AXEL.org

Blog

How Virtual Reality Is Being Used To Put An End To Cyber Attacks

**This is part of our series highlighting startups who share our mission of trying to make people’s lives just a little easier**

The explosion of new technologies has seen a huge rise in the quantity and – more importantly – the quality of cyber hackers out there. Crude attempts to hack into systems are a thing of the past, and instead expert attackers are collaborating with governments and crime syndicates to do questionable things with data.

For digital businesses in particular, this is a big concern. Large, distributed networks that are scattered around the web lend themselves perfectly to cyber-attacks from sophisticated hackers, and those hackers are more savvy than ever before.

New Israel-based startup Illusive Networks was built to stop these attackers in their tracks – literally (albeit digitally).

Malicious hackers will find every entry point they can to wriggle into a network, often bypassing firewalls that companies thought would protect them and their assets. Because of this, Illusive Networks has said goodbye to firewalls and has instead gone for a different method of creating a new world for the hacker to disappear into (and get lost).

If it sounds like something out of Minority Report, you might be onto something. And, if it sounds a bit farfetched, you’re on the same wavelength as us. I mean, creating a whole new world simply to distract potential hackers seems like a lot of extra effort, right?

This is where it gets interesting.

You’ve heard of virtual and augmented reality, right? These are two new technologies that layer an alternate reality over the top of, well, real reality to bring participants new perspectives and new worlds entirely.

Illusive Networks taps into these technologies and creates a false version of a company’s network to either trap the hackers in an alternate “reality” or kick them out completely.

Isn’t Illusive Networks Just Like the Others?

The answer to this question is, of course, yes and no.

Businesses have access to thousands of different security products these days, and there seems to be a new anti-cyberattack startup popping up every single day.

Because of this, business owners and security leaders are resisting adding even more tools to their security arsenal – the last thing people want or need are noisy alerts every time a hacker tries to break through a digital barrier.

“But technologies that truly look at existing problems in new ways and are purpose-built to help companies deal with the unexpected can deliver significant efficiencies that reduce rather than add to the security burden,” says Illusive Networks’ Founder and CEO, Ofer Israeli. “Distributed deception technology is certainly one of them.”

How Illusive Networks Works

On its website, Illusive Networks says that it:

  • Maps potential paths attackers can take to get to the goods (a.k.a. your most important assets)
  • Finds and gets rid of risky areas that help attackers reach your assets
  • Cloaks your system with thousands of high-fidelity deceptions that trigger an alert when one wrong move is detected
  • Offers real-time forensic reports to help response teams stay in control

But what do all these things really mean? And what even is “distributed deception technology”?

“There will always be a phishing or drive-by attack,” says Israeli. “Humans are the weakest link and always will be and will continue to make mistakes. But once the hacker is in, now we have an attacker who needs to orient himself.”

Essentially, distributed deception means creating a series of fake journeys a potential hacker could take. The aim is to confuse, deceive, and catch them red handed.

Illusive Networks creates an “illusive” version of a company’s network (that alternate reality we were talking about earlier). And, once a hacker finds themselves in this parallel universe, the tool identifies the individual and either keeps them shut in there forever or kicks them out for good.

Think about it: to strategically plan a pathway to the main asset, a hacker needs to consider two things. They need to know what options they have for where they can go next, and they need to know how they can access the powers needed to execute that particular move. In the security world, this two-step process is known as orientation and propagation.

You see, to get to the coveted prize, a hacker needs to make a series of hundreds or thousands of tiny moves – something that Illusive Network aims to put a rapid stop to.

Say, for example, there’s a hacker who has the option to take three different paths towards their next step. Illusive Networks then swoops in with a further twenty choices, of which only three are real and the other seventeen are traps. If the hacker takes any of those seventeen options which, let’s face it, is highly likely with the law of probability, the system is alerted to an unwanted intruder.

Likewise, if a hacker needs to gain credentials to make their next move, Illusive Networks will supply them with tens more credentials than they need so that, again, if they pick the wrong choice the system goes into lockdown.

So, rather than shutting out hackers entirely like firewalls do, Illusive Networks deceives them so it’s almost impossible for them to reach their end goal. The startup has even brought several ex-attackers on board who have shared their perspectives to make solutions more realistic and useful.

