{"id":838,"date":"2026-05-20T09:00:00","date_gmt":"2026-05-20T08:00:00","guid":{"rendered":"https:\/\/research.reading.ac.uk\/einstein\/?p=838"},"modified":"2026-05-13T11:39:40","modified_gmt":"2026-05-13T10:39:40","slug":"the-morphing-attack-how-two-faces-become-one-and-what-we-can-do-about-it","status":"publish","type":"post","link":"https:\/\/research.reading.ac.uk\/einstein\/the-morphing-attack-how-two-faces-become-one-and-what-we-can-do-about-it\/","title":{"rendered":"The Morphing Attack: How Two Faces Become One \u2014 and What We Can Do About It"},"content":{"rendered":"\r\n<figure class=\"wp-block-image alignwide size-full\"><img decoding=\"async\" style=\"border-radius: 8px;margin-bottom: 1.5em\" src=\"https:\/\/research.reading.ac.uk\/einstein\/wp-content\/uploads\/sites\/327\/2026\/05\/img_art4-1.png\" alt=\"Illustration for: The Morphing Attack: How Two Faces Become One \u2014 and What We Can Do About It\" \/><\/figure>\r\n\r\n\r\n\r\n<p class=\"wp-block-paragraph\">Every passport embodies a fundamental security principle: one person, one document. The International Civil Aviation Organisation (ICAO) calls this the unique link \u2014 the machine-verifiable biometric feature that binds a travel document to its legitimate holder. Face morphing attacks are designed to break that link.<\/p>\r\n\r\n\r\n\r\n<h2 class=\"wp-block-heading\">What is a morphing attack?<\/h2>\r\n\r\n\r\n\r\n<p class=\"wp-block-paragraph\">A morphing attack creates a single facial image that has been computationally blended from the faces of two different individuals. When this morphed image is used as the passport photo, the resulting document can be successfully verified against both contributors. The criminal uses the document to cross borders. The accomplice has plausible deniability.<\/p>\r\n\r\n\r\n\r\n<p class=\"wp-block-paragraph\">Early morphing techniques were landmark-based: detecting facial feature points on both images and warping and blending them together in pixel space. Modern methods are considerably more sophisticated. GAN-based morphing uses generative adversarial networks to synthesise a new face in the latent space of the model. Diffusion-based methods use text-to-image models conditioned on facial identity to produce photorealistic composites with few visible artefacts.<\/p>\r\n\r\n\r\n\r\n<h2 class=\"wp-block-heading\">Detection approaches<\/h2>\r\n\r\n\r\n\r\n<p class=\"wp-block-paragraph\">Morphing attack detection falls into two categories. Single-image MAD (S-MAD) examines a suspected document image in isolation, looking for artefacts or inconsistencies. Differential MAD (D-MAD) compares the suspected document image against a trusted live capture of the applicant \u2014 a far more powerful approach. Multiple detection algorithms, each with different strengths across different morphing techniques, can be fused to improve overall robustness.<\/p>\r\n\r\n\r\n\r\n<h2 class=\"wp-block-heading\">Can humans detect morphs?<\/h2>\r\n\r\n\r\n\r\n<p class=\"wp-block-paragraph\">Research involving over 570 participants \u2014 including border guards, document examiners, ID experts, and face comparison specialists \u2014 has shown that human detection of morphing attacks is surprisingly poor. Average accuracy for differential MAD tasks was around 64.7% for border guards and 72.6% for face comparison experts. Automated systems significantly outperform human observers, making the case for AI-assisted detection compelling.<\/p>\r\n\r\n\r\n\r\n<p class=\"wp-block-paragraph\">The EINSTEIN project is developing and evaluating morphing attack detection (MAD) algorithms across a range of morphing techniques, contributing to the broader evaluation methodologies reflected in ISO\/IEC 20059, the international standard for testing and comparing the resistance of biometric systems to morphing attacks.<\/p>\r\n\r\n\r\n\r\n<p class=\"wp-block-paragraph\" style=\"font-size: 0.85em;color: #6b7a90;border-top: 1px solid #e2e8f2;padding-top: 1em;margin-top: 2em\">\u00a9 2026 EINSTEIN Consortium. EINSTEIN is funded by the European Union\u2019s Horizon Europe programme (GA\u00a0No.