🏆 Official Entrant of GEMINI 3 HACKATHON
Biometric Liveness Detection & Anti-Deepfake System powered by Gemini 3 Multimodal.
Full Compliance with LGPD, Lei Felca & International Biometric Standards.
█████╗ ██╗███████╗██╗ ██╗██╗ ██╗
██╔══██╗██║██╔════╝╚██╗██╔╝╚██╗██╔╝
███████║██║█████╗ ╚███╔╝ ╚███╔╝
██╔══██║██║██╔══╝ ██╔██╗ ██╔██╗
██║ ██║██║███████╗██╔╝ ██╗██╔╝ ██╗
╚═╝ ╚═╝╚═╝╚══════╝╚═╝ ╚═╝╚═╝ ╚═╝
Developed by AIExxplorer | Artificial Universe
- 🎯 Overview
- ✨ Key Features
- 🏗️ Technical Architecture
- 🔒 Security & Compliance
- 🚀 Installation & Configuration
- 📱 User Flow
- 🧠 Gemini 3 Integration
- 📊 Database
- 🎥 Demo & Links
- 🤝 Contributing
- 📝 License
VerifyLive is a forensic-grade biometric verification system developed for the Gemini 3 Hackathon. It leverages the Action Era capabilities of the Gemini 3 Multimodal API to perform deep semantic reasoning on video streams, detecting deepfakes and ensuring real-time liveness.
| Objective | Description |
|---|---|
| Identity Verification | Confirm the user is a real person, not a photo, video, or deepfake |
| Anti-Deepfake Detection | Use forensic AI to identify synthetic manipulations in real-time video |
| Regulatory Compliance | Meet LGPD, Lei Felca, and international biometric standards |
| Immutable Audit | Maintain encrypted and traceable logs of all verifications |
| Premium Experience | Intuitive, responsive, and accessible interface for all devices |
This project aligns with the Action Era and Omni-Agent themes through:
- Native Multimodality: Direct processing of video/audio streams via Gemini 3
- Thought Signatures: Explainable forensic reasoning for every liveness decision
- Human-AI Synergy: Empowering compliance auditors with AI-generated forensic reports
- Google OAuth 2.0 integrated via Supabase Auth
- Secure sessions with auto-refresh tokens
- Server-side route protection
- PDF Upload (Digital Driver's License, Gov.br ID)
- Camera Capture (Front & Back)
- Support for ID cards, Driver's Licenses, and Passports
- MIME type validation and max size checks (5MB)
- 5 Verification Challenges:
- 😐 Neutral Face - Baseline position
- 👉 Turn Right - 3D structure check
- 😊 Smile - Muscle/expression check
- 🔍 Zoom In - Depth check
- 🤚 Hand Check - Possession/Occlusion check (anti-deepfake)
- Multimodal reasoning on 5 captured frames
- Detection of deepfake artifacts (moiré patterns, blurring, distortions)
- Confidence score (0-100%) with explanation
- Exportable forensic report
- "Unverified" Badge for pending accounts
- "Verified" Dashboard upon successful completion
- Verification history with timestamps
- Re-verification prevention (anti-loop)
| Category | Technology | Version | Purpose |
|---|---|---|---|
| Language | TypeScript | 5+ | Strict typing across the entire codebase |
| Language | SQL | — | Database migrations, RLS policies, triggers |
| Framework | Next.js (App Router) | 16+ | Full-stack SSR, Server Actions, API Routes |
| UI Library | React | 19+ | Component-based user interface |
| Styling | Tailwind CSS | 4 | Utility-first CSS with tailwindcss-animate |
| AI / ML | Google Gemini AI (@google/generative-ai) |
0.24+ | Multimodal forensic liveness analysis |
| AI / ML | MediaPipe Tasks Vision | 0.10+ | 468-point real-time facial landmark detection (FaceMesh) |