Perhaps the most advanced thing about the startup is that neither the professionals working for Illusive Networks nor the hackers can see the deceptions until they walk into them head first. This means the deception sensors are only triggered if someone “bumps into them”, but it also means that it only takes a few moves (out of potentially thousands) for an attacker to be detected and kicked out.

What Does This Mean for the Future of Cyber Attacks and Data Breaches?

Illusive Networks plans to bring a new age of security to digital businesses that will see less hackers succeeding despite them getting more and more sophisticated every day.

Data breaches could be a thing of the past, as distributed deception means hackers don’t have to just navigate one obstacle like a firewall. Instead, there are obstacles all around them (think security lasers in a museum as a real-life example), and every wrong move can be quickly detected.

But while it might be comforting to know that our personal data looks to be safer than ever, the technology behind Illusive Networks might not be limited stopping hackers in the future.

What if hackers start using it to their advantage? These are people that are highly skilled in tech-endeavors, so surely they’re buffing up on this new technology as we speak and working out ways they can use it to their benefit? If they’re not, maybe they’re missing a trick.

Systems like the one Illusive Networks is using are groundbreaking in the war against cyber attacks but only time will tell if they’re victorious.

The 21st Century Bid to Become Immortal

There are three knowns in this world: we’re born, we live, and we die, but some tech extremists are trying to add a fourth known after we die.

The incredible evolution of technology has meant that, in the not-too-distant future, we’ll have the capabilities of living forever.

In 100 years, the four knowns in this world might look like this: we’re born, we live, we die, and then we become immortal.

There are already thousands of studies on cryogenics to preserve the human body once it’s dead, but the physical body is just a small part of what makes us human. The biggest part of what makes us “us” is our brains; a mass of an organ that’s built up of networks and neurons from our experiences.

Back in 1994, a feature article in Wired magazine highlighted the subculture of Extropians, a group of people in California who wholeheartedly believed in transcendence. Followers of the movement strived to become “more than human” and saw a future where human brains as well as bodies could be downloaded and preserved.

This was in 1994, so you can only imagine how much more advanced this theory is now. It’s advanced so much, in fact, that it’s no longer just a theory.

Eventually (and we’re talking as soon as sometime within the next century), there will be the technology available to copy every single bit of data that makes us “us” and upload it to a computer. When it’s there it can be studied, picked apart and, perhaps most disturbingly, downloaded.

If you’ve seen the San Junipero episode of Black Mirror, you might have an inkling into what this could look like. Throughout the surprisingly optimistic episode, we see Yorkie and Kelly exploring the fun-loving town of San Junipero, only to find out at the end that they are actually elderly women who are prescribed visits to the virtual town once a week via a digital headset.

The episode left a lot of viewers with a warm, happy feeling, but would it really all be sunshine and unicorns?

Or, perhaps the better question to ask is, what’s the point?

Why would we need to upload ourselves into a virtual reality and create an entirely new world when we have a backlog of our own memories and experiences to draw from?

Are they not enough?

This is where the obsession with becoming immortal comes in.

It’s not enough for us to be born, live, and die anymore – well, not for a lot of people. Instead we’re always wanting more; one lifetime isn’t enough.

Why Are We Obsessed with Being Immortal?

At some point in the past, our ancestors began to question our existence. Whether it was millions of years ago or thousands is unknown; all we know is that there was a time when a human like us considered why we were put on this planet.

And this thought pattern continues today. We need to know that there’s a purpose for us here in this world otherwise, really, what’s the point? It’s the reason we go to work, build families, and do stuff we love. We’re on a mammoth quest to live meaningful lives to answer the ever-present question of why we’re here.

We do the things we do in the hope that we are more than just our biological parts; more than just a sack of meat sleepwalking through the eighty years we’ve been given.

This is where the fascination with immortality comes in.

Our bodies are just a vessel, but our brains – those ugly lumps of gray matter – are us, and the thought of us not being around forever is an incredibly difficult pill to swallow.

So, Why Not Live Forever?

Startup Nectome has reached into the pit of the human soul and tapped right into this desire for more.

Founded by a pair of MIT AI researchers, the company plans to offer a commercial way for “everyday people” to preserve their brains using a process called aldehyde-stabilised cryopreservation.

Essentially, the brain is turned into glass and the data that’s captured is stored on what can only be described as a very advanced cloud system.

So far, so good.

