This week at the Black Hat security conference researchers from Carnegie Mellon University will demonstrate how facial recognition technology can be used to positively identify a person and possibly even to gain access to their personal information, right down to their social security numbers. It’s just one example of how face ID tech could be about to change many things about your daily life.
The Carnegie team used three relatively simple technologies to create their face recognition system: An off-the-shelf face recognizer, cloud computing processing, and personal data available through the public feed at social networking sites such as Facebook–it’s the biggest and the one pushing hardest on privacy fronts. Combining the data gathered from the face reconizer hardware with clever search algorithms that were processed on a cloud-computing platform, the team has performed three powerful experiments: They were able to “unmask” people on a popular dating site where it’s common to protect real identities using pseudonyms, and they ID’d students walking in public on campus by grabbing their profile photos from Facebook.
Most impressively the research algorithm tried to predict personal interests and even to deduce the social security number of CMU students based solely on an image of their face–by interrogating deeper into information that’s freely available online.
The technology the CMU team used, while clever, actually isn’t all that sophisticated–and they were even able to reproduce some of the effects using a smartphone app that overlayed parts of their deduced ID data onto a view of the world in real time using an augmented reality app. The intention was to indicate that face recognition tech is not technically difficult nowadays, requiring relatively inexpensive resources like paid cloud computing and everyday camera tech. This means that even if the authorities aren’t using face recognition there’s no reason a corporation like Google or even your friends won’t be using it–in a company’s case for security or social data mining, and in the individual’s case for social networking, automated photo tagging and a thousand other uses.
The Carnegie team’s implying here, among other things, that we might soon rely less on gut instinct and instead rely on a social data overlay produced when we meet someone new. The New York Times recently explored how we read data in people’s faces using our minds, and reported on research in which test subjects were able to identify the political persuasion (in a simple Republican versus Democrat sense) of a random person’s photograph with a surprising degree of accuracy, as well as how different medical deductions can be made from studying the face alone. What happens when this kind of higher-level analysis begins to be automated?
It’s long been possible to buy cheapish face recognition door lock systems, destined to replace a PIN-based, fingerprint-reader or NFC card system for access to secure locations like offices. One such system, now discontinued, even promised a false alarm rate (a measure of how accurate it is) of less than 0.0001%–meaning it got things wrong for only one in every million face recognition attempts, and it cost less than $500. Soon your face literally may be a “key.”
An Android app called Visidon Applock even hit the headlines earlier this year when it promised face ID locking to your smartphone, and there’s now one for jailbroken iPhones too. These two apps hint at one simple and yet powerful system to secure your personal information in mobile devices that don’t involve anything intrusive or time consuming–much simpler than typing in a PIN or even swiping your finger over a reader, you simply have to let the phone’s camera look at you. Apple already builds sophisticated face recognition tech into the iPhoto app that every Mac contains: How beneficial would it be to allow user log-ins using a face ID? There’s even evidence Apple’s including face ID tech in iOS 5 for the iPhone, to allow video effects and perhaps for clever gaming and security applications.
But as the Carnegie team demonstrated with their smartphone AR app, there are far deeper social implications for this technology. Google and Facebook have both been tinkering with face ID tech, and though Google is reticent to use it openly now, Facebook is much more carefree about the social questions relating to it. And once there are a thousand auto-ID’d images of you online at Facebook or even Picasa, then wholesale face ID tech by, say, a smart advert connected to a screen at a bus stop is only a simple programming step away.
[Image: Flickr user familymwr]