1. Introduction

Face recognition systems are widely deployed in various security-based applications, including border control. While FRS can provide a user-friendly, seamless, and reliable verification solution, they are also known to be vulnerable to different types of attacks, including the recently reported face morphing attacks [41, 9, 16]. Face morphing attacks against FRS are carried out by combining face images of multiple subjects to generate a single image that can be verified equally against all contributing subjects [41].. Existing works on face morphing attacks have reported the vulnerability of FRS towards such attacks [23, 30, 12, 22, 21, 19, 32, 24, 25, 17, 31, 38, 39, 33, 20, 42, 26, 43, 34, 35, 7, 7, 2, 3]. Extensive benchmark presented by NIST FRVT MORPH [20] and the Bologna Online Evaluation Platform (BOEP) [26] also indicate the high vulnerability of FRS with respect to face morphing attacks. In addition to FRS, also human observer analysis (including forensic experts, border guards and biometric researchers) has also reported the challenges to detect face morphing attacks [14, 28, 15, 27]. These factors have motivated the development of multiple automatic face Morphing Attack Detection (MAD) to detect the evolving morphing attacks, especially tailored for border control applications. A number of MAD techniques have been proposed in the past five years [7] [2] [25] [34] [41] [38] [22] which can be broadly classified as Single image-based MAD (S-MAD) and Differential based MAD (D-MAD) [41]. The S-MAD techniques use a single image on which morphing detection is performed and is deemed suitable for forensic applications.