Except there’s one catch: in order to have your brain preserved in this way, you have to die. For the upload to be successful, the process has to be carried out right at the moment of death. Or, rather, the upload process has to be the cause of death.

The “patient” has to have the natural blood flow to their brain replaced with the embalming chemicals that preserve the brain and its neuronal structures.

It’s the ultimate way of saying “I want to live forever so I’m going to die now.”

Nectome’s aim is for the uploaded brain data to be used later on as part of a computer simulation – much like in San Junipero. The chemical solution used is able to preserve body parts for thousands of years so that, one day when the technology is available, scientists will be able to scan the frozen brains and upload them to a computer system where they can live out their new reality.

Someone – though not an entirely human “someone” – somewhere will be able to retrieve your memories and your experiences.

Which begs the question: are Nectome’s customers dying to preserve themselves or further advance transhumanism and the technology involved with it?

Let’s go back to what makes us “us” for a moment. We’re a combination of our brains, body, voice, experiences, and everything else in between. By simply uploading one part of that – the brain – are we really capturing us? Is our brain in someone else’s body, whether that’s a computer system or a real-life body of flesh, still us?

For now, Nectome is working with terminal patients in California under the state’s End of Life Option Act, but who knows how far this trend will spread in the future.

Even today, thousands and millions of years after we first questioned our existence, we’re still fighting for meaning and the answer to why we were put on this earth.

But, with the leaps and bounds technology has made since then – and since Wired magazine’s feature on Extropians – we’re now closer than ever to becoming immortal.

Nectome is, without a doubt, one of the most controversial startups to come out of the US in the past few decades, but we could argue that it’s simply tapping into a want, a desire, and an obsession that humans have.

So let’s leave it at this: Nectome might just be giving the people what they want, or it might be a high-tech religion preying on people’s fear of death and their obsession with living forever.

Quantum Computing Will Change Cybersecurity – If We Can Figure Out What It Is

Quantum computing is the next type of computing that is going to be important. How do I know? Because people throw the term around in casual conversation the way they add a cloud, machine learning, or blockchain reference to statements to make themselves seem smart. It’s like, fine, you know I can’t argue with you now because I don’t know what you’re talking about, but do go on.

Now I don’t have a STEM background at all, but I still think that I should be able to understand WTF everyone else is talking about. So I’m setting out on a quest to understand quantum computing. Please join me as I demystify this mysterious new technology, and try not to laugh too hard.

First stop: Google.

I thought I could start by just Googling what quantum computing is. I thought wrong. The definition uses words like “superposition” and entanglement,” which sound vaguely inappropriate and specifically confusing. Google also helps me out with this little nugget: “A quantum computer is a device that performs quantum computing.” Oh do go on.

Upon further reflection that included stuffing a bunch of popcorn down my gullet and singing half of a Mariah Carey song loudly, I come to the realization that quantum computing is somehow different than regular computing. Oh wait – that’s in the definition I’m staring at.

But, wait, I see the word binary – that’s a word I know. Ok so quantum computing doesn’t rely on zeros and ones. Interesting…..

This reminds me of those characters in Star Trek, the Bynars, who communicated exclusively in binary. They were cool little guys. In the TNG episode “11001001” the Bynars even upload all their binary into the Enterprise’s computers. Could this be a clue to quantum computing? Perhaps I should rewatch this episode to find out!

Four hours and five episodes later…………………

Ok, I’m back. That episode is really good, and I had forgotten that the Bynars travelled in pairs. So cute. I am no further from solving the mystery of quantum computing, and I think on some level I knew that I was only making up an excuse to find temporary reprieve from my perilous quest. But no! For the sake of everyone reading this, I won’t give up so easily.

After further research, I’ve encountered a promising definition from Forbes:

On a scientific level, quantum computers work within the world of atomic particles and subatomic particles. In this world, the particles exist in multiple states at a time, allowing a quantum computer to operate in those same multiple states. This goes beyond the laws of physics and operates in an entirely different way than the one state of time that we exist within. It’s easy to immediately feel confused by this concept because human beings don’t know what it’s like to exist in multiple states of time.

What fresh hell is this?

I am beginning to wonder if an altered consciousness is necessary to unlocking the secrets of quantum computing. I really thought Forbes would help me out here, as it’s geared towards business-oriented people like me. If business-oriented people sat at home eating popcorn and singing Mariah Carey on a Tuesday afternoon, that is. It’s my life, and I don’t want to talk about it.

