Deepfake: what is it and how does it affect biometric identity
On the Internet, it is not difficult to find fake photos that appear to be real. Sometimes as a funny, simple joke that we clearly know is false, but at other times it can make us doubt and even compromise people.
If we apply Deepfake to the images, we can obtain photographs that are practically identical to an original. For example, they can use Artificial Intelligence to make a famous person appear to be in a certain place, such as eating in a restaurant.
But they can also use the same method for videos. It is more complex, of course, but with amazing results. Technology increasingly allows us to reach something similar to reality without too much effort. There are computer applications with which we can edit videos and, if we combine it with Artificial Intelligence, the results are evident.
We can therefore say that it is a problem that can affect the privacy and security of people. They can really serve to manipulate information, to make us believe what is not really. In addition, thanks to social networks there is a huge bank of photos and videos on the Internet that can be manipulated.
What is a biometric identity?
The biometric identity is to identify a person through something like a face, fingerprint, pupil ...It is more present in our daily lives, and we can unlock the phone simply by showing our face or with a fingerprint. Also for security systems such as entering a building, etc.
There is a big difference with identity through passwords, codes, or documents. That it is something that belongs to the user and we can change it. If, for example, we create a password to enter Facebook, or the mail, or to start the mobile, we can change that password whenever we want and we could even forget it.
On the other hand, the biometric identity cannot be changed. It is something unique to each individual. We cannot change our face, or fingerprint, or voice. Now, what happens if they manage to fake it? Obviously, that would be a problem and they would have access to the accounts.
How Deepfake Affects Biometric Identity
We have explained what Deepfake means and what is biometric identity. We can already get an idea of what would happen if both terms are combined. Basically, an attacker could have access to our accounts, steal information, sneak malware ...
As we can see, one of the methods to log in through biometric identity is the image of the face. It consists in that the camera of the phone or computer is able to identify the features and verifies that we really are the legitimate user.
Sometimes to contact an online bank account or similar, they ask us for a small video or photo in which we appear. One way they can see that it really isn't a scam. But of course, what if someone fakes that image or that video?
That's where the biometric identity-oriented Deepfake comes in. It is a serious problem since an attacker can use Artificial Intelligence to create a certain image of the victim or even a video as if they were actually taking a selfie to verify identity.
Therefore, a potential attacker could create a fake image or video. With that, he could spoof the identity. But we must also bear in mind that there are more and more sites, programs, and devices where we can use biometric identity to authenticate ourselves. This makes it a present problem, but one that will undoubtedly have a greater impact in the future, as the technology spreads and improves.
How to avoid being a victim of Deepfake
Can we avoid being victims of the Deepfake? Although technically this technique consists of falsifying an image or video through Artificial Intelligence and at the user level we could not do much to avoid it, we can take into account some tips to make it difficult for this to happen.
The first thing is to avoid exposing personal information on the network and making it available to anyone. Let's say for example that we put our email or mobile in an open forum. Also in social networks, we have images available so that anyone, even without being a contact, can access them.
An attacker could find out that we have an account on a certain platform, bank, email, social network ... And, thanks to the fact that he has photographs of us available, he could falsify an image or video to impersonate our identity and login to any service that supports facial recognition.
But it's also essential to enable two-step authentication. It is fine to use biometric identity to log in instead of using passwords, but in both cases, we know that we could become victims of attacks. How do we avoid this? It is best to activate 2FA on accounts.
This means that if an intruder tries to log in even knowing the password or, in the case of Deepfake attacks by spoofing the biometric identity, they will need a second step. That second step is usually a code that comes to us via SMS to our mobile, a code that we receive in applications such as Google Authenticator, etc.
Therefore, in conclusion, we can say that Deepfake is an important problem that will put biometric identities to the test as technology advances. We can say that Artificial Intelligence becomes the enemy in this case. We have also seen that we can take into account some tips to make it more difficult to fall victim to this problem.