Jul 08, 2021 16:00:00

Scams that trick facial recognition systems are on the rise, how are scammers breaking through?

Face recognition technology has become a popular method for unlocking smartphones, and is also used as an app authentication system. However, in recent years, scams that break through the face recognition system have become conspicuous, and it is expected that the number will increase further in the future.

Technology reporter Parmy Olson reports how scammers are trying to trick facial recognition systems.

Faces Are the Next Target for Fraudsters --WSJ
https://www.wsj.com/articles/faces-are-the-next-target-for-fraudsters-11625662828

Face recognition technology, which is one of biometrics, is used by many law enforcement agencies such as the FBI, and Chinese game companies have announced that they will limit gameplay time by face recognition. It is used in a wide variety of fields. On the other hand, it has been pointed out that the use of facial recognition technology in police will promote discrimination, Amazonannounced in June 2020 that it will suspend the facial recognition technology provided for police for one year, and IBM announced that facial recognition We are announcing our withdrawal from the certification market.

In addition to these, in June 2021 it was reported that a large number of unemployed people were denied applications due to problems with the facial recognition system used to apply for unemployment benefits in the United States.

Face recognition system has caused many unemployed people to not receive unemployment allowance --GIGAZINE

Thousands of people in the United States have tried to trick facial recognition systems into fraudulently applying for unemployment benefits over the past year, according to ID.me, an identity verification company that develops facial recognition systems. Between June 2020 and January 2021, ID.me said more than 80,000 fraudulent attempts were made against ID.me's facial recognition system used in 26 states in the United States. I am. From this way of fraudulent attempts those classic such as 'wear a mask', deep fake use of, such as how to view the photos and video of the others, in the CEO of and there are various ID.me One Blake Hall said.

Credit risk management Experian analysts also predict in a March security report that fraudsters will use AI to create 'Frankenstein's face' to break through facial recognition. .. This is one of the processes by which fraudsters combine fake information with real information to create a 'synthetic ID', which is mainly aimed at companies that have introduced facial recognition technology to prevent fraud. Is being considered.

Attempts to 'fool facial recognition systems' have already been reported since 2017. A man, a customer of insurance company Lemonade, uploaded a movie shot with a blonde wig and red lipstick, claiming that 'a $ 5,000 camera was stolen.' However, Lemonade's AI system found signs of fraud in the movie and determined that the man was creating a fake identity. According to Lemonade, men have been successful in getting insurance in their normal outfits in the past, and AI has determined that 'the same person is claiming a different identity.'

In 2021, Chinese authorities uncovered a paper company that was 'selling leather bags and sending fraudulent tax invoices.' The paper company is believed to have fraudulently earned $ 77 million from its customers, but an investigation revealed that the two masterminds had a tax office facial recognition system set up to crack down on tax evasion. It turned out that it had broken through. This method allowed them to send invoices disguised as official documents. According to the report, the two obtained high-resolution images of their faces from the online black market and created fake faces using an app that creates footage from photos.

John Spence of Veridium, who develops biometric systems, argues that spoofing techniques do not necessarily require sophisticated software. He explains that the most common method is to print a photo of a person's face and cut out the eyes. Many face recognition systems use 'blinking' to determine if the subject is a living person.

On the other hand, Apple's facial recognition system on the iPhone is said to be 'one of the most difficult systems to deceive.' Apple's facial recognition system projects more than 30,000 dots onto a person's face to create a depth map of the face for analysis. At the same time, an infrared image of the face will also be taken. The infrared image data is converted into a mathematical representation by the iPhone chip and compared with its own database to confirm whether it is a living person or not. However, some banking and financial services apps that use third-party systems may have less accurate facial recognition.

There are two ways to increase the security of your facial recognition system. One is to update the underlying AI model and redesign the algorithms that support the AI model. And the other is to train the AI model with more face data. However, the amount of training required to protect against spoofing is said to be 10 times the existing amount, which is costly and time consuming. For this reason, companies such as Apple, Google, and Facebook are looking for new tools to prevent spoofing.