Human-centric
AI Computer Vision
3DiVi Inc., founded in 2011, is one of the leading developers of AI and machine learning (ML) technologies for computer vision.
Your request has been successfully sent. We'll get in touch shortly.
THANK YOU!

Makeup as a Biometric Threat? How the “Living Vampire” Johnny Depp Fooled Liveness Detection

Facial recognition, especially with liveness checks, is often viewed as the ultimate defense in banking and fintech—able to stop everything from printed photos to deepfakes and 3D masks.

But what if the real vulnerability isn’t as high-tech as we think?

What if it comes in the form of… makeup?

In a recent internal experiment, the 3DiVi team uncovered a surprising blind spot—disguised in professional makeup.

We ran a video of Johnny Depp playing vampire Barnabas Collins in Dark Shadows through a liveness detection check. The result? The system confidently identified him as alive. And that’s a problem.

Why Makeup Is a Real Threat (Not A Theatrical One)

While most discussions around biometric spoofing focus on printed photos, video replays, or silicone masks, makeup rarely gets the attention it deserves. Yet professional or theatrical makeup can:

  • Conceal or alter key facial features like eye shape, jawline, eyebrows, and mouth contours,

  • Change the perceived skin tone and texture,

  • Interfere with algorithms that rely on depth, color gradients, or texture cues.

Unlike classic spoofing tools, makeup isn’t easy to classify. Where’s the line between everyday makeup and a deliberate spoofing attempt?

And more importantly, which appearance changes can biometric systems safely ignore — and which could open the door to fraud?

The Johnny Depp Test: How the Vampire Fooled the System

In our test, the video clip featured Johnny Depp’s character in full costume and makeup:

  • Extremely pale, chalk-like skin

  • Deep shadows around the eyesSharp, heavily defined facial contours

  • Dark lips and elongated brows

Despite the theatrical look, the system almost successfully recognized the face—and more importantly, it flagged the video as a live, real person. In other words, the liveness detection “brought the vampire to life.”

The clip wasn’t even live—it was just a pre-recorded video.

Is Makeup Now a Biometric Attack Vector

Our experiment proved just how easily a simple video with heavy makeup can bypass poorly configured or basic liveness detection systems. Algorithms that depend solely on basic texture or motion cues are vulnerable to clever visual deception.

While most companies focus on defending against photo and replay attacks, cosplay, professional makeup, and even everyday cosmetics are turning into real tools for biometric spoofing.

To treat makeup as a biometric attack vector, certain conditions need to be met:

  • Repeatability: The failure should occur across different tests and subjects

  • Measured risk: The Attack Presentation Classification Error Rate (APCER) for makeup scenarios should be calculated

  • Thresholds: If APCER exceeds 1–2%, it’s already a red flag

  • Statistical significance: If spoofing with makeup results in significantly higher error rates (e.g., p < 0.05), it should be included in mandatory anti-spoofing tests

How to Test for Makeup-Based Spoofing

To make your biometric system resilient, consider:

  • Testing with a range of makeup: from light cosmetic to full theatrical looks

  • Including both images and video replays featuring makeup

  • Evaluating how your system responds to such inputs played from screens or mobile devices
Fraudsters don’t need expensive 3D masks anymore. Well-done makeup, paired with a screen and a video, is a low-cost but effective way to trick underprotected systems. If your liveness detection can’t handle this, it’s leaving a security gap open.

Closing the Makeup Vulnerability: Key Considerations for Biometric Teams

To avoid such vulnerabilities, companies should:

  • Demand that liveness detection accounts for depth, skin texture, and behavioral cues

  • Require proof from vendors that their system has been tested against spoofing scenarios involving makeup

  • Include spoofing resistance tests in their procurement and compliance checklists

  • Continuously update biometric security policies as new evasion techniques emerge

Final Thoughts: It's Not Just a Funny Glitch

The Johnny Depp vampire case isn’t a one-off bug or a funny story—it’s a signal. As biometric systems become more mainstream, they also become more attractive targets.

And you don’t need Hollywood-level deepfakes to fool weak liveness detection. Sometimes, all it takes is a phone and some makeup.

To ensure biometric systems offer real protection, we need to test them under real-world conditions, including those that aren’t always obvious. In biometrics, just like in life, you have to know when reality ends and deception begins.

If you’re serious about closing hidden biometric security gaps, let’s talk. With 14+ years in computer vision and biometric security, 3DiVi knows how to spot and fix vulnerabilities before fraudsters find them.