Authentication continues to evolve to toward leveraging information about the user, instead of information possessed by the user. "Face Lock" technology is discussed here, and is particularly compelling because successful authentication by the end user requires the end user to recognize a face (not a famous person - someone not everyone would recognize) from a group of faces. This is an interesting take on "facial recognition" that is being done by a human (the user) as opposed to a machine (your computer, using facial recognition software). In this model, the faces could change and as long as the user could still pick out a face that is familiar to them, the rate of success will still be high.
Bypassing something like this as a fraudster would be a question of pure luck (as long as the selections made by the end user were not obvious enough to be easily socially engineered), and the technology wouldn't require any special hardware. This is compelling because it relies on the human ability to recognize, instead of the ability of the human to be recognized by technology. Innovative methods, like this one, are continuing to broaden the discussion around next-gen authentication.