Actually when I read on, Forbes does make a few good points: quantum computing conserves energy, vastly improves cyber security, and is great for processing large data sets. So basically, quantum computing will solve all our problems by completely bypassing the laws of physics. NBD.

I’m getting sort of a Wizard of Oz vibe from this whole thing, to be perfectly honest. Some magical man behind the curtain will solve all my problems as long as I don’t pry too deep into how, exactly, he will do this.

Sounds like a steaming heap of something that came out of a horse to me.

Perhaps if I watch The Wizard of Oz, I can gain more insight into how mysterious entities like wizards and quantum computing function….it’s worth a try.

……………………four hours, one movie, and two naps later………………………

I’m back to finally crack this quantum computing nut once and for all! The Wizard of Oz didn’t really help me out, and I got sidetracked thinking about how hard Judy Garland’s life was. Now there was a talent snuffed out too soon. Perhaps if we were all Bynars, life would be less difficult. We’d always have a little buddy that’s just the opposite of us….or, no, that sounds like having a cat. Did Judy Garland have a cat?

Anyway. I’m reading a new article now. It’s telling me that quantum computers use a thing called qubits, and that, in contrast to conventional computer chips, these super computer chips can be both zeroes and ones at once. That’s cool and all……But why would they want to? (I mean technically, the answer to that question is because it’s faster, but existentially, I’m not sure these scientists can answer that.)

Apparently the qubit must be kept very cold to work properly. And also, this is how it’s described: “This 1-inch-long wafer is made of synthetic sapphire topped with a 100-nanometer-thin layer of printed aluminum.” Why synthetic sapphire? Was the wafer born in September? Everything about this description is wild, and I am coming to realize that I will never be able to understand this thing without first having a solid grasp of at least grade 10 physics and possibly a PhD in whatever this is.

To be honest, it sort of seems like the scientists are just making things up to mess with us at this point, and I really don’t blame them. At this point, they probably just want us to stop talking about blockchain. They’re not wrong.

As I make one final attempt to figure out what quantum computing is, I come across another Forbes article. Fool me twice, Forbes….

Ok so apparently once quantum computing becomes the norm, all of our security protocols will be rendered useless, and the only way to prevent this is — you guessed it — quantum resistant cryptography. And thankfully, “This encryption cannot be broken mathematically because it is protected by the laws of physics.” Good?

Now this is starting to seem like the world’s most terrifying game of rock paper scissors: STEM wars edition. Physics trumps mathematics, but what trumps physics?

I’ll tell you what trumps physics: Mariah Carey’s beautiful voice. And my voice too when I sing her songs, but in a different, viscerally painful for others type of way, sort of like when the rock mangles those defenseless scissors. So I’m going to get back to that and hope you learned something today. Let’s see, to sum up, essentially quantum computing exists, it’s extremely elaborate, and nobody will ever understand it, probably not even the people working on it. The Bynars can’t save us now.

How This Machine Learning App Will Help You Become the Next Picasso

**This is part of our series highlighting startups who share our mission of trying to make people’s lives just a little easier**

“Earth” without “art” is just “eh”, claims the headline on SketchAR’s homepage.

But not everyone’s the next Picasso or Van Gogh. Not everyone can craft a masterpiece like the Mona Lisa – until now. Or, at least, that’s what this new augmented reality app hopes to change.

Augmented reality has become huge over the past few years – we only have to look at the mind-blowing success of the Pokémon Go app that integrated the user’s actual location with graphics from the game itself. The game was so popular that everyone from prime ministers, reporters, and law enforcement officers were all having a go.

Bridging the gap between the real world and the digital one has become a huge trend in the tech industry, with multiple different types of apps and industries venturing into this crossover territory.

Today, AR is helping people do far more than just catch ‘em all. It’s helping them learn how to sketch, which is great news if even your stick figures leave much to be desired, like mine.

How SketchAR Makes an Artist Out of Anyone

The app works by overlaying a virtual image on a real-life piece of paper which shows up on the phone screen. Ideally, users need to get a tripod involved, as it can be difficult to hold the phone over the piece of paper in one hand while sketching with the other.

With a built-in selection of pre-made sketches, users can get started right away on perfecting their drawing skills, or they can upload and convert pictures from their own camera roll and turn them into traceable images.

Then comes the fun bit.