| Backend | Supabase (PostgreSQL + Auth + Storage) | — | Database, Google OAuth 2.0, file storage, RLS |
| Hosting | Vercel | — | Edge deployment, analytics, speed insights |
| ORM | Prisma | 5+ | Database schema management |
| API Docs | Swagger UI / next-swagger-doc | — | Interactive API documentation |
| Icons | Lucide React | 0.562+ | SVG icon library |
| Notifications | Sonner | 2+ | Toast notification system |
| Quality | Husky + Commitlint | 9+ / 20+ | Git hooks & Conventional Commits enforcement |
| Linting | ESLint | 9+ | Code quality and consistency |
| Analytics | Vercel Analytics + Speed Insights | — | Usage tracking & performance monitoring |
| Browser API | WebRTC / getUserMedia | — | Real-time camera access for biometric capture |
graph TD
subgraph Frontend ["Frontend - Next.js 16 + React 19 + TypeScript 5"]
UI["UI - Tailwind CSS 4 + Lucide Icons"] -->|Stream| Camera["Camera Feed - WebRTC"]
UI -->|Auth| Auth["Supabase Auth - Google OAuth 2.0"]
UI -->|i18n| I18n["Language Context - PT / EN / ES"]
Camera -->|Landmarks| FaceMesh["MediaPipe FaceMesh - 468 points"]
end
subgraph Backend ["Server Actions - Next.js App Router"]
Verify["verifyLiveness.ts"] -->|5 Frames + Forensic Prompt| Gemini["Gemini 3 Multimodal API"]
Upload["uploadDocument.ts"] -->|File Upload + Validation| Storage["Supabase Storage - AES-256"]
Log["completeVerification.ts"] -->|Result + Audit| DB["Supabase PostgreSQL"]
Reset["resetVerification.ts"] -->|Archive + Reset| DB
end
subgraph Database ["Supabase Cloud - PostgreSQL + RLS"]
DB -->|Profiles| ProfilesTable["verifylive_profiles"]
DB -->|Audit| AuditTable["verifylive_audit_logs"]
DB -->|Consent| ConsentTable["legal_consents"]
Storage -->|Docs| DocsBucket["verifylive-docs"]
end
subgraph DevOps ["DevOps and Quality"]
Husky["Husky - Git Hooks"] -->|Pre-commit| Commitlint["Commitlint - Conventional Commits"]
ESLint["ESLint 9"] -->|Lint| CI["Vercel CI/CD"]
Prisma["Prisma ORM"] -->|Schema| DB
Swagger["Swagger UI"] -->|API Docs| Backend
end
- Multilingual Support: Portuguese (PT), English (EN), and Spanish (ES).
- Auto-Detection: Browser preference or manual selection.
- Floating Switcher: Minimalist interface with Glassmorphism.
| Requirement | Implementation |
|---|---|
| Explicit Consent | Mandatory terms modal before verification |
| Specific Purpose | Data used exclusively for identity verification |
| Data Minimization | Only strictly necessary data is collected |
| Transparency | Direct links to official legislation (Planalto.gov) |
| Right of Access | Audit history available to the user |
| Security | AES-256 encryption at rest, TLS 1.3 in transit |
| Auto-TTL | Automatic deletion of raw data after 24h |
| Measure | Description |
|---|---|
| Age Detection | Automatic flags for users apparently under 16 |
| Guardian Consensus | Flow blocked for minors without guardian tokens |
| Cryptographic Audit | All age decisions are signed and logged |
┌────────────────────────────────────────────────────────────┐
│ SECURITY LAYERS │
├────────────────────────────────────────────────────────────┤
│ │
│ 1. AUTHENTICATION │
│ ├── Google OAuth 2.0 (PKCE Flow) │
│ ├── JWT Tokens with auto-refresh │
│ └── HTTPOnly + Secure Session Cookies │
│ │
│ 2. AUTHORIZATION │
│ ├── Row Level Security (RLS) in Supabase │
