Can Your Face DigitalSignature Be Hacked On Facebook?

Face recognition is fast becoming popular for login authentication and generate credentials as for retailers as a means of payment like Apple has embraced it in its iPhone models.

Facial recognition is a way to verify a person’s identity from a digital image using facial features that are stored in a database. With phone cameras providing an easy setup for digital face recognition, many users are also embracing the technology. Still others are busy trying to hack the system with some claiming success.

The technical name is biometric authentication. Simply put, a Phone owner can unlock his phone and make a payment with his face. It’s a somewhat novel idea, but as is predictable, hackers are finding ways to take the fun out of it.

About 81% of confirmed data breaches in the Accommodations industry involved stolen credentials

For the time being, consider whether or not you want to use these biometric features to pay for products and services. No matter what you choose, you will be giving up some type of data. If you pay by payment card, you provide your card number, name, and other information that can be used to make purchases. The difference is that you can get a new payment card if it’s used for fraud. It’s not so easy to get a new face or fingerprint. Last week a new Facebook challenge went viral asking users to post a photo from 10 years ago and one from today captioning “how did aging effect you?” Now being called the “#10YearChallenge” Over 5.2 million, including many celebrities, participating in this challenge giving away your privacy and future authentication keys.

When Apple launched the iPhone X, they claimed the security of Face ID was a 1 in 1,000,000 chance of someone hacking your face. Compare that to the claim of 1 in 50,000 chance of having your fingerprint duplicated, a technology Apple has been successfully using since 2013. Even with those odds, security breaches are still possible.

It’s been reported that with just a look, a user’s 10-year-old son was able to unlock her device. Apple admitted there was a chance that a family member with similar facial characteristics could fool Face ID.

In another case, a group of Vietnamese hackers bent on discrediting Apple’s Face ID claim they finally hacked the system. The group used a 3-D printed mask with 2-D eyes glued on to unlock the iPhone X. From there they reset the facial recognition to register the face of one hacker and gained access to apps and Apple Pay. The total cost to the hackers was less than $200 for the entire process. Apple insists the hack was unlikely, as they had already used Hollywood studios to test the idea of mask-hacks and were successful.

It’s not the first time researchers and others have tried thwarting biometric security. Several years ago, a group of German hackers claimed to have reproduced the fingerprint of a German official by capturing a photo of the person holding up a hand. They didn’t use fancy 3-D printing technology. They used tracing paper, plastic board, graphite, and wood glue, but were successful. And shortly after the release of the Samsung Galaxy S5, researchers were able to crack the fingerprint sensor using a photo of the print.

Whether family members or hackers, there’s now a wrinkle to face recognition. Reducing risk for your smartphone is a part of responsible device ownership. What was once a new and uncharted technology eventually becomes the norm. It also gives new opportunities for hackers. Stopping short of literally keeping your device under lock and key, important decisions need to be made. Think about what option works best for you, considering convenience and a level of security or risk you’re okay with. This is especially true when there are children with devices who need to be kept safe from harm. As technology grows, so grows the risk of harm. Keeping smart and informed are the best steps toward keeping safe, no matter what the next new thing may be.

How to protect yourself and your company from get your login access hack?

Enable a CULTURE OF MULTI-FACTOR Authentication.

Start using a Password manager and activate 2FA (two-factor authentication) for all the services you use. Some two-factor solutions rely on shared secrets to generate token numbers, which, if attackers steal, they can use the information to compromise an organization. SynerTech Duo’s two-factor solution is designed with security in mind.

We use asymmetric cryptography, keeping only the public key on our servers and storing private keys on your users’ devices in a tamper-proof secure element. Duo never stores your passwords - meaning your logins stay safe.

See More about Multi-FactorAuthentication Solutions

Our company is a leader in Network Security.

We can evaluate your current business environment and provide a complete assessment of your overall security health. Our security experts will then provide and implement a complete security plan to provide a comprehensive security solution to ensure that you have the best chance against current and future threats.

What else Can you do to be prepared?

Employee Education: CYBERSECURITY 101 It's critical that your staff understands what ransomware is and the threats that it poses. Provide your team with specific learning expe