Deepfakes can effectively fool facial recognition services, study suggests

By Jack Ramage

Published Aug 4, 2021 at 03:28 PM

Reading time: 3 minutes

Deepfakes are slipping into the mainstream. If you’re still unaware of what deepfakes actually are, let me fill you in: deepfakes can be thought of as videos generated by Artificial Intelligence (AI), taking a person in an existing video and replacing them with someone else. If you haven’t stumbled across deepfake technology on your daily social media binge yet, chances are that you will soon. It was only recently when the deepfake footage of Tom Cruise—posted to an unverified TikTok account—racked up a whopping 11 million views on the app. According to Deeptrace, an AI tech startup, the number of deepfakes on the internet has increased by 330 per cent from October 2019 to June 2020—reaching over 50,000 at their peak, creepy right?

Now, let’s be clear, not all deepfakes are used with malicious intent. In fact, they’ve been used quite humorously in the past—cue Nick Cage deepfake compilation—but as with all things, if the technology is placed in the wrong hands, it can have a detrimental impact on the lives of innocent people. Deepfakes have already been used to generate pornographic material of actors—leading to a spike in non-consensual deepfake porn over the recent years. Cybercriminals have even used deepfake software to impersonate the CEO of a UK-based energy firm, demanding a fraudulent transfer of $ 243,000.

And if that wasn’t enough, scientists are now warning deepfake technology to have hit a new, somewhat terrifying, milestone: effectively fooling commercial facial recognition services.

The deeply-fake deepfake effect

A paper, published by researchers over at Sungkyunkwan University, Suwon, South Korea, showed that both Amazon and Microsoft Application Programming Interfaces (APIs) can be fooled with commonly used deepfake-generating methods. The researchers used AI models trained on five different datasets—three publically available and two that they created themselves—containing the faces of Hollywood movie stars, singers, athletes, and politicians. They created 8,119 deepfakes from the datasets in total. From each deepfake video, they extracted multiple faceshots and submitted them to the APIs in question. Microsoft’s Azure Cognitive Services was fooled 78 per cent of the time, whereas Amazon’s API was fooled 68 per cent of the time.

“From experiments, we find that some deepfake generation methods are of greater threat to recognition systems than others and that each system reacts to deepfake impersonation attacks differently,” the researchers at Sungkyunkwan University wrote.

They continued, “We believe our research findings can shed light on better designing robust web-based APIs, as well as appropriate defence mechanisms, which are urgently needed to fight against malicious use of deepfakes.”

“Assuming the underlying face recognition API cannot distinguish the deepfake impersonator from the genuine user, it can cause many privacy, security, and repudiation risks, as well as numerous fraud cases,” the researchers warn. “Voice and video deepfake technologies can be combined to create multimodal deepfakes and used to carry out more powerful and realistic phishing attacks … [And] if the commercial APIs fail to filter the deepfakes on social media, it will allow the propagation of false information and harm innocent individuals.”

So… what next?

As the researchers have warned, it’s clear that the rapidly evolving nature of deepfake technology could pose a significant risk in terms of privacy and security. The issue has caused what could be thought of as a technological ‘arms race’—between deepfake developers with ill intent and deepfake detectors—attempting to rid fraudulent deepfakes from the web. Microsoft has recently launched its own deepfake combating solution, a tool that can analyse a still photo or video to provide a score of its level of confidence that the media hasn’t been artificially manipulated. 

Deepfake detectors work in a similar way to the way deepfakes do, making use of machine learning models in order to detect the videos. However, deepfakes have also found a way to fool detectors, including adversarial examples in every frame to confuse the AI system. It’s been reported that deepfake attacks of this nature have an impressive success rate from 78 to 99 per cent.

The future is still unknown: it’s difficult to predict the future of the tech industry in general—let alone a technology that has only really surfaced within the last five years or so. Some forecast a dystopian future in which deepfakes will evolve to a point where you can’t trust any footage online. Others take a more optimistic approach, comparing deepfakes to animation—suggesting that it could bring a new wave of content production. However, as facial recognition continues to become more embedded in our own lives, from unlocking your phone to more stringent security measures, it’s clear that measures need to be taken in order to stop cybercriminals from misusing the technology for their own purposes.

Keep On Reading

By Abby Amoakuh

Pictures of Harry Styles sporting a buzz cut reignite bald theories online. RIP to the long locks

By Charlie Sawyer

Explaining Swiftonomics: Why NFL stans need to be thanking Taylor Swift big time

By Abby Amoakuh

Alabama Barker responds to Kourtney Kardashian’s Instagram post about new son Rocky

By Charlie Sawyer

Mental health patients raped and sexually assaulted, new shocking NHS abuse scandal reveals

By Charlie Sawyer

Actor Jamie Dornan guiltily admits to stalking women in London. Here’s why

By Fatou Ferraro Mboup

Strippers’ bill of rights: Understanding the new law protecting adult dancers in Washington State

By Charlie Sawyer

Schitt’s Creek star Emily Hampshire slammed for dressing up as Johnny Depp and Amber Heard for Halloween

By Abby Amoakuh

Who is Brit Smith, the smaller artist JoJo Siwa allegedly stole Karma from?

By Fatou Ferraro Mboup

New HBO documentary Brandy Hellville & The Cult Of Fast Fashion set to expose Brandy Melville

By Fatou Ferraro Mboup

Colombia sterilises first hippo left behind by Pablo Escobar amid ecological disaster

By Abby Amoakuh

Woman inspired by Netflix docuseries Don’t F*ck With Cats butchers cat and man in brutal murder

By Charlie Sawyer

McDonald’s, Chick-fil-A, and Starbucks: Getting involved in political conflict is just a fast food thing

By Fatou Ferraro Mboup

UK medics told not to report illegal abortions to police due to women being wrongly prosecuted

By Abby Amoakuh

Mother-daughter pole dancing class sparks uproar over concerns of child sexualisation

By Fatou Ferraro Mboup

Influencer Chiara Ferragni issues apology amid €1M fine for misleading charity Christmas cake sale

By Charlie Sawyer

Gypsy Rose Blanchard says husband Ryan Anderson’s D is fire after trolls call him a creep

By Fatou Ferraro Mboup

Taiwan political stunt backfires as 3 hospitalised after eating free laundry pods distributed in campaign

By Alma Fabiani

What is a nepo baby, and why do they make everyone so mad?

By Abby Amoakuh

Fans campaign for Jonathan Majors’ Marvel comeback after actor avoids prison in domestic violence case

By Charlie Sawyer

From payday budgeting to savings account strategy, here’s how to become a finance baddie