Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

StartFaceLivenessSession with 30% of UserErrorCount

-1

Good morning,

We implemented AWS Rekognition Face Liveness to perform a Face Movement Challenge in our React application. The service is hosted by us and deployed in the eu-west-1 region:

After almost 2 weeks, we are detecting in CloudWatch that 30% of the "StartFaceLivenessSession" events end triggering a "UserErrorCount".

Each of these cases creates a CloudTrail event of this type:

  • Event name: "EndFaceLivenessSession"
  • Username: "CognitoIdentityCredentials"
  • Error code: "ValidationException"

100% of the errors are of the same type.

We have verified that this error occurs because, during the Liveness component loading phase, when the text "Connecting..." is displayed, it doesn't progress (it shows the spinner, still without a camera, and with the text corresponding to 'hintConnectingText', it has sent 2 messages to the WebSocket and never reaches the point of requesting the TensorFlow download).

When we test it ourselves under ideal conditions (fiber, stable Wi-Fi, and having eliminated the variables of VPNs and firewalls because we've seen they increase the failure rate), it only fails for us 5% of the time.

In our backend, we can see that between 15% and 20% of all our users have had to try multiple times to get verified, taking up to 5 attempts to load the Liveness component.

Therefore, it doesn't seem to be 100% deterministic for them, such as: "your mobile phone does not meet the camera requirements". We have seen this happen even on high-end mobiles like the Galaxy S23, S25...

We suspect it is something related to the connection quality, but we don't know what actually causes it.

We have also ruled out expired session issues, S3 bucket, KMS, or an incorrect region. Therefore, we understand it might be an error related to connection quality, rather than our implementation.

These are our versions:

  • frontend: ├─┬ @aws-amplify/ui-react-liveness@3.6.1 │ ├─┬ @aws-amplify/ui@6.15.1 │ │ └── aws-amplify@6.16.2 deduped │ └── aws-amplify@6.16.2 deduped ├─┬ @aws-amplify/ui-react@6.15.1 │ ├─┬ @aws-amplify/ui-react-core@3.6.1 │ │ └── aws-amplify@6.16.2 deduped │ └── aws-amplify@6.16.2 deduped └── aws-amplify@6.16.2

  • backend: aws/aws-sdk-php@3.372.2

Is that 30% error rate normal? What can we improve?

Thank you.

Topics
Front-End Web & MobileMachine Learning & AISecurity, Identity, & Compliance
Tags
Amazon RekognitionAmazon CognitoAWS Amplify
Language
English
asked 2 months ago79 views
1 Answer
0

A 30% error rate for StartFaceLivenessSession is not normal and indicates there's a significant issue that needs to be addressed. Based on your description, where the component gets stuck at "Connecting..." and fails to progress to the TensorFlow download phase, this does appear to be connection-related rather than an implementation error.

Here are several areas to investigate and improve:

Connection and Network Considerations:

  • The fact that users need multiple attempts (up to 5) and that you see better results under ideal network conditions strongly suggests network quality issues. Consider implementing retry logic with exponential backoff for the initial connection phase.
  • WebSocket connections can be sensitive to network conditions, proxies, and corporate firewalls. Even though you've tested without VPNs and firewalls, your end users may be on various network configurations.
  • Mobile networks can be particularly unstable, with varying signal strength and bandwidth, which could explain why even high-end devices like Galaxy S23/S25 experience failures.

Recommendations:

  1. Session Timeout Configuration: Review your session timeout settings. If the connection phase is taking too long, consider adjusting timeout values to fail faster and allow for quicker retries.

  2. User Experience: Implement better error handling and user feedback. When the ValidationException occurs, provide clear guidance to users about checking their connection and trying again.

  3. Monitoring and Diagnostics: Add more detailed client-side logging to capture network conditions, connection timing, and specific failure points before the WebSocket connection is established.

  4. Challenge Type: Ensure you're using the recommended 'FaceMovementAndLightChallenge' setting for the highest accuracy and best user experience.

  5. SDK Versions: While your versions appear current, ensure all authentication calls are properly configured with AWS signing mechanism and that IAM roles are correctly set up.

  6. Progressive Enhancement: Consider implementing a connection quality check before initiating the Face Liveness session, or provide users with guidance about optimal conditions (stable WiFi, good lighting, etc.).

The issue is likely related to the initial WebSocket connection establishment rather than your implementation, but improving error handling, retry logic, and user guidance should help reduce the impact on your users.
Sources
Face Liveness Shared Responsibility Model - Amazon Rekognition

answered 2 months ago
EXPERT
reviewed 2 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content