Once the user has chosen which image they want to sketch out from their screen onto a sheet of paper, they need to draw five circles around the edge of the page so the camera can recognize the canvas.

After that, the image aligns with the five circles and displays on the screen, allowing the user to go right ahead and trace, draw, sketch, and be creative.

At the moment, SketchAR can only be used on A4 paper, but there are big plans on the horizon. Soon, larger canvases will be available as well as built-in sensors to detect a physical location so mural artists can get involved as well.

The Future of AR Technology in Apps

AR isn’t a new technology.

In fact, the first AR headset was developed by Ivan Sutherland in 1968 with the term “augmented reality” later coined in 1990.

It wasn’t until 2009 when AR was integrated with the internet that things got really exciting, though.

So exciting, in fact, that the AR and VR market size in 2021 is set to reach $215 billion – a massive increase from the $17.8 billion predicted this year.

While games like Pokémon Go make it easy to believe that AR is only good for entertainment purposes, it’s actually proving to be a huge hit in helping people develop new skills and advance in the workplace.

In a ISACA survey, 64% of US consumers believe that AR enhancements would benefit the workplace, while a further 69% believed that this kind of technology could help them learn new skills.

This is where SketchAR comes into play.

In the past, learning a new skill meant going to an evening class or taking a course. This equated to spending money and having to give up precious time, which probably put a lot of people off.

However, with the birth of AR apps like this, people can learn a new skill from the comfort of their own home whenever they want – it sounds like a win-win situation, right?

Most people would agree.

It could be argued that AR has opened up a new era for computing which goes beyond the limits of a small screen. Maybe in the not-too-distant future we won’t see workers at desktop computers anymore and will instead see them wearing headsets that let them interact with data and information in real-time right before their very eyes.

But on the flipside of this there are – as always – causes for concern. Just like there is with any new technology – especially ones that rely on mixed reality.

Because it is finely attuned to the real-world, AR usually has access to location information of its users. Take Pokémon Go again, which offered up different kinds of Pokémon depending on where the user was. This led to a spate of news reports about robbers who had used the game to lure unsuspecting players to specific spots to steal from them.

And, because AR operates in both the real and the digital worlds, there are concerns about the digital side of things, too.

The ISACA report shows that a large percentage of consumers are very or somewhat concerned that AR enhancements make their devices more vulnerable to privacy breaches.

It seems hard to equate hacking and data breaches with a seemingly harmless app that teaches people how to draw better. But when you think that new technologies like AR need new processes and new systems in order to keep operating at their best, there’s bound to be some pushback from the general public.

Sure, SketchAR may well make an artist out of you yet, but is that all it does?

So far, so good.

If you want a quick and easy way to sketch a picture of your dog for your mom’s birthday, SketchAR might just be the thing you need. But with AR technology advancing by what feels like the day, we’ll be keeping a close eye on what it’s going to help us do in the future.

Because after all, once we’ve mastered the paintbrush like Picasso, what’s next?

Good Idea / Bad Idea: Protecting Yourself Online Edition

I have always loved to think of my life decisions in the simplistic black and white terms of the classic Animaniacs Good Idea / Bad Idea segments.

Here’s a great example:

Good idea: taking a deep breath before jumping into a swimming pool.

Bad idea: taking a deep breath after jumping into a swimming pool.

Animaniacs is a classic, and I love how good idea / bad idea makes it seem so easy to do the right thing. Of course, over the years I’ve found that life is rarely as neatly broken up into good and bad as the show made it seem. However, keeping your data and yourself safe online is one area in which the good and the bad are fairly self-evident, and it’s also an area that becomes more and more important each day. So let’s do it. Also, watch Animaniacs if you haven’t seen it — it’s a damn classic.

Good idea: Make sure you don’t share information about your location. Do not geotag!!
Bad idea: Posting your address, followed by a long story about how you’re home alone with the doors unlocked.

Good idea: Review your privacy settings on each of your platforms regularly.
Bad idea: Just making everything public, because you “don’t have any information worth stealing anyway.”

Good idea: Dying without ever knowing which Spice Girl you are most like based on your posts.
Bad idea: Authorizing any third party application you’re not familiar with (e.g. Perzonality Testz R Us LOLZ) to access your Facebook data for any purpose at all. It’s not worth it to find out which vegetable most closely matches your face. Though good lord I know it’s tempting. You should also prevent your data from being shared with apps that your Facebook friends are using – find more tips here.