\u00a0101121280) and by UKRI (IFS\u00a010093453). Views expressed are those of the authors only. <a href=\"https:\/\/research.reading.ac.uk\/einstein\/\">www.einstein-horizon.eu<\/a><\/p>\r\n","protected":false},"excerpt":{"rendered":"<p>Every passport embodies a fundamental security principle: one person, one document. The International Civil Aviation Organisation (ICAO) calls this the unique link \u2014 the machine-verifiable biometric feature that binds a travel document to its legitim&#8230;<\/p>\n","protected":false},"author":909,"featured_media":832,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"__cvm_playback_settings":[],"__cvm_video_id":"","footnotes":""},"categories":[18],"tags":[19,22,35,32,33,36,31,34],"coauthors":[14],"class_list":["post-838","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-research-blog","tag-biometrics","tag-border-security","tag-d-mad","tag-face-morphing","tag-identity-fraud","tag-mad","tag-morphing-attack","tag-passport-fraud"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v21.8.1 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>The Morphing Attack: How Two Faces Become One \u2014 and What We Can Do About It - EINSTEIN<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/research.reading.ac.uk\/einstein\/the-morphing-attack-how-two-faces-become-one-and-what-we-can-do-about-it\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"The Morphing Attack: How Two Faces Become One \u2014 and What We Can Do About It - EINSTEIN\" \/>\n<meta property=\"og:description\" content=\"Every passport embodies a fundamental security principle: one person, one document. The International Civil Aviation Organisation (ICAO) calls this the unique link \u2014 the machine-verifiable biometric feature that binds a travel document to its legitim...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/research.reading.ac.uk\/einstein\/the-morphing-attack-how-two-faces-become-one-and-what-we-can-do-about-it\/\" \/>\n<meta property=\"og:site_name\" content=\"EINSTEIN\" \/>\n<meta property=\"article:published_time\" content=\"2026-05-20T08:00:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-05-13T10:39:40+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/research.reading.ac.uk\/einstein\/wp-content\/uploads\/sites\/327\/2026\/05\/einstein_blog_banner-1.png\" \/>\n\t<meta property=\"og:image:width\" content=\"720\" \/>\n\t<meta property=\"og:image:height\" content=\"405\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"James Ferryman\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"James Ferryman\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/research.reading.ac.uk\/einstein\/the-morphing-attack-how-two-faces-become-one-and-what-we-can-do-about-it\/\",\"url\":\"https:\/\/research.reading.ac.uk\/einstein\/the-morphing-attack-how-two-faces-become-one-and-what-we-can-do-about-it\/\",\"name\":\"The Morphing Attack: How Two Faces Become One \u2014 and What We Can Do About It - EINSTEIN\",\"isPartOf\":{\"@id\":\"https:\/\/research.reading.ac.uk\/einstein\/#website\"},\"datePublished\":\"2026-05-20T08:00:00+00:00\",\"dateModified\":\"2026-05-13T10:39:40+00:00\",\"author\":{\"@id\":\"https:\/\/research.reading.ac.uk\/einstein\/#\/schema\/person\/287e525ca50fc2213a8cd2ad36fb324f\"},\"breadcrumb\":{\"@id\":\"https:\/\/research.reading.ac.uk\/einstein\/the-morphing-attack-how-two-faces-become-one-and-what-we-can-do-about-it\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/research.reading.ac.uk\/einstein\/the-morphing-attack-how-two-faces-become-one-and-what-we-can-do-about-it\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/research.reading.ac.uk\/einstein\/the-morphing-attack-how-two-faces-become-one-and-what-we-can-do-about-it\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/research.reading.ac.uk\/einstein\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"The Morphing Attack: How Two Faces Become One \u2014 and What We Can Do About It\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/research.reading.ac.uk\/einstein\/#website\",\"url\":\"https:\/\/research.reading.ac.uk\/einstein\/\",\"name\":\"EINSTEIN\",\"description\":\"IntEroperable applIcations suIte to eNhance European identity and document SecuriTy and fraud dEtectIoN\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/research.reading.ac.uk\/einstein\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/research.reading.ac.uk\/einstein\/#\/schema\/person\/287e525ca50fc2213a8cd2ad36fb324f\",\"name\":\"James Ferryman\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/research.reading.ac.uk\/einstein\/#\/schema\/person\/image\/e455eff97bf15f08533b5794a7ae2be3\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/bb9b6c1740f6a54e1761096e29ce475824a3bb90f2b70ebc385aa96656998cc9?