│ ├── Per-user policies (auth.uid()) │
│ └── Isolated Service Role Key on server │
│ │
│ 3. ENCRYPTION │
│ ├── In Transit: TLS 1.3 │
│ ├── At Rest: AES-256 (Supabase Storage) │
│ └── Hashing: bcrypt for sensitive data │
│ │
│ 4. VALIDATION │
│ ├── MIME type validation (image/jpeg, pdf) │
│ ├── Size limit (5MB per file) │
│ └── Input sanitization │
│ │
│ 5. AUDIT │
│ ├── Immutable logs in verifylive_audit_logs │
│ ├── IP and User-Agent logging │
│ └── Timestamps with UTC timezone │
│ │
│ 6. ANTI-FRAUD PROTECTION │
│ ├── Deepfake Detection via Gemini 3 │
│ ├── 5 liveness challenges (3D movement) │
│ └── Facial consistency verification │
│ │
└────────────────────────────────────────────────────────────┘
- Lei 13.709/2018 - LGPD
- Lei 14.063/2020 - Electronic Signature
- Lei 8.069/1990 - ECA (Statute of the Child and Adolescent)
- Node.js 20+
- npm 10+ or pnpm
- Supabase Project (PostgreSQL + Auth + Storage)
- Google AI API Key (Gemini)
git clone https://github.com/AIExxplorer/verifylive.git
cd verifylivenpm installCreate a .env.local file in the project root:
# Supabase
NEXT_PUBLIC_SUPABASE_URL=https://your-project.supabase.co
NEXT_PUBLIC_SUPABASE_ANON_KEY=your-anon-key
SUPABASE_SERVICE_ROLE_KEY=your-service-role-key
# Google AI (Gemini)
GEMINI_API_KEY=your-gemini-api-key
# App
NEXT_PUBLIC_APP_URL=http://localhost:3000Run the SQL schema in the Supabase SQL Editor:
-- See the full supabase_schema.sql file in the repositoryConfigure the Google OAuth Provider at:
Authentication > Providers > Google
Create the storage buckets:
verifylive-docs(Private)verifylive-proofs(Private)
npm run devAccess: http://localhost:3000
npm run build
npm start┌─────────────────────────────────────────────────────────────────┐
│ USER JOURNEY │
└─────────────────────────────────────────────────────────────────┘
┌──────────────┐
│ ACCESS │
│ (Page) │
└──────┬───────┘
│
▼
┌──────────────┐ NO ┌──────────────┐
│ Logged In? │ ────────────▶ │ LOGIN │
│ │ │ (Google) │
└──────┬───────┘ └──────┬───────┘
│ YES │
▼ │
┌──────────────┐ │
│ Verified? │ ◀─────────────────────┘
│ │
└──────┬───────┘
│
YES │ NO
│
┌──────┴───────┐ ┌──────────────┐
│ DASHBOARD │ │ COMPLIANCE │
│ VERIFIED │ │ (Modal) │
│ ✅ Badge │ └──────┬───────┘
└──────────────┘ │
▼
┌──────────────┐
│ DOCUMENTS │
│ (Selection) │
└──────┬───────┘
│
┌───────────┴───────────┐
│ │
┌────▼────┐ ┌────▼────┐
│ CAMERA │ │ PDF │
│ (F + B) │ │ Upload │
└────┬────┘ └────┬────┘
│ │
└───────────┬──────────┘
│
▼
┌──────────────┐
│ LIVENESS │
│ INTRO │
└──────┬───────┘
│
▼
┌──────────────┐
│ 5 STEPS │
│ LIVENESS │
│ (Camera) │
└──────┬───────┘
│
▼
┌──────────────┐
│ ANALYZING │
│ (Gemini 3) │
└──────┬───────┘
│
▼
┌──────────────┐
│ RESULT │
│ ✅ / ❌ │
└──────────────┘
const prompt = `
Analyze this sequence of 5 video frames for liveness.
The user was asked to perform the following challenges in order:
1. Neutral Face
2. Turn Right (3D check)
3. Smile/Expression (Muscle check)
4. Zoom In (Depth check)
5. Hold ID/Hand (Possession/Occlusion check)
FORENSIC ANALYSIS REQUIRED:
- **Consistency**: Do features remain consistent across angles/lighting?
- **3D Structure**: Does the face rotate naturally or warp like a 2D texture?
- **Micro-expressions**: Are eye movements and muscle flexes natural?
