FB pixel

Biometric ID firms face the music on growing threat of generative AI, says iProov

Threat report shows a massive spike in face swap injection attacks in 2023
Biometric ID firms face the music on growing threat of generative AI, says iProov
 

The latest threat intelligence report from iProov addresses the algorithmic elephant in the room, as implied by its subtitle: “The Impact of Generative AI on Remote Identity Verification.” Specifically, the report zooms in on tools and techniques that threat actors use to launch digital injection attacks that pose a risk to secure digital identity verification.

“In the last 24 months,” reads the report, “the threat landscape has undergone significant changes. Organizations considering incorporating facial biometrics into their remote identity platforms need to understand the benefits and drawbacks of the various technologies available and the pros and cons of different deployment methods.” Biometric solutions that looked secure two years ago may not instill the same confidence in a world of deepfakes, face swaps, voice cloning and whatever mass uptake of Apple Vision Pro might look like.

Notable statistics in the report include an observed increase in face swap injection attacks of a whopping 704 percent from the first to second half of 2023. “Face swaps,” it says, “are now firmly established as the deepfake of choice among persistent threat actors.” The most common tools being used for face swap attacks are SwapFace, DeepFaceLive and Swapstream. Most easily accessible options include a free tier for user experimentation – or, in the case of fraudsters, exploitation.

Synthetic media created using generative AI tools has become harder to detect and can be injected as a malicious payload into an audio or video feed and manipulated in real time; security methods that would typically detect if virtual cameras were used to film synthetic faces can now be fooled with emulators, the use of which increased by 353 percent from H1 to H2 2023. Injection attacks on mobile platforms shot up by 255 percent in the same period. And the variety of tactics, the volume of bad actors and a “significant increase in the persistence of threat actors” mean the threat ecosystem is growing with pestilent speed; among threat groups identified by iProov’s analysts, 47 were created in 2023.

This all sounds bad. But the outlook is not as bleak as it would seem: those who are equipped with the appropriate technological safeguards have less to worry about. “Organizations leveraging biometric verification technology are in a stronger position to detect and defend against these attacks than those relying solely on manual operation,” says the report. Its key takeaways confidently state that “human operator-led systems can no longer consistently and correctly detect synthetic media such as deepfakes,” and that “in order to detect synthetic media created using generative AI, verification technologies that leverage AI are essential.”

In addition, iProov calls on the biometrics industry to establish more rigorous certification requirements for vendors, and to factor in both user experience and potential bias, as well as steps to mitigate it.

“Threat actors are exploiting processes that rely on lower-cost technology as well as those that leverage human intervention,” says the report in its conclusion. “Current tools are outpacing defenses in both availability and sophistication. As a result, these new threat vectors are evading many current remote identity verification techniques faster than organizations can detect or adapt their security measures.”

“A proactive approach leveraging science is needed to identify, mitigate, and prevent potential threats before they become serious.”

The full report is available for download here.

Related Posts

Article Topics

 |   |   |   |   |   | 

Latest Biometrics News

 

Karachi launches safe city project with live vehicle, facial recognition

Karachi has launched the first phase of its Safe City Project, with five poles equipped with 25 surveillance cameras. A…

 

Biometric payments project launched in Kazan, Russia

The authorities of the city of Kazan, a center of Russian petrochemical production, has officially launched biometric face payment via…

 

DPI is taking stage as India’s digital model is shaping global governance

Governments worldwide are increasingly prioritizing the development of robust Digital Public Infrastructure (DPI), in a shift that comes in response…

 

Comoros to implement digital govt program with $10M AfDB grant

The Union of the Comoros is set to execute a digital public infrastructure (DPI) project thanks to €9.51 million (US$10.4…

 

Malaysia pushes for stronger DPI governance

Malaysia has ambitions to become a digital hub for Southeast Asia but the country still has some way to go,…

 

Biometrics race for the borders

Biometrics to ease border crossings are a major theme of the week among Biometric Update’s most-read articles of the week….

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events