengths:

Entrust IDV combines document verification with Motion, its biometric liveness product, inside the wider Entrust security and identity portfolio. That breadth suits buyers already standardised on Entrust.

Considerations:

Per the Gartner Magic Quadrant 2025, the platform draws on partner components, including iProov and Namirial, so accountability spans multiple providers. Liveness conformance is at iBeta Level 2.

Certifications and recognitions:

• ISO 27001, SOC 2 Type II
• iBeta Level 2 conformance
• ETSI-certified IDV for QES under eIDAS

Ratings (as of May 2026):

• Trustpilot: 1.1/5 (363 reviews)
• G2: 4.4/5 (111 reviews)

Best for:

Enterprises already invested in the Entrust security and identity stack.

#9. Sumsub

Sumsub is a UK-incorporated verification platform with a strong crypto and fintech footprint, and a Leader in the 2025 Gartner Magic Quadrant for Identity Verification.

Key strengths:

Sumsub passed iBeta Level 2 PAD conformance in 2025 and ships an Adaptive Deepfake Detector with online self-learning updates, inside an orchestrated platform covering KYC, KYB, transaction monitoring, and fraud.

Considerations:

Per the Gartner Magic Quadrant 2025, Sumsub orchestrates third-party components for parts of its stack. Liveness conformance is at iBeta Level 2, below the Level 3 held by some peers.

Certifications and recognitions:

• ISO 27001, SOC 2 Type II, PCI DSS
• iBeta Level 2 conformance
• Leader, 2025 Gartner Magic Quadrant for Identity Verification

Ratings (as of May 2026):

• Trustpilot: 1.3/5 (256 reviews)
• G2: 4.6/5 (112 reviews)

Best for:

Crypto, fintech, and iGaming operators that want fast integration and wide verification orchestration.

#10. Veriff

Veriff is an Estonia-based identity verification provider known for AI-driven document and biometric checks delivered as a fast SaaS service.

Key strengths:

Veriff offers passive and active liveness with deepfake screening, conforms to iBeta Level 1 and 2, and covers a large document-specimen library, with quick average verification.

Considerations:

Veriff is SaaS-only with EU data residency hosted on AWS, without on-premise or Local Cloud options for GCC or Southeast Asia residency rules. Its training data is weighted to EU and US documents.

Certifications and recognitions:

• ISO/IEC 27001:2022, SOC 2 Type II
• iBeta Level 1 and 2 conformance

Ratings (as of May 2026):

• Trustpilot: 1.5/5 (213 reviews)
• G2: 4.5/5 (63 reviews)

Best for:

EU and US digital platforms that prioritise fast SaaS verification over deployment flexibility.

How to choose the right liveness detection software for your business?

The right liveness vendor defends your actual attack surface, clears your regulatory regime, and deploys where your data must live. Most buyers fall into one of four situations.

Scenario 1: High deepfake and injection attack exposure

Crypto exchanges, neobanks, and forex brokers face the heaviest deepfake and injection-attack pressure, so independent conformance and owned technology matter most. Shufti fits directly, with iBeta Level 3 passive liveness conformance at 0% error and a fully owned stack its team can retrain without waiting on a partner. Incode is a strong alternative for US-centric platforms, also at Level 3. iProov is a specialist where the need is a standalone, government-grade biometric layer. For fintech companies, prioritise Level 3 conformance and injection-attack coverage over brand familiarity.

Scenario 2: Regulated identity proofing under NIST 800-63-4

Organisations doing regulated remote identity proofing must meet NIST SP 800-63-4, which requires presentation attack detection and deepfake screening at IAL2. Shufti suits this with independently tested Level 3 conformance and a documented DHS RIVR 2025 Top Performer result of 98.49% true accept rate. iProov is a specialist where buyers want a NIST-certified biometric layer only, and IDnow fits EU video-ident and eIDAS qualified-signature use cases.

Scenario 3: Biometric data residency and on-premise deployment

Biometric data is special-category data under GDPR, and some GCC and Southeast Asian regulators require it to stay in-country. Shufti is one of the few vendors offering SaaS, Local Cloud, and full on-premise deployment, so liveness runs inside your own environment. FaceTec is a specialist alternative, since its SDK model keeps biometric data behind your firewall, though it covers liveness only. SaaS-only vendors cannot meet strict on-premise residency requirements.

Scenario 4: Maximising onboarding conversion with passive liveness

For consumer onboarding, passive liveness that needs no head turns or blink prompts protects pass rates. Shufti’s single-selfie passive flow reached 0% error at iBeta Level 3 with no user gestures, pairing security with low friction. Incode also offers passive selfie liveness at Level 3, and Veriff is a specialist for fast SaaS verification where EU and US documents dominate.

Marketing pages will not reveal the right liveness vendor; performance on your real traffic will. The procurement question is which vendor’s structural advantages match your reality: exposure to deepfakes and injection attacks, your regulatory regime, where biometric data must reside, and how much onboarding friction you can absorb. For most buyers facing more than one of those, Shufti’s combination of independently verified iBeta Level 3 conformance, full-stack ownership, and deployment flexibility is the broadest single-vendor answer, and it lifts fraud-prevention ROI by blocking bad actors before onboarding.

Run a proof of concept on your hardest liveness cases, and benchmark the result against any vendor on this list through a live walkthrough with Shufti.

Sources and references

1. NIST (2025). Digital Identity Guidelines, SP 800-63-4. Available at: https://csrc.nist.gov/pubs/sp/800/63/4/final (accessed May 2026).
2. iBeta Quality Assurance. ISO/IEC 30107-3 Presentation Attack Detection test methodology and confirmation letters. Available at: https://www.ibeta.com/iso-30107-3-presentation-attack-detection-confirmation-letters/
3. Biometric Update (2026). Shufti biometric PAD clears iBeta Level 3 with 0 errors across iOS, Android. Available at: https://www.biometricupdate.com/202605/shufti-biometric-pad-clears-ibeta-level-3-with-0-errors-across-ios-android
4. Gartner (2025). Magic Quadrant for Identity Verification. Available at: https://www.gartner.com/en/documents/6875366
5. Biometric Update (2025). Sumsub’s biometric liveness detection passes iBeta Level 2 compliance test. Available at: https://www.biometricupdate.com/202505/sumsubs-biometric-liveness-detection-passes-ibeta-level-2-compliance-test
6. Shufti. Document Verification and DHS RIVR 2025 pages. Available at: https://shuftipro.com/document-verification/ and https://shuftipro.com/blog/shufti-recognised-as-a-top-performer-in-dhs-rivr-2025/
7. G2.com, Gartner Peer Insights, and Trustpilot vendor review profiles for all vendors cited (accessed May 2026).

Disclaimer: All information about third-party vendors in this article has been sourced from each vendor’s public website, named analyst reports, public certification listings, and verified review platforms at the time of writing (May 2026). Shufti makes no representations as to the accuracy, completeness, or currency of third-party information. Product features, ratings, and certifications may change. Readers should refer to each vendor’s official site for the most current information before making any procurement decision.