Shufti Becomes the First European Company to Achieve iBeta PAD Level 3 With Passive Liveness

Most identity vendors that pass iBeta’s hardest liveness test do it on the latest flagship phones. Shufti just passed it on a Google Pixel 4 and an iPhone 12 Pro, devices launched in 2019 and 2020. Across 900 professional-grade presentation attacks, the result was 0% APCER and 0% BPCER. Not a single artist-built silicone, urethane, or resin mask got through, and not a single genuine user was wrongly rejected.

This makes Shufti the first European company to clear iBeta PAD Level 3 with passive liveness on both Android and iOS, and among a very small group worldwide under ISO/IEC 30107-3.

What iBeta PAD Level 3 Actually Tests?

Presentation Attack Detection (PAD) is the capability that decides whether a biometric system is looking at a real, live person or a spoof, such as a high-resolution photo, a video replay, or a silicone mask. iBeta Quality Assurance (NVLAP Lab Code 200962-0) is accredited by NIST under Handbook 150-25 against ISO/IEC 30107-3.

The framework runs across three escalating levels. Level 1 covers paper photos and basic masks. Level 2 introduces 3D-printed resin and latex artefacts. Level 3 sits at the top: testers with at least ten prior PAD evaluations build professional silicone, urethane, and resin masks over up to seven days per species.

The standard permits a 5% penetration rate at Level 3. That margin acknowledges that well-resourced, experienced attackers will sometimes break through. Shufti’s result didn’t approach the threshold. Every artefact across every species failed.

900 Attacks. Zero Errors. Across Both Platforms.

Testing was conducted by iBeta from 27 March to 24 April 2026 on Shufti’s Android SDK v1.9.8 and iOS SDK v1.3.42, both supported by Shufti’s in-house cloud-based liveness model.

Each of the three mask species (silicone, urethane, and resin) was presented 150 times on each device. Across 450 attacks per device, the system blocked every artefact.

• APCER (attack acceptance rate): 0% on Android and iOS
• BPCER (genuine-user rejection rate): 0% on both devices
• APNRR and BPNRR (non-response rates): 0%

Test subjects were drawn from a deliberately diverse pool: 40% female, 30% non-Caucasian, with age-group representation under iBeta’s fairness testing practice.

“Becoming the first European company to achieve iBeta PAD Level 3 with passive liveness on both platforms puts us in a very small group globally. What matters beyond the headline is what it shows about how we build. The result was produced on devices people actually carry, not lab phones.” — Shahid Hanif, CEO at Shufti.

Passive Liveness, Without the Friction Trade-Off

The evaluation ran on Shufti’s passive liveness: no challenge-response prompts, no head movements, no blink sequences. A single selfie is all the user presents; the liveness check runs in the background.

The industry assumption has been that passive liveness couldn’t reach the top of the PAD ladder cleanly, that the highest assurance required user interaction. A Level 3 conformance with 0% APCER and 0% BPCER through a fully passive flow breaks that.

For onboarding teams, the translation is direct. Drop-off from challenge prompts is a measurable cost at scale. This result shows you can hold Level 3 security without paying for it.

Why the Device Choice Matters?

The Pixel 4 and iPhone 12 Pro are five and six-year-old devices, not the premium handsets used in controlled lab evaluations. That choice was deliberate.

Identity platforms get built on high-specification development hardware, then deployed across a much wider device range in production. Mid-range and older phones make up a large share of active usage across Southeast Asia, the Gulf, Africa, and Latin America, where Shufti’s coverage of 240+ countries and territories does most of its work. A test result on the latest hardware alone doesn’t tell you what happens on a four-year-old Android.

The same principle drove Shufti’s results at the US Department of Homeland Security’s 2025 Remote Identity Verification Rally, where 100% of DHS goals were met across diverse demographic and device conditions. This stack performs where it actually has to.

Shufti’s Approach to iBeta PAD Level 3

Shufti’s face verification runs passive liveness on a single selfie. The detection stack is built and owned in-house, with no third-party liveness component licensed in. That ownership is what made the result this clean. Every layer sits under one team’s control, tunable against deployment conditions.

Book a demo to see Shufti’s Level 3 liveness in your environment.