English
中文
Deutsch
HomeArticle

An AI capable of bypassing facial recognition has already set its sights on your bank account.

差评2025-08-21 07:19
Now, the operation of using AI face swapping to deceive face recognition systems has become increasingly rampant.

Incredibly, the practice of using AI face swapping to deceive facial recognition systems has become increasingly rampant.

Not long ago, there was a fraud case in Nanjing.

The suspect first collected more than 1.95 million pieces of others' personal information, including names and photos. Then, using AI face - swapping software, he bypassed the facial recognition system of a certain financial payment platform. After a series of swift operations, he finally got away with 15,000 yuan.

With more than 1.95 million pieces of private information, he only managed to steal 15,000 yuan. It seems that this guy still has a conscience.

But the key point is that his attempt to bypass the facial recognition system actually succeeded.

Guys, don't take it lightly. Because you really don't know when you might encounter such a bad thing...

About two months ago, the self - media blogger @Yuanfang Qingmu posted that one of his small accounts with 600,000 followers suddenly started mass - sending fraud messages. When he investigated, he found that not only was the account password changed, but even the legal representative of the company was replaced.

Not long after, @Biaojiu is a Big Fund Investor also found that his account, which usually writes about US stocks, was promoting stock market pump - and - dump schemes to his followers.

Later, accounts like @Qin Xiaoming and @Maobidao had similar experiences: The legal representative of the company was changed, the accounts were stolen, and the followers were almost deceived.

So, if one day you suddenly receive a message from a so - called expert recommending stocks that are guaranteed to make a profit, don't believe it. If there were really such an information gap, wouldn't every one of us get a gold bar? (Don't believe this either)

In this collective account - stealing incident of financial influencers, after carefully examining the statements of each party, it was almost all mentioned that the legal representative change was related to the facial recognition system.

They stole your money yesterday, changed the company's legal representative today. Who knows if tomorrow they'll set their eyes on the little money in my provident fund account.

I talked to a guy who is an expert in network security. Only then did I know that facial recognition technology is not as reliable as we thought.

Some facial recognition systems even have such rough algorithms that you don't even need AI to bypass them easily.

The working principle of a facial recognition system is quite simple. First, the camera locates your face. Then it analyzes the details of your facial features. After translating your face into data that a computer can understand, it compares this data with your personal information.

In this process, there are two crucial aspects: One is how the data is obtained, and the other is how the algorithm processes this data.

How is the data obtained? It depends on the camera.

Common devices like community access control systems and company attendance machines usually use 2D facial recognition technology, which is planar and static.

The advantage is that it's cheap, but its security is questionable. A high - resolution photo or video might be enough to deceive it.

In contrast, 3D facial recognition technology is safer than 2D.

Some financial and government services use 3D facial recognition technology, and they even combine multiple modalities such as 2D, 3D, and infrared.

But here comes the problem. What if the face is carefully crafted by AI?

An industry insider named Aoke told me that around 2017, some people started using GAN (Generative Adversarial Networks) to attack facial recognition systems, and this has been going on for years.

Generative AI has made scammers extremely arrogant. They managed to steal 4.3 million yuan in 10 minutes and impersonated a company's CFO to defraud nearly 200 million yuan... Coupled with the cases mentioned at the beginning, using forged AI face - swapped videos and masks to deceive cameras has become a common deception method.

Even with liveness detection such as shaking your head or opening your mouth, there is still a chance that AI face - swapped videos can bypass it.

I think the reason is related to the working principle of the system.

According to Aoke, the system not only has problems when collecting facial data but also has loopholes in data processing, usage, and storage.

Aoke gave me an example of melamine being added to milk. The way machines detect the protein content in milk is by measuring the nitrogen content. Melamine has a high nitrogen content and is cheap. The machine doesn't care if it's toxic to humans.

The same applies to facial recognition. The algorithm only recognizes measurable indicators. So you just need to cheat on these indicators.

An extreme example is that Carnegie Mellon University conducted an experiment a few years ago. After wearing glasses with special patterns, the probability that the facial recognition system misidentifies person A as person B is over 80% because these patterns were specifically designed to exploit the loopholes.

Some researchers showed a QR code with an attack instruction to the system. As a result, the system processed the data according to the established process, and even though it wasn't a real face, the match was successful.

This is like AI face - swapping is like someone pretending to be a resident to deceive the security guard, while the "QR code" and "patterned glasses" are like sneaking into the security center and tampering with the surveillance.

Moreover, the capabilities of these security systems vary greatly.

The Chinese University of Hong Kong conducted a study two years ago. Among 18,000 apps, 373 used facial recognition modules with security loopholes. Unfortunately, nearly 40% of these 373 apps were financial apps...

Not to mention that those with some skills can directly access the backend and tamper with the user information.

In short, facial recognition is not a 100% secure technology.

Even a shady industry has emerged around facial recognition technology.

Also this year, some banned ride - hailing drivers used a "virtual camera" app to bypass the facial recognition system of the ride - hailing platform. At that time, some media reported that there were many services on domestic social and e - commerce platforms claiming to be able to bypass facial recognition systems.

According to a report from Shell Finance, some black - market operators are so bold that they openly claim which government platforms their methods can bypass.

It's really worrying. Nowadays, we often have to use facial recognition. And we can't change our faces like we change passwords. The only way would be to be reborn...

Fortunately, the government has taken action this year to curb the abuse of facial recognition technology.

Of course, in the battle between attack and defense of technology, the facial recognition systems and engineers of many payment and financial services are not idle.

For example, they do cross - verification at the input stage. 3D structured light is used for modeling, and infrared is used to detect the temperature of a real person... Although this method can't completely prevent attacks, it at least increases the cost of forgery.

There is also the method of using magic to fight magic. For example, Ant Group released ZOLOZ Deeper last year to combat AI face - swapping. Abroad, companies like RealAI and Reality Defender also have technologies to detect deep fakes.

Overall, the battle between attack and defense around facial recognition has been going on for years, and those black - market industries are like cockroaches, always finding dark corners to thrive.

We can't stay out of it, but at least we should be careful and don't easily expose our faces.

Image and information sources:

Some content was provided by interviewees.

WeChat official accounts and Xiaohongshu of multiple financial self - media bloggers.

Shell Finance, "Pay 560 yuan to pass facial recognition! Financial influencers had their legal representatives changed. Uncovering the gray industry of 'helping pass facial recognition'."

Some images are from the Internet.

This article is from the WeChat official account “ChaPing X.PIN”, author: Xixi, editor: Jiangjiang & Mianxian. Republished by 36Kr with permission.

该文观点仅代表作者本人,36氪平台仅提供信息存储空间服务。

For media inquiries, interview requests, business collaboration and Recruit global ecological partners, please contact mohaiying@36kr.com.
Partner:startuprad.io

36kr Europe (eu.36kr.com) delivers global business and markets news, data, analysis, and video to the world, dedicated to building value and providing business service for companies’ global expansion.

© 2024 36kr.com. All rights reserved.