Source: SCMP
But one Chinese news outlet has found theres a way to cheat the system. Or at least thats what Taobao sellers are promising.
According to a report by The Beijing News, vendors on Taobao and Xianyu, Alibabas used-goods marketplace, have been offering services that help users spoof Tantans facial verification system.
The services use software to animate still images of faces, with the resulting video being used to pass apps facial recognition, which usually require users to blink or move their heads, proving theyre not just a still image.
The services are aimed at scammers on Tantan, the report says. Scammers reportedly create fake dating profiles to trick users into buying fake products, lotteries or stocks. And some even promote prostitution with fake profiles of women.
People looking to use these services have to provide the vendors with the profile pictures they want to use and the account login details. The vendors will then verify the users Tantan account, according to The Beijing News. One of the organizations reporters successfully became a verified user with pictures of Chinese actor Wen Zhang.
When I reached out to one of these vendors on Taobao, I was asked to talk to them on WeChat. The Beijing News reported this is a common way of trying to avoid scrutiny on Taobao. The vendor then sent me a video showing what their software does and the effect is surreal.
According to media reports, one piece of software vendors use to achieve this is Crazytalk, a program from US-based Reallusion that animates images of faces or uses them to generate a 3D talking head. So I downloaded the software and gave it a try myself.
I asked the vendor whether the facial recognition works by playing the video in front of a smartphone, and the vendor said yes. But it didnt work when I tried it for myself.
I created a Tantan profile and picked a profile picture from ThisPersonDoesNotExist.com, a site that uses AI to generate fake human faces. Then I used Crazytalk to add motion to the face. I recorded the animated face in a video and played it back to the Tantan app, but I didnt pass the verification.
We reached out to Tantan with questions about its facial verification system, but we didnt get a response. Crazytalk is only one option for this kind of software. While media reports suggest its popular among vendors, its not clear exactly what software they use or how they use it to pass verification. On a page for Crazytalk on Baidus forum site Tieba, users request and post tutorials on how to spoof facial verification systems.
This kind of spoofing isnt new. In March 2017, an annual consumer rights show from Chinese state broadcaster CCTV had an expert from 360 Artificial Intelligence Institute demonstrate a similar attack on stage.
The expert said companies hadnt paid enough attention to liveness detection, a method of ensuring that the system is looking at a real live humans face instead of a digital reproduction. Every year, the show names and shames companies for malpractice, which has led to apologies from major domestic and foreign companies like Volkswagen and McDonalds.
No companies were called out in this segment on spoofing facial recognition. But Chinas leading mobile payment app Alipay, which has been promoting its facial recognition payment function, published a statement on Weibo saying that facial recognition is just one part of its system for protecting user accounts. The company added that it will fully compensate users if their accounts are stolen by strangers through facial recognition.
Alipay says on its website that the company uses passive liveness detection. We asked Alipay owner and Alibaba affiliate Ant Financial for more information about how it works, but the company declined to comment.
Comments
Post a Comment