Good idea: Regularly Google yourself in order to find out what potential employers would see if they checked up on you.
Bad idea: Avoid Googling yourself in order to never find out what potential employers would see if they checked up on you. I mean, I get it, but sticking your head in the sand to ensure that no problem ever reaches you at all is no way to….oh forget it, it’s a great way to live and I cannot hear you from way down here in the sand.

Good idea: Limiting the number of digital platforms you give your personal data to.
Bad idea: Setting up a profile on every new platform you encounter, using it for a few months, and then abandoning it. If a potential employer finds your 2003 MySpace blog, they’re the ones who will be sorry.

Good idea: Two factor authentication.
Bad idea: Giggling because “two factor authentication” sounds like something a robot would say. It does, but someone who uses the same password for everything and it’s “password1” really shouldn’t be laughing.

Good idea: Sharing pictures of your cat on Reddit or Imgur.
Bad idea: Sharing pictures of your child on Reddit or Imgur. This is at every parent’s discretion, and far be it for me to tell you how to parent your kid, but also why are you broadcasting the most vulnerable member of your family on the platforms with the most terrifying creeps.

Good idea: Not sharing your password with friends.
Bad idea: Using your most trusted barista at Starbucks as some sort of human password manager. I guarantee that barista will turn on you the moment your drink order becomes too idiotic. Don’t ask me how I know. *Sips Venti Iced Skinny Hazelnut Macchiato, Sugar-Free Syrup, Extra Shot, Light Ice, No Whip.*

Good idea: Taking everything you see online with a grain of salt
Bad idea: Kicking yourself for not realizing that Elvis was homeless in San Diego this whole time. This has nothing to do with privacy, but it’s important for your safety that you always verify what you read online. And also it’s important that I mention this story about Elvis because I was deeply upset when I found out this wasn’t true.

Good idea: Never revealing too much about yourself to strangers online.
Bad idea: Striking up a friendship with a nine-year-old painting prodigy, her mom, and her teenaged sister, only to later discover that it was actually just a middle aged woman playing three different characters. On an unrelated note, I just watched the original Catfish documentary, and boy is it good!!

Good idea: Familiarizing yourself with different kinds of phishing attacks.
Bad idea: Entering your online banking information into a random site so you can receive your tax refund that is being emailed to you and you haven’t submitted your taxes in six years, but this should turn out pretty good.

Good idea: Declining to engage with trolls and bullies online.
Bad idea: Becoming an infamous internet troll and getting enough people angry at you that you eventually get doxxed.

Good idea: Only posting things online that you’re comfortable with everyone seeing, even if your privacy settings are airtight.
Bad idea: Posting specific, detailed rants about your boss on Facebook that would both allow your boss to finally get the leverage to fire you and also enable any enterprising stalker to easily find you at your workplace.

Good idea: Logging off once in a while to read a book.
Bad idea: Seriously, read books, or this is what will happen:

Facial Recognition Technology and What It Means for Data Privacy and Protection

Imagine walking into a store, picking up a pint of milk, heading to the cash desk, shooting the cashier a smile, and going on your merry way.

No card, no cash, no phone; just your face as a tool.

This might not be a far cry from what the future holds thanks to facial recognition.

Today, cameras are no longer just vessels to take pictures and record videos with. Instead, they are being fitted with biometric technology which can identify humans and perform key activities, like unlocking a smartphone or, more amazingly, making payments.

Take the recent news story of a man who was caught at a music festival via facial recognition. Technology picked the suspect out of thousands of revelers – crazy, right?

In other news, Europeans have blasted Facebook for providing them the chance to “turn on” the app’s facial recognition feature, only to find out later on that the message was sent in error.

It’s safe to say that facial recognition is causing a stir in a lot of different industries.

What Is Facial Recognition?

Typically used as a security system, facial recognition uses technology to verify a person’s features via a digital image stored in a database. The technology essentially examines the elements on someone’s face and matches it against images already stored to identify said person.

Though it has been around since 2009, the technology has only recently made waves in the retail world and for smartphone developers.

Take Alibaba, the Chinese version of Amazon, that lets people pay with a smile using facial recognition in its stores.

That scenario at the start of the post doesn’t seem so far off now, does it?

But perhaps the most popular place we’re seeing facial recognition pop up is in the world of smartphones. We just have to look at the latest iPhone X with its built-in Face ID capability to see where things might be headed.

