Facial Recognition system can be hacked using your Facebook photos
Many tech companies consider facial recognition system as one of the trusted methods for your computer to recognize you, as it is simple and dependable means of identity verification. However, researchers have found out that it is still not perfect and prone to hack attacks. What’s more, hackers can use your Facebook profile photos to hack such systems, researchers said.
A team of researchers from the University of North Carolina at the Usenix security conference in Austin earlier this month showed an especially exasperating new technique for taking a face: one that depends on 3-D rendering and some light internet stalking. They presented a system that created 3-D facial models which were successful in fooling four out of five facial recognition systems. The digital 3-D facial models were based on publicly available photos and displayed with mobile virtual reality technology to defeat facial recognition systems.
Other research has been devoted to defeating facial recognition systems, but those experiments used models derived from photographs either taken or collected by researchers. The UNC team for the sake of their experiment collected 20 volunteers through proficient photographs, picture web indexes, and freely accessible resources on informal communities like Facebook, LinkedIn, and Google+ and built 3D models of their faces. These were later tweaked to include some facial animations and eyes were adjusted to show as if they are looking at the camera. In the event, the researchers could not find the subject’s full face; they even rebuilt any missing parts, shadows and texture of that area. The most interesting part is, some of the volunteers were security researchers themselves, and of them, some were so active to protect their online privacy. However, the researchers were able to discover anywhere in the range of three to 27 photographs of every volunteer.
“We could influence online photos of the [participants], which I believe is somewhat unnerving,” says True Price, a study creator who takes a shot at PC vision at UNC. “You can’t generally control your online nearness or your online picture.”
The scientists tried their virtual reality face renders on five verification frameworks—KeyLemon, Mobius, TrueKey, BioID, and 1D, all of which are available from customer programming sellers like the Google Play Store and the iTunes Store and can be used for safeguarding data and locking cellular devices. Researchers tricked four out of five of these systems, with achievement rates from 55 percent up to 85 percent. Since, your facial characteristics tend to stay motionless, so if your biometric matter is compromised or publicly available, it’s at risk of being recorded and exploited.
“Some vendors — most notably Microsoft with its Windows Hello software — already have commercial solutions that leverage alternative hardware. [In Hello’s case, that hardware is Tobii’s eye-tracking camera.] However, there is always a cost-benefit to adding hardware, and hardware vendors will need to decide whether there is enough demand from and benefit for consumers to add specialized components like IR cameras or structured light projectors, “said team member True Price.
A real face would give off infrared radiation, after all, which could be an added layer of protection. The researchers have explained their method and results in their full paper that was published on Wired.