Didit 静默活体检测：AI 防伪与身份验证

AI智能体脚本智能办公脚本自动化游戏脚本浏览器自动化脚本服务器脚本

Didit 静默活体检测：AI 防伪与身份验证 - Openclaw Skills

作者：互联网

2026-04-14

AI教程

什么是 Didit 静默活体检测？

Didit 静默活体检测技能使 AI 代理能够通过分析捕获的单张图像来验证用户是否亲自到场。与主动式方法不同，该技术不需要任何动作或交互，在保持 99.9% 准确率的同时提供无缝的用户体验。它是开发者在 Openclaw Skills 生态系统中构建安全身份验证流程的关键组件。

该技能可检测各种演示攻击，包括屏幕截图、打印照片、面具和深度伪造。通过将其集成到您的工作流程中，您可以确保与您的应用程序交互的是真实人类，在不增加用户旅程摩擦的情况下，显著降低欺诈和未经授权访问的风险。

下载入口:https://github.com/openclaw/skills/tree/main/skills/rosasalberto/didit-passive-liveness

安装与下载

1. ClawHub CLI

从源直接安装技能的最快方式。

npx clawhub@latest install didit-passive-liveness

2. 手动安装

将技能文件夹复制到以下位置之一

全局模式 ~/.openclaw/skills/ 工作区 /skills/

优先级：工作区 > 本地 > 内置

3. 提示词安装

将此提示词复制到 OpenClaw 即可自动安装。

请帮我使用 Clawhub 安装 didit-passive-liveness。如果尚未安装 Clawhub，请先安装（npm i -g clawhub）。

Didit 静默活体检测应用场景

在用户注册或高额交易期间防止欺诈。
实时检测深度伪造和演示攻击。
实施无需用户配合动作的无摩擦防伪检查。
验证面部质量和亮度，以获得更好的身份证明文件。
通过 Openclaw Skills 将身份验证集成到自动化代理工作流中。

Didit 静默活体检测工作原理

代理捕获或接收 JPEG、PNG 或 WebP 等支持格式的用户自拍照。
图像通过 DIDIT_API_KEY 进行身份验证并传输到 Didit 独立 API。
AI 使用单帧 CNN（静默方法）分析单帧图像以验证人类存在。
系统计算活体评分，评估面部质量，并进行亮度分析。
返回最终状态（批准或拒绝）以及年龄、性别和风险警告等元数据。

Didit 静默活体检测配置指南

要在您的 Openclaw Skills 集合中使用此功能，您必须首先从 Didit 业务控制台获取 API 密钥。获取后，按如下方式配置您的环境：

export DIDIT_API_KEY="your_api_key_here"

然后，您可以使用提供的实用脚本启动活体检查：

python scripts/check_liveness.py selfie.jpg --threshold 80

Didit 静默活体检测数据架构与分类体系

该技能返回详细说明活体评估的结构化 JSON 响应。数据组织如下：

字段	描述
request_id	用于跟踪的唯一会话标识符
liveness.status	主要结果：批准 (Approved) 或拒绝 (Declined)
liveness.score	置信度评分 (0-100)，分数越高代表真实可能性越大
face_quality	用于过滤低质量捕获的图像质量指标
entities	元数据，包括预估年龄、性别和面部边界框
warnings	风险标签数组，如 LIVENESS_FACE_ATTACK 或 DUPLICATED_FACE

name: didit-passive-liveness
description: >
  Integrate Didit Passive Liveness standalone API to verify a user is physically present.
  Use when the user wants to check liveness, detect spoofing attempts, verify real person
  presence, implement anti-spoofing, or perform passive liveness detection using Didit.
  Analyzes a single image without user interaction. Returns liveness score, face quality,
  and luminance metrics. Detects presentation attacks and duplicate faces.
version: 1.2.0
metadata:
  openclaw:
    requires:
      env:
        - DIDIT_API_KEY
    primaryEnv: DIDIT_API_KEY
    emoji: "??"
    homepage: https://docs.didit.me

Didit Passive Liveness API

Overview

Verifies that a user is physically present by analyzing a single captured image — no explicit movement or interaction required.

Key constraints:

Supported formats: JPEG, PNG, WebP, TIFF
Maximum file size: 5MB
Image must contain exactly one clearly visible face
Original real-time photo only (no screenshots or printed photos)

Accuracy: 99.9% liveness detection accuracy, <0.1% false acceptance rate (FAR).

Capabilities: Liveness scoring, face quality assessment, luminance analysis, age/gender estimation, spoof detection (screen captures, printed copies, masks, deepfakes), duplicate face detection across sessions, blocklist matching.

Liveness methods: This standalone endpoint uses PASSIVE method (single-frame CNN). Workflow mode also supports ACTIVE_3D (action + flash, highest security) and FLASHING (3D flash, high security).

API Reference: https://docs.didit.me/reference/passive-liveness-api

Authentication

All requests require x-api-key header. Get your key from Didit Business Console → API & Webhooks.

