FB pixel

Security researcher finds facial recognition company left database exposed online without authentication

 

Dutch security researcher Victor Gevers with the GDI Foundation discovered this week that a Chinese facial recognition company left its database exposed online, revealing information about millions of people, CNET reports.

Shenzhen-based SenseNets was founded in 2015 and offers face recognition, crowd analysis and personal verification.

Gevers discovered yesterday that one of SenseNets’ MongoDB databases had been left exposed online without authentication. The database contained more than 2.5 million records on people, including names, ID card numbers, ID card issue date, ID card expiration date, sex, nationality, home addresses, dates of birth, photos, employer and GPS coordinates for locations where SenseNets’ facial recognition technology had spotted them.

Gevers also revealed that in the last 24 hours more than 6.8 million GPS coordinates were recorded, noting that anyone would be able to use these records to track a person’s movements based on SenseNets’ real-time facial recognition. The researcher found that there were 1,039 unique devices tracking people across China and that logged locations include police stations, hotels, tourism spots, parks, internet cafes and mosques.

The GDI Foundation warned SenseNets about the open database, which has been available since July.

According to IHS Markit research, cities around the world spent $3 billion on city surveillance in 2017, and the market will grow at an average annual rate of 14.6 percent to 2021. China is the biggest market for security equipment in city surveillance, taking up a two-thirds share.

Article Topics

 |   |   |   |   |   | 

Latest Biometrics News

 

ISO’s mDL standard can’t guarantee issue trustworthiness

The fear that the server retrieval capability supported by the ISO/IEC 18013 standard for mobile driver’s licenses (mDLs) could be…

 

One app, two app, three app, four: DECTA study shows users have ‘wallet fatigue’

While some see the concept of a “15-minute city” as sinister, advocates say they just don’t want to go very…

 

Stop ghost students stealing college financial aid with biometric liveness

The Associated Press recently documented a vast and fast-growing fraud on the U.S. education system in which scammers use AI…

 

Russia launching digital ID ‘super-app’ inspired by Chinese WeChat

Russia is introducing a new digital identity “super-app” that will combine messaging, government and private services, e-signatures and digital IDs….

 

Biometric Update Podcast races into the future with 1Password and agentic AI

Where do identity verification and Formula 1 racing cross paths? Jeff Shiner, CEO of 1Password, has the answers. At an…

 

With SB 260, Utah looks to change the rules around who defines identity

A new bill in Utah provides a good illustration of how “identity” is still an evolving concept. State Bill 260:…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Biometric Market Analysis

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events