Can Deepfakes Beat Biometric Security?
Deepfakes present the possibility of future biometric security issues. They replicate real faces and voices to nearly identical degrees, which leads to fears of impersonation and misinformation. Can people trust current biometric security technologies or have deepfakes already beat them? Learn more about deepfakes’ capabilities and which security measures may be worth your investment.
Can Deepfakes Beat Biometric Security Measures?
Basic biometric systems use hardware and software to grant access to approved individuals. They scan fingerprints, faces, irises and vocal tones to identify those who can access whatever the security system protects.
If deepfake technology replicated this data slowly, it might not beat advancing security technologies. However, deepfake tech moves fast. Experts estimate that deepfakes appear in 26.8% of fake news generated online. They’re easy enough for anyone to create at home, meaning cybercriminals can easily access artificial intelligence (AI) too.
Ways Deepfakes Trick Biometric Technologies
There are a few ways deepfakes can trick biometric security technologies. Understanding how they do it is the first step toward finding solutions.
1. They Take Advantage of Static Data
When your phone or laptop scans your face before unlocking, it checks your face against static data. It includes any data from your characteristics that don’t change, like your eye size or face shape. It can also check your fingerprints if you’re using a fingerprint scanner. Any of these static features are easy to copy because they never need updating.
2. They Replicate Vocal Tones
The AI behind deepfakes can copy audio to replicate it identically. If you post a video of yourself speaking, the software will break your vocal tone and accent into smaller files and feed them through the system’s neural network. It memorizes the data to replicate your voice with any dialogue, scripted or unprompted.
3. They Use AI Voices
Likewise, AI systems can save voices and keep them long-term. If a cybercriminal decides to use one to masquerade a deepfake as a human being, it can copy the vocal data files. When a security system prompts the seemingly real user for a saved password or phrase, the deepfake uses its algorithms to say the answer aloud.
3 Security Measures Against Deepfakes
How do biometric security measures hold up against deepfakes? Here are a few that are easy and difficult for the potential AI threat to beat.
1. Face Biometric Algorithms: Easy to Beat
If someone hacks a facial recognition scanner and puts a deepfake person in front of it, the system will likely open. It uses the static data stored in its system to verify the deepfake’s identity. Without layered liveness verification, things like iris recognition could easily mistake a deepfake as the person actually granted access to the system.
This weak point is another reason why using multi-factor authentication is crucial. While biometric security technologies catch up by developing multi-factor measures, you can use the system on any internet-connected device. You’ll get an alert when someone tries to break into your locked accounts from a different place or device, preventing data theft with the touch of a button.
2. Voice-Activated Security Systems: Harder to Beat
If your interest in security systems makes you listen to industry experts and read about the latest advancements, you might be surprised that voice-activated biometric devices are more challenging for deepfakes to trick. They often combine voice activation with newly generated authentication questions that the AI can’t figure out beforehand. More advanced security systems may also listen for sound wavering that only vocal cords produce.
3. Fingerprint Scanners: Hard to Beat
Deepfakes are entirely digital, so tricking fingerprint scanners are much more difficult. The AI would need to break into the scanner’s software and pose as accepted data without the software catching it.
Scanners also rely on heat to verify that a finger is on its surface. Although deepfakes can copy fingerprints, they can’t generate the same heat as a human hand.
How Security Measures Can Improve
Technology and security experts are teaming up to improve biometric security technologies. Watch for these advancements as you track the industry’s progress in the age of deepfake cyber hacks.
1. They Can Check for Blood Flow
Facial recognition might be easy for deepfakes to beat now, but that may not last long. Intel recently created FakeCatcher to solve that problem. The algorithm checks facial recognition scan data for blood flow and heart rates. When tested before publication, FakeCatcher was 96% accurate in detecting deepfakes. The algorithm could become a widespread tool in making biometrics more secure.
2. They Can Implement Action-Based Factors
Some security systems are relying more heavily on action-based security measures in addition to biometric data. One strengthens the other by requiring users to do a unique action when accessing secure data.
Real-time generators ask the user to read a sequence of numbers and words before or after scanning their face, voice or fingerprint. It guarantees that the person is a human instead of a deepfake that can only respond to what its data planned on encountering.
3. They Can Use Deepfake Detection Programs
Deepfake detection programs are also becoming more mainstream. Cybersecurity experts integrate them with biometric software to layer the two together. When someone scans their biometrics, the detection program checks the data for compressed videos or altered files that are present with deepfake personas.
Since expanded federal funding for this programming received approval in 2019, people won’t have to wait long for biometric security companies to learn from the existing programs and implement their own versions.
Watch for Deepfakes and Biometric Security Advancements
There are numerous ways deepfakes beat biometric security, but those methods won’t last forever. People have already created new ways to make biometrics more secure and are continually seeking advancements to those solutions.
Whether you prefer facial recognition, voice activation or fingerprint scanning, the biometric security technology you like is adapting to the threat of deepfake hacking.
Zac Amos writes about AI, cybersecurity and other trending technology topics, and he works as the Features Editor at ReHack.