FB pixel

Deepfake threats are a lucrative opportunity – biometric data privacy is the key to unlocking it

Deepfake threats are a lucrative opportunity – biometric data privacy is the key to unlocking it
 

By Michael Marcotte, CEO of artius.iD

This year, over half the world’s population will head to the ballot box. At a time when, in many nations, democracy is already under acute pressure, ensuring these elections are free and fair is of paramount importance.

In the context of this political instability, deepfakes have entered the stage – and this year they are poised to play a larger role than ever before.

Governments, either through a lack of ability or will, have failed to sufficiently defend democracy against deepfakes. However, where the public sector fails, there’s an opportunity for the private to step in – both to safeguard democracy and reap financial rewards in the process.

Biometric firms should be leading the way in providing the next generation of election securing technology. The first step towards this needs to be reassuring regulators on the privacy of biometric data.

Global elections have become ground zero for a geopolitical struggle as Russia, China, and Iran all try to exert their influence on democratic votes. At the Munich security conference this year, FBI Director Christopher Wray sounded the alarm on deepfakes and how elections are at an unprecedented risk of interference.

The recent US primaries were the canary in the coalmine. The FT reported how the New Hampshire attorney-general investigated an “artificially generated” voice of President Joe Biden that robocalled voters, encouraging them to stay home and not vote in the state’s presidential primary.

In Slovakia, a deepfake of a pro-NATO candidate emerged, where he apparently boasted about rigging the upcoming election. He went on to lose to a candidate who supported closer ties to Putin (CNN).

However, grave threats also represent significant opportunities for bold entrepreneurs to step into the breach. Safeguarding elections is both a civic responsibility and a lucrative market. There is space here for a pioneering biometric tech startup to shore up election security in this crucial year.

So, what does a biometric tech firm need to do to carve out this market as theirs?

This publication has rightly reported on the emerging use of biometric tech in elections in Papua New Guinea and Kurdistan – but no country with a large population is yet to properly integrate biometrics into their electoral processes. This is because of very valid concerns over privacy.

Deepfakes, no matter how real they appear to the human eye, contain flaws at the microscopic level. We struggle to pick them out, but these inconsistent pixels and vocal fluctuations can be registered by biometric technologies. The tech will match the apparent representation against genuine stored biometric data and then verify a recording.

There are variations of this process, but at its core, this is how biometric-based election security would work. The obvious concern this raises is over the security of the stored biometric data – any company trying to stake a claim to this market will have to be able to guarantee its privacy.

Firstly, secure data handling practices need to be updated and followed religiously. This involves standard procedures of anonymization and encryption, but also integrating new technologies.

AI can be used in databases to detect unauthorized alterations and tampering. It can also be used to power encryption by managing the generation and rotation of encryption keys. Rigorous role-based access should be enforced, and the principle of least privilege applied at all levels.

Secondly, biometric templates, like a voter’s facial geometry, are the assemblages of this data – and they are also crucial vulnerabilities as they can be used in fraud and manipulation to a greater extent than the raw data.

Cryptographic hashing can be used to avoid storing the raw biometric data and the templates together. ‘Salts’ are also necessary and can be deployed to augment the hashing process and shore up password security.

A third variable that must be controlled by any prospective biometric firm operating in elections is their supply chains. It doesn’t matter how advanced their hashing is if the data has already been compromised by a firmware hack at source.

Third-party vendor privacy assessments must form the basis of procurement decisions, and biometric companies need to work with vendors to implement secure development life cycles that involve regular security assessments, code reviews, and vulnerability testing.

Developing a biometric product that doesn’t just meet these baseline standards but goes beyond them to guarantee voter privacy will be expensive. Entering any highly regulated market is bold; and few are regulated as rigorously as election technology. The first biometric startup to develop tech that neuters deepfakes in an electoral setting will rapidly find itself in global demand. Then the potential rewards of abundance and safeguarding democracy will more than justify the intense scrutiny.

About the author

Michael Marcotte is co-founder of U.S. non-profit the National Cybersecurity Intelligence Centre and CEO and founder of artius.iD.

DISCLAIMER: Biometric Update’s Industry Insights are submitted content. The views expressed in this post are that of the author, and don’t necessarily reflect the views of Biometric Update.

Related Posts

Article Topics

 |   |   |   |   | 

Latest Biometrics News

 

What is the killer app for verifiable credentials? Daon, Dock and Youverse discuss

Industries such as financial services, healthcare, transport, government and more are increasingly adopting digital verifiable credentials connected to biometrics. Their…

 

Veteran biometrics leaders join FaceTec, Credence, ID.me adds ex-Meta exec

The latest round of appointments in the biometrics and identity management sector includes a former leader of federal government sales…

 

EU announces phased approach for EES

The European Union has proposed a progressive introduction of its biometric traveler registration scheme, the Entry-Exit System (EES). On Wednesday,…

 

Drowsy drivers to get AI-assisted safety prompts

Fatigued drivers are one of the most common hazards on the road, but sleepy-heads on commercial wheels are to get…

 

Chameleon AI masks faces from scraping while preserving image quality

If the first wave of the current AI deluge created complicated challenges, the second wave has often been about using…

 

Argentina mandates biometric age checks and ID verification for gambling

Argentina is set to implement a nationwide requirement for biometric digital identity checks by online gambling companies to address growing…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events