This particular feature uses biometric authentication to let iPhone users unlock their devices simply by looking at the screen. It’s kind of like the finger-print Touch ID system that was used on previous iPhones, but the Face ID element now also lets users access Apple Pay, the App Store, iTunes, and other third-party apps by just showing their face.

When the new iPhone was released, Apple itself put forward a hefty claim. They said there was a 1 in 1,000,000 chance that someone could open up another person’s phone using Face ID – a pretty vast improvement from the 1 in 50,000 chance of someone having the same fingerprints as you.

It’s not just used for access rights either.

Let’s head to the city of Shenzhen in China for a moment. Here, facial recognition is used to identify jaywalkers in CCTV footage before showcasing their faces on a big screen in an attempt to shame them.

Compared to simply using your face to unlock a phone, this seems a little more dramatic, right? Kind of like it’s been taken straight from the pages of 1984.

Basically, facial recognition is being used in many different ways because it’s more convenient. I mean, just looking at your phone is a much easier way to unlock it than having to hold your finger down on a button or type in a password.

But, while we’re constantly told we’re all unique and no two faces are the same, how secure is facial recognition really? It may well be more convenient, but does convenient mean secure?

In an attempt to trick Face ID, Wired Magazine bought hundreds of expensive masks and brought biometric hackers on board to see just how secure this new technology was on the iPhone X.

Guess what? They failed to beat the system, but that doesn’t mean there aren’t other security and privacy issues.

You Can’t Hide Your Face Away

While our passwords are predominantly kept a secret (unless you’re careless enough to leave them lying around or make them so easy even a 3-year-old could guess them), our faces are on show for everyone to see all the time.

Tech aside, we use our faces to verify ourselves to friends, family, and colleagues every single day.

But here’s the difference: when we’re verifying ourselves in real life, our faces are also combined with our traits, like our voice or our personality, which adds an extra dimension to the party.

With tech-based facial recognition, this isn’t the case – yet.

Say, for example, you’ve been captured by criminals and they want to hack into your smartphone to get some really juicy information you’ve got stored there. If you’ve got a password, they might have to work a little harder than normal to get into it, but with facial recognition they just need to hold the phone in front of your face.

Disappointingly easy, right?

There are steps being made to eliminate the chance of this happening (though hopefully you’ll never be taken captive by criminals in the first place). Face ID now uses machine learning to analyze expressions to figure out whether you really want to unlock your phone.

If that sounds crazy, it’s probably because it kind of is. What it basically means is that Face ID won’t work if you’re not awake or conscious, or simply not facing your phone.

But apart from the probably very minimal chance of someone getting captured by criminals who want to gather intel from their smartphone, there are other very real worries that come with facial recognition, like:

  • Where is the face data stored?
  • Who can access the data?
  • What else will the data be used for?

This just shows that, despite the advances in tech bringing weird and wonderful benefits, there are also significant concerns surrounding it, particularly because the data being used and held is biometric (or extremely sensitive) data.

Because of this, data privacy is one of the biggest worries.

Think about it: no data is completely safe, so your very unique and sensitive face data could potentially be accessed and used by third parties without your consent if the system is hacked.

But perhaps the creepiest part of it all is the fact that Face ID and other facial recognition technologies operate in an “always on” manner. This means the technology is automatically activated as soon as it sees your face.

No buttons. No confirmations. Just your face.

Which means, in a weird and even more 1984-style way, it is always watching you through your front facing camera.

It’s constantly collecting live data that needs to be stored somewhere, which raises the ultimate privacy question: are we constantly being watched and who is watching us?

Is There an Answer to It All?

With data as sensitive as this, there’s always going to be growing pains. Over the next two years, the technology we know now might be completely extinct and something else entirely might have become a front runner in the facial recognition world.

But for now, all we know is that businesses that use facial recognition need to acknowledge how they capture data and what they use it for. At the moment, the best way for them to do this is to combine strong knowledge (which is something like a password; something you know) and inherence (which is something like facial recognition or an iris scan; something you are).

This two-factor security method will minimize the chance of hackers getting access to devices, but this starts right at the very beginning. For facial recognition to be completely effective as a security measure, it needs to be embedded from the development stage and a built-in part of the technology.

So, next time you see a camera, smile. You never know who might be watching.