- **Artifacts**: Look for screen moire, edge blurring, or glitching.
Return JSON with:
- is_real: boolean
- confidence: number (0-100)
- anomalies: string[] (list suspicious elements)
- reasoning: string (brief explanation of the verdict)
`;{
"is_real": true,
"confidence": 98,
"anomalies": [],
"reasoning": "Features consistent across all 5 angles. Natural 3D rotation detected. No deepfake artifacts found."
}-- Verification Profiles
CREATE TABLE verifylive_profiles (
id UUID REFERENCES auth.users PRIMARY KEY,
updated_at TIMESTAMPTZ,
username TEXT UNIQUE,
full_name TEXT,
avatar_url TEXT,
is_verified BOOLEAN DEFAULT FALSE,
verified_at TIMESTAMPTZ
);
-- Audit Logs (Immutable)
CREATE TABLE verifylive_audit_logs (
id UUID DEFAULT gen_random_uuid() PRIMARY KEY,
created_at TIMESTAMPTZ DEFAULT NOW(),
user_id UUID REFERENCES auth.users(id),
action TEXT NOT NULL,
status TEXT NOT NULL,
confidence NUMERIC,
metadata JSONB,
ip_address TEXT,
user_agent TEXT
);- Users can only view/edit their own profiles
- Audit logs are inserted via Service Role (immutable for the user)
- Storage protected by owner policies
| Resource | Link |
|---|---|
| 🌐 Live Demo | verifylive.vercel.app |
| 📹 Demo Video | YouTube (Coming Soon) |
| 🏆 Devpost | Submission Link |
| 📂 Repository | GitHub |
| 🔗 Artificial Universe | artificialuniverse.tech |
This project uses Husky for git hooks, Commitlint for conventional commits, ESLint 9 for code quality, and Prisma for database schema management. All code is written in TypeScript with strict mode enabled.
feat: new feature
fix: bug fix
docs: documentation update
style: formatting (no logic change)
refactor: code refactoring
test: adding tests
chore: maintenance tasksThis project follows a Simplified GitFlow workflow:
┌──────────────┐
│ main │ ← Production (Stable)
└──────┬───────┘
│
┌──────▼───────┐
│ develop │ ← Integration (Default Dev)
└──────┬───────┘
│
┌────────────────┼────────────────┐
│ │ │
┌──────▼──────┐ ┌──────▼──────┐ ┌──────▼──────┐
│ feature/* │ │ test/qa │ │ hotfix/* │
└─────────────┘ └─────────────┘ └─────────────┘
| Branch | Purpose |
|---|---|
main |
Production code, stable releases |
develop |
Integration branch, receives feature PRs |
test/qa |
Staging and QA testing |
feature/* |
New features |
hotfix/* |
Urgent production fixes |
This repository includes standardized templates to facilitate contributions:
| Template | Description |
|---|---|
| Bug Report | Bug reporting with technical context |
| Feature Request | Suggestion for new features |
| Pull Request | Template for PRs with quality checklist |
- Fork the repository
- Create a branch from
develop(git checkout -b feature/my-feature develop) - Make your commits following Conventional Commits (Husky will validate)
- Push to your branch (
git push origin feature/my-feature) - Open a Pull Request pointing to
develop - Wait for review and approval
📖 Full Guide: See CONTRIBUTING.md for detailed instructions.
This project is licensed under the MIT License.
MIT License
Copyright (c) 2026 AIExxplorer / Artificial Universe
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software...
Biometric Identity Verification for the AI Era
Built for Gemini 3 Hackathon | Google DeepMind
█████╗ ██╗███████╗██╗ ██╗██╗ ██╗
██╔══██╗██║██╔════╝╚██╗██╔╝╚██╗██╔╝
███████║██║█████╗ ╚███╔╝ ╚███╔╝
██╔══██║██║██╔══╝ ██╔██╗ ██╔██╗
██║ ██║██║███████╗██╔╝ ██╗██╔╝ ██╗
╚═╝ ╚═╝╚═╝╚══════╝╚═╝ ╚═╝╚═╝ ╚═╝