Endpoint

POST https://verification.didit.me/v3/passive-liveness/

Headers

Header	Value	Required
`x-api-key`	Your API key	Yes
`Content-Type`	`multipart/form-data`	Yes

Request Parameters (multipart/form-data)

Parameter	Type	Required	Default	Constraints	Description
`user_image`	file	Yes	—	JPEG/PNG/WebP/TIFF, max 5MB	User's face image
`face_liveness_score_decline_threshold`	integer	No	—	0-100	Scores below this = Declined
`rotate_image`	boolean	No	—	—	Try rotations to find upright face
`save_api_request`	boolean	No	`true`	—	Save in Business Console
`vendor_data`	string	No	—	—	Your identifier for session tracking

Example

import requests

response = requests.post(
    "https://verification.didit.me/v3/passive-liveness/",
    headers={"x-api-key": "YOUR_API_KEY"},
    files={"user_image": ("selfie.jpg", open("selfie.jpg", "rb"), "image/jpeg")},
    data={"face_liveness_score_decline_threshold": "80"},
)

const formData = new FormData();
formData.append("user_image", selfieFile);
formData.append("face_liveness_score_decline_threshold", "80");

const response = await fetch("https://verification.didit.me/v3/passive-liveness/", {
  method: "POST",
  headers: { "x-api-key": "YOUR_API_KEY" },
  body: formData,
});

Response (200 OK)

{
  "request_id": "a1b2c3d4-...",
  "liveness": {
    "status": "Approved",
    "method": "PASSIVE",
    "score": 95,
    "user_image": {
      "entities": [
        {"age": 22.16, "bbox": [156, 234, 679, 898], "confidence": 0.717, "gender": "male"}
      ],
      "best_angle": 0
    },
    "warnings": [],
    "face_quality": 85.0,
    "face_luminance": 50.0
  },
  "created_at": "2025-05-01T13:11:07.977806Z"
}

Status Values & Handling

Status	Meaning	Action
`"Approved"`	User is physically present	Proceed with your flow
`"Declined"`	Liveness check failed	Check `warnings`. May be a spoof or poor image quality

Error Responses

Code	Meaning	Action
`400`	Invalid request	Check file format, size, parameters
`401`	Invalid API key	Verify `x-api-key` header
`403`	Insufficient credits	Top up at business.didit.me

Response Field Reference

Field	Type	Description
`status`	string	`"Approved"` or `"Declined"`
`method`	string	Always `"PASSIVE"` for this endpoint
`score`	integer	0-100 liveness confidence (higher = more likely real). `null` if no face
`face_quality`	float	0-100 face image quality score. `null` if no face
`face_luminance`	float	Face luminance value. `null` if no face
`entities[].age`	float	Estimated age
`entities[].bbox`	array	Face bounding box `[x1, y1, x2, y2]`
`entities[].confidence`	float	Face detection confidence (0-1)
`entities[].gender`	string	`"male"` or `"female"`
`warnings`	array	`{risk, log_type, short_description, long_description}`

Warning Tags

Auto-Decline (always)

Tag	Description
`NO_FACE_DETECTED`	No face detected in image
`LIVENESS_FACE_ATTACK`	Potential spoofing attempt (printed photo, screen, mask)
`FACE_IN_BLOCKLIST`	Face matches a blocklisted entry
`POSSIBLE_FACE_IN_BLOCKLIST`	Possible blocklist match detected

Configurable (Decline / Review / Approve)

Tag	Description	Notes
`LOW_LIVENESS_SCORE`	Score below threshold	Configurable review + decline thresholds
`DUPLICATED_FACE`	Matches another approved session	—
`POSSIBLE_DUPLICATED_FACE`	May match another user	Configurable similarity threshold
`MULTIPLE_FACES_DETECTED`	Multiple faces (largest used for scoring)	Passive only
`LOW_FACE_QUALITY`	Image quality below threshold	Passive only
`LOW_FACE_LUMINANCE`	Image too dark	Passive only
`HIGH_FACE_LUMINANCE`	Image too bright/overexposed	Passive only

Common Workflows

Basic Liveness Check

1. Capture user selfie
2. POST /v3/passive-liveness/ → {"user_image": selfie}
3. If "Approved" → user is real, proceed
   If "Declined" → check warnings:
     - NO_FACE_DETECTED → ask user to retake with face clearly visible
     - LOW_FACE_QUALITY → ask for better lighting/positioning
     - LIVENESS_FACE_ATTACK → flag as potential fraud

Liveness + Face Match (combined)

1. POST /v3/passive-liveness/ → verify user is real
2. If Approved → POST /v3/face-match/ → compare selfie to ID photo
3. Both Approved → identity verified

Utility Scripts

export DIDIT_API_KEY="your_api_key"

python scripts/check_liveness.py selfie.jpg
python scripts/check_liveness.py selfie.jpg --threshold 80

上一篇：使用 VueUse 构建一个支持暂停/重置的 CountUp 组件下一篇：我用 2 个 Skill 解决AI开发如何记录文档的问题