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/bb9b6c1740f6a54e1761096e29ce475824a3bb90f2b70ebc385aa96656998cc9?s=96&d=mm&r=g\",\"caption\":\"James Ferryman\"},\"url\":\"https:\/\/research.reading.ac.uk\/einstein\/author\/sis00jf\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"The Morphing Attack: How Two Faces Become One \u2014 and What We Can Do About It - EINSTEIN","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/research.reading.ac.uk\/einstein\/the-morphing-attack-how-two-faces-become-one-and-what-we-can-do-about-it\/","og_locale":"en_GB","og_type":"article","og_title":"The Morphing Attack: How Two Faces Become One \u2014 and What We Can Do About It - EINSTEIN","og_description":"Every passport embodies a fundamental security principle: one person, one document. The International Civil Aviation Organisation (ICAO) calls this the unique link \u2014 the machine-verifiable biometric feature that binds a travel document to its legitim...","og_url":"https:\/\/research.reading.ac.uk\/einstein\/the-morphing-attack-how-two-faces-become-one-and-what-we-can-do-about-it\/","og_site_name":"EINSTEIN","article_published_time":"2026-05-20T08:00:00+00:00","article_modified_time":"2026-05-13T10:39:40+00:00","og_image":[{"width":720,"height":405,"url":"https:\/\/research.reading.ac.uk\/einstein\/wp-content\/uploads\/sites\/327\/2026\/05\/einstein_blog_banner-1.png","type":"image\/png"}],"author":"James Ferryman","twitter_card":"summary_large_image","twitter_misc":{"Written by":"James Ferryman","Estimated reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/research.reading.ac.uk\/einstein\/the-morphing-attack-how-two-faces-become-one-and-what-we-can-do-about-it\/","url":"https:\/\/research.reading.ac.uk\/einstein\/the-morphing-attack-how-two-faces-become-one-and-what-we-can-do-about-it\/","name":"The Morphing Attack: How Two Faces Become One \u2014 and What We Can Do About It - EINSTEIN","isPartOf":{"@id":"https:\/\/research.reading.ac.uk\/einstein\/#website"},"datePublished":"2026-05-20T08:00:00+00:00","dateModified":"2026-05-13T10:39:40+00:00","author":{"@id":"https:\/\/research.reading.ac.uk\/einstein\/#\/schema\/person\/287e525ca50fc2213a8cd2ad36fb324f"},"breadcrumb":{"@id":"https:\/\/research.reading.ac.uk\/einstein\/the-morphing-attack-how-two-faces-become-one-and-what-we-can-do-about-it\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/research.reading.ac.uk\/einstein\/the-morphing-attack-how-two-faces-become-one-and-what-we-can-do-about-it\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/research.reading.ac.uk\/einstein\/the-morphing-attack-how-two-faces-become-one-and-what-we-can-do-about-it\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/research.reading.ac.uk\/einstein\/"},{"@type":"ListItem","position":2,"name":"The Morphing Attack: How Two Faces Become One \u2014 and What We Can Do About It"}]},{"@type":"WebSite","@id":"https:\/\/research.reading.ac.uk\/einstein\/#website","url":"https:\/\/research.reading.ac.uk\/einstein\/","name":"EINSTEIN","description":"IntEroperable applIcations suIte to eNhance European identity and document SecuriTy and fraud dEtectIoN","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/research.reading.ac.uk\/einstein\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-GB"},{"@type":"Person","@id":"https:\/\/research.reading.ac.uk\/einstein\/#\/schema\/person\/287e525ca50fc2213a8cd2ad36fb324f","name":"James Ferryman","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/research.reading.ac.uk\/einstein\/#\/schema\/person\/image\/e455eff97bf15f08533b5794a7ae2be3","url":"https:\/\/secure.gravatar.com\/avatar\/bb9b6c1740f6a54e1761096e29ce475824a3bb90f2b70ebc385aa96656998cc9?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/bb9b6c1740f6a54e1761096e29ce475824a3bb90f2b70ebc385aa96656998cc9?s=96&d=mm&r=g","caption":"James Ferryman"},"url":"https:\/\/research.reading.ac.uk\/einstein\/author\/sis00jf\/"}]}},"cc_featured_image_caption":{"caption_text":"","source_text":"","source_url":""},"_links":{"self":[{"href":"https:\/\/research.reading.ac.uk\/einstein\/wp-json\/wp\/v2\/posts\/838","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/research.reading.ac.uk\/einstein\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/research.reading.ac.uk\/einstein\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/research.reading.ac.uk\/einstein\/wp-json\/wp\/v2\/users\/909"}],"replies":[{"embeddable":true,"href":"https:\/\/research.reading.ac.uk\/einstein\/wp-json\/wp\/v2\/comments?post=838"}],"version-history":[{"count":3,"href":"https:\/\/research.reading.ac.uk\/einstein\/wp-json\/wp\/v2\/posts\/838\/revisions"}],"predecessor-version":[{"id":919,"href":"https:\/\/research.reading.ac.uk\/einstein\/wp-json\/wp\/v2\/posts\/838\/revisions\/919"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/research.reading.ac.uk\/einstein\/wp-json\/wp\/v2\/media\/832"}],"wp:attachment":[{"href":"https:\/\/research.reading.ac.uk\/einstein\/wp-json\/wp\/v2\/media?parent=838"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/research.reading.ac.uk\/einstein\/wp-json\/wp\/v2\/categories?post=838"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/research.reading.ac.uk\/einstein\/wp-json\/wp\/v2\/tags?post=838"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/research.reading.ac.uk\/einstein\/wp-json\/wp\/v2\/coauthors?post=838"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}