Episode 036: 08‐06‐2024 Deepfakes II: BioID's Combat Strategy - GluuFederation/identerati-office-hours GitHub Wiki
Title: Deepfakes II: BioID's Combat Strategy
- Host: Mike Schwartz, Founder/CEO Gluu
- Guest: Ann-Kathrin Freiberg, VP Business Development, BioID
- Co-Host: Pavel Balashov
Description
The applications for Deepfake Detection are numerous, especially as generative AI has advanced significantly. The question arises: can online media and identity verification processes still be deemed reliable? Discover methods to protect your identity and systems against impersonation and learn how to identify deepfakes on your own – or is that even possible?
-
How have advances in deepfake tech required BioID to adjust the end-user enrollment/training process? Is it something the user will notice. Is there a difference between platforms--for example mobile v. browser?
-
Same question as above, but for authentication. If you have to do a more thorough authn, how does that impact the user experience?
-
How long does BioID store templates and what is the impact on GDPR compliance?
-
Does BioID plan to combine other non-image metadata to decrease fraud?
Homework
Takeaways
-
BioID sees deepfake detection as part of their "Liveness Detection" capability. They offer deepfake detection a) as part of the standard anti-spoofing mechanisms to secure authentication and b) as a singular offering to distinguish live recorded from manipulated or AI generated material.
-
AI-based models for facial recognition are 10x better then the previous generation of algorithmic models (i.e. deepfakes would fake out the old algorithms...). But deepfake detection is only around 90-95% effective today. Enterprises should remember that server side biometric authentication is a moving target--vendors should show a record of sustained innovation to keep up with increasingly advanced attacks.
-
BioID processes the images to create the model, but does not store images. Processing alone may raise data sovereignty issues--some customers may want to specify a region or even an on-premise deployment.
-
BioID has been used for proof of life for pension benefits. It's an interesting use case, because the authn event itself is the content. Governments are also interested in server side biometric authentication for border control--maybe even using the photo from your passport.