FB pixel

A promising defense against face biometrics scraping comes up short

| Jim Nash
Categories Biometric R&D  |  Biometrics News  |  Facial Recognition
A promising defense against face biometrics scraping comes up short
 

Scratch data poisoning off the list of possible tactics to fend off horizon-to-horizon biometric photo-scraping algorithms.

A public-private team of researchers looked at claims that digital photographs (in this case, face photos largely found on social media services) could be altered, or perturbed, just enough to poison facial recognition models training on the changed images.

Poisoning in this case means a model would misidentify scraped images. The initial hope was that people and organizations could use a fairly simple software tool to make face scraping impractical, if not impossible.

Scientists from Google, Stanford University and Oregon State University have posted their findings on the open-access arXiv.org platform. The paper is not peer-reviewed.

They point out that altered photos would have to be so cleverly engineered that they could never be sussed out by face biometrics profiteers. If a better algorithm rises, the perturbed code is as good as cracked.

And, according to their report, black-box access to an attack can train a model to get around the target images. There are other versions of data poisoning, but they seem to count on overly optimistic assumptions.

A number of software-and-service startups, most notably Clearview AI, have laid claim to billions of internet images in order to create biometric databases holding billions of photographs.

Most of the pictures — including those stored by Clearview — have been taken from social media services that expressly prohibit scraping. The practice has annoyed service owners and identity-rights activists.

Clearview sells subscriptions to law enforcement agencies, and police often use the company’s algorithms to identify the images of people picked up on facial recognition networks. (Its services are being used by the Ukraine government, possibly to ID Russian troops and war dead.)

Article Topics

 |   |   |   |   |   |   |   | 

Latest Biometrics News

 

Sri Lanka biometric data to be secured with hashing

Sri Lanka will secure the biometric data for its national ID system in hashed form. This one-way technology converts biometric…

 

As market for age assurance heats up, standards and rankings ID trusted vendors

According to a recent report from Liminal, the global age assurance market is set to grow from $5.7 billion in…

 

Southeast Asian countries align on approach to digital identity adoption

There are several different models of national digital IDs followed around the world, and several different methods of managing them….

 

IJCB’s facial recognition adversarial attack challenge kicks off

This Monday saw the official kick-off of the 2025 Adversarial Attack Challenge (AAC), a competition aimed at strengthening biometric authentication…

 

Effective digital public services need strong ID tech foundation: Entrust

Digital public services are increasing their efficiency, as well as accessibility, which in turn increases inclusivity. Delivering them to people…

 

Iran rolls out AI platform prototype amid facial recognition surveillance accusations

Iran has presented a prototype of its national AI platform, designed to address both the country’s lagging technological development and…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Continue Reading

Most Viewed This Week

Featured Company

Learn More

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events