How AI will Defeat Facial Authentication and Security Software

By Enterprise Security Magazine | Thursday, October 31, 2019

Facial AuthenticationAI, with its continuous evolution, will soon transform the security measures and software across almost all technologies and industries.

FREMONT, CA: Anticipating the coming wave of AI-powered cyberattacks, enterprises need a shift in AI-based unified endpoint management (UEM) solutions. This can help organizations think outside the box. Many in the cybersecurity industry assume that AI will be used to simulate human users, and that's true in some cases. But a better way to understand the AI threat is to know that security systems are based on data. These data include passwords, biometrics, photos, and videos. The new AI is coming online that can generate fake data that passes as the real thing.

One of the significant challenges faced by AI technologies for security teams is a very new class of algorithm called generative adversarial networks (GANs). In a nutshell, GANs can imitate or simulate any distribution of data, involving biometric data.

GANs are best known as the foundational technology behind deep fake videos that convincingly show people doing or saying things they never did or said. Applied to hacking consumer security systems, GANs have been demonstrated to be the keys that unlock a range of biometric security controls.

Fake Fingerprints

One of the oldest tricks in history is the brute-force password attack. The most commonly used passwords have been well-known for some time. Many people use passwords that can be found in the dictionary. So if an attacker throws a list of common passwords, or the dictionary, at a large number of accounts, they're going to gain access to some percentage of those targets. GANs can produce high-quality password guesses. The technology used here makes it possible to launch a brute-force fingerprint attack. Fingerprint identification is like the kind that is used by major banks to grant access to customer accounts is no longer safe.

The GAN approach helps create thousands of fake fingerprints and has the largest probability of being matched for the partial fingerprints the authentication software is looking for. Once a large set of high-quality fake fingerprints is produced, it's a critical-force attack using fingerprint patterns instead of passwords. Another point is that many consumer fingerprint sensors use heat or pressure to detect if actually the fingerprint is produced by the human.

Face ID

One of the traditional schemes for troubling biometric security includes tricking the facial recognition software with fake faces. This was quite difficult with 2D technologies. Capturing of 2D facial data can be done with the help of an ordinary camera, and at some distance without the knowledge of the target. With the invention of high-definition 3D technologies found in many smartphones, the tasks become less difficult. Constructing a 3D head out of a series of 2D photos is exactly the kind of fake data that GANs are great at producing.

The future is here, the reality will soon gain access to artificial intelligence (AI) tools that helps to defeat a number of forms of authentication ranging from password to biometric security systems, and even facial recognition software will enable identification of the targets on networks and evade detection.

As we enter into a new age of artificial intelligence being everywhere, the world we are going to see is deployed creatively for the purpose of cybercrime. It's a futuristic arms race, and the world's only choice is to stay ahead with leading-edge security based on AI.

Check out: Top Artificial Intelligence Companies

Weekly Brief