To be able to log in to our online accounts we have multiple options today. The traditional, the most common, is to put the password in the application or web page. But little by little, other options have emerged, such as fingerprints or facial recognition. This has always raised questions about whether it really is safe or not. In this article we are going to talk about how they could crack facial recognition according to a study conducted by a group of security researchers.
They break facial recognition systems
Facial recognition is a usual method to enter social networks and many other applications. What the mobile does is scan our face, recognize that we are the legitimate user and allow access. But of course, there has always been controversy or doubts about whether someone could use a photo or somehow falsify our face.
Now a group of computer security researchers in Israel has been able to create a universal mask capable of breaking recognition systems. They assure that they work against many models of facial recognition, although always with limitations. During the pandemic, the use of a mask has been one of the obstacles to facial recognition.
They have been based on a optimization process that would falsely classify each user as an unknown identity when faced with different models of facial recognition. This mask would work just as well when printed on fabric as on paper.
They indicate that theirs is not the only possible version and that they could make similar ones to bypass facial recognition. However, they assure that everything will depend on the facial recognition model, how it is optimized and what patterns it uses to identify users through their face.
Each masked facial image could be created to look like the person is wearing a common face mask, such as blue surgical ones.
Therefore, this group of Israeli security researchers has verified that it is possible that the attackers could create masks to break systems facial recognition. It is not a simple process and it will not always work either; It will mainly depend on the recognition system. But yes, it is an existing possibility.
Protecting security is essential
One way or another, we can say that all login methods can be exploited at any given time. Although there are safer than others, they can always appear vulnerabilities. What users can do is make a hypothetical cyber attack as difficult as possible.
A good idea is to use two-factor authentication. Beyond using the usual password, in order to access an online service we will need to carry out a second step, which is usually a code that we receive by SMS or through an application. This will verify that we really are the legitimate user.
But protecting security is also about keeping systems protected and fully up-to-date. A good antivirus can free us from different types of malware, such as keyloggers, which could steal our passwords. Also, the fact of having everything updated will correct many vulnerabilities that may exist. Also, you can always choose a good password manager.
