Almost everyone posts photos on social media--and the better the quality or the more photos uploaded, the more likes or reactions from friends and followers. Though some might think uploading photos on social media is harmless, it can be used to track the whereabouts of a person, which is nothing new, but now we've found that it can even dupe biometric security. That's right, facial recognition can be fooled using images from social media.
At the recent Usenix security conference, security and computer vision specialists from the University of North Carolina showed how facial recognition-based security can be tricked. The researchers presented the system that is able to create digital 3D facial models based on high quality photos publicly available on social media such as Facebook, LinkedIn, and Google+. These 3D images are then displayed with mobile virtual reality technology to fool the facial recognition system into thinking that the image it sees is a real, live person, not just a 3D image.
The researchers took on 20 volunteers, collected images of the volunteers from their social media accounts to render 3D image models of themselves. The researchers collected 27 images for each of the participants, though not all high quality of enough to recreate the 3D images, they were able to recreate the missing pieces. The researchers added facial animation, shadows, and even texture to make the model lifelike, as well as editing the eyes to make it appear that the 3D model is looking at the camera. The team also took indoor headshots of the 20 volunteers to create a 3D image, in order to test whether these images will fool the security systems better.
The researchers then tested the 3D rendered images against five security systems: KeyLemon, Mobius, TrueKey, BioID, and 1D. According to the researchers, the 3D images fooled four of the five systems, while the control 3D images fooled all five security systems. One might wonder why people would even bother with facial recognition security, but device manufacturers are looking at this space to add another layer of security to mobile devices.
Earlier this year, Google announced that it plans on adding a dedicated image processing chip to its smartphones to give it facial recognition capabilities. Google has previously failed in the space when its Face Unlock feature was easily fooled using a still photo.
If more device manufacturers decide to utilize facial recognition in securing their devices, we might see more data breaches in the future. As we say, your face might bite you in your ass, so be careful with what you share online.
Image Source: Pixabay