Coercion & Duress Detection
FaceSign's crown jewel: detecting when a user is acting under duress during verification.
Coercion detection is what separates FaceSign from every other authentication product. Most systems answer one question: is this the right person? FaceSign answers two: is this the right person, and are they acting freely?
This is FaceSign's primary differentiator. No call center agent, OTP code, or selfie-based verification can detect when a user is being coached, threatened, or manipulated into authorizing a transaction.
Why coercion detection matters
Authorized push payment (APP) fraud — where the legitimate account holder is tricked or forced into making a payment — is one of the fastest-growing fraud categories globally. In these attacks:
- The account holder passes every traditional verification check (they are who they say they are)
- OTP codes are entered correctly by the actual user
- Call center agents hear the real account holder's voice
- The bank authorizes the transaction because every signal says "legitimate"
The missing signal is state of mind. The user is present, verified, and authenticated — but they are acting under duress, coaching, or social engineering. Traditional authentication cannot detect this.
Three signal categories
FaceSign's coercion detection engine analyzes three categories of signals throughout the verification session. These run across all nodes, not as a separate step.
Vocal signals
| Signal | What it indicates |
|---|---|
| Stress frequency patterns | Elevated fundamental frequency and vocal tremor that correlate with psychological stress |
| Speech cadence changes | Unnatural pauses, rushed speech, or irregular rhythm suggesting external coaching |
| Hesitation markers | Excessive filler words, false starts, and self-corrections before answering |
| Vocal affect mismatch | Emotional tone inconsistent with the content of the response (e.g., stress markers while claiming everything is fine) |
Visual signals
| Signal | What it indicates |
|---|---|
| Gaze aversion | Repeated glances away from the screen, suggesting reading from a script or checking with someone off-camera |
| Micro-expression leakage | Involuntary facial expressions (fear, anxiety, disgust) that flash before a controlled response |
| Second-person detection | Reflection analysis and peripheral motion detection that identifies another person present in or near the frame |
| Facial tension patterns | Sustained muscle tension inconsistent with a relaxed, voluntary interaction |
Behavioral signals
| Signal | What it indicates |
|---|---|
| Response timing anomalies | Delays before answering that suggest consulting someone else, or responses that are too immediate (pre-rehearsed) |
| Answer consistency | Contradictions between responses given at different points in the conversation |
| Compliance patterns | Unusual eagerness to skip security steps or rush through verification |
| Cognitive load indicators | Signs that the user is simultaneously processing external instructions while responding to the avatar |
Coercion detection runs continuously across the entire session. Conversational nodes (CONVERSATION) provide the richest signal because they require the user to speak freely, but vocal and visual analysis runs during every node type.
Use cases
Elder financial abuse prevention
An elderly account holder is coached by a caregiver or family member to authorize a wire transfer. The account holder passes liveness detection — they are real and present. But vocal stress analysis detects elevated anxiety, gaze tracking shows repeated glances to someone off-camera, and response timing reveals delays consistent with external coaching.
Coached wire transfer fraud
A victim receives a call from a scammer impersonating their bank. The scammer instructs the victim to authorize a "security transfer" through the real bank's verification flow. The victim follows the instructions, but their speech cadence is unnaturally deliberate (reading scripted responses), and micro-expression analysis detects fear signals that contradict their verbal cooperation.
Romance scam authorization
A victim is emotionally manipulated into transferring money to a fraudster. During verification, behavioral analysis detects cognitive load indicators — the victim is processing conflicting emotions while trying to present a calm, voluntary front. Hesitation markers and vocal affect mismatch flag the session for review.
PSD3 Strong Customer Authentication
Under PSD3, payment service providers face liability for coached transfer fraud. FaceSign's coercion detection provides an auditable signal that the user was — or was not — acting under duress at the moment of authorization. This evidence supports regulatory compliance and liability defense.
How results are delivered
Coercion detection results are included in the session report delivered to your webhook. The report contains:
| Field | Description |
|---|---|
| Coercion risk score | Numeric confidence score (0–100) indicating the likelihood of duress |
| Signal breakdown | Which signal categories contributed to the score (vocal, visual, behavioral) |
| Flagged moments | Timestamps within the session where specific indicators were detected |
| Recommended action | Suggested next steps based on the risk level (approve, review, block) |
Your application decides what to do with the score. FaceSign provides the signal — you set the threshold and the response.