© 2024, pi-labs
In the age of AI-driven content, deepfakes are emerging as one of the most pressing cybersecurity challenges for enterprises worldwide. India, a rapidly digitising nation, is not immune to this threat.
The ability of AI to create hyper-realistic images, audio, and videos that can mislead, manipulate, and potentially cause harm has sparked serious concerns among businesses and government institutions.
This blog explores essential tool and strategies for deepfake detection tailored for enterprises in India, backed by facts, figures, and real-life examples.
In the 1840s, a Scottish botanist disguised himself as a Chinese nobleman to infiltrate the tea plantations and uncover the tea production secrets in China. It eventually broke the Chinese monopoly of tea industry. For doing this, the man had to travel about 7700 km from Scotland located in the extreme end of Europe. In a century where flights weren’t invented, he endured months of travel to reach the Chinese shores. He did the extremely difficult task of blending himself as a Chinese. For a Scottish man with European racial features to pass off as a Chinese would have been a tough task. Yet, someone did it because the stakes were high and the dangers were justified. This historic incident demonstrates that someone will find a way into your territory and access your data if the stakes are high enough to justify the trouble.
In the modern digital age, your phone device integrates almost all of the information regarding your business, personal life and interests. The eyes were known as windows to the soul. Today, your device is the key to unlock those windows (or Android/iOs as the case maybe). The Chinese were secure in their knowledge that their tea empire will endure for centuries because the most popular drink in the vast British Empire was tea. Little did they imagine that the East India company will send a Scottish named Robert Fortune to conduct the biggest corporate espionage in history. The British would later replicate the Chinese success in tea industry by inculcating tea-drinking habits in its colonies. Even today, the two largest tea markets after China are the former colonies of Britain – India and USA.
If you are under the misimpression that your device locked with biometrics especially fingerprints are safe, you are mistaken. It’s true that fingerprints of everyone is unique. However it’s equally true that fingerprints leave a risky trail everywhere. Wherever you go and touch things, you are leaving fingerprints. It’s akin to writing your password on every object you touch.
The fingerprints are stored securely and never leaves your pixel slate. The fingerprints data aren’t shared with Google or any other apps on your device. Apps are notified only whether fingerprints are verified or not. However, Google makes it clear that fingerprints maybe less secure than a strong password or PIN.
Your fingerprints can be cloned to create the exact same replica that can be used to access your locked device. The first public instance of fingerprint authentication being broken was in 2013 when a researcher called Starbug demonstrated it with iPhone 5s.
During the Geekpwn 2019 Cybersecurity competition, the X-Lab security research team from Tencent did it again on three different phones.
According to a Forbes article, the team had took a picture of a fingerprint on a glass and created a fake fingerprint. This whole process allegedly took 20 minutes and the hardware costs was reported at a mere 200 euros.
In short, only hardware investment of INR 18000 and 20 minutes is all it takes for authentication locks of branded devices to betray their users. The data in your phone better be worth less than that amount to deter possible theft. In a testing, it was found that on average, the fake fingerprints were able to bypass the sensors about 80% of the times.
If you are sure that your device doesn’t contain anything that can prompt a rogue to invest about ₹ 18000 in unlocking it, you are probably safe. For most people, it isn’t the case because the phone number is linked with banking apps and several other sensitive information.
Your perception of safety in fingerprint authentication is flawed. If you assume that fingerprints are safer because they can be faked only by those within your circle i.e someone close enough to access your office over a cup of tea or who knows your personally, you are wrong yet again. Your fingerprint data can be stolen and even unknown strangers can access it. In 2019, a major leak of fingerprint data was discovered in the UK. About 1 million users had their fingerprints, face recognition information and unencrypted names and passwords leaked when a security company that works closely with UK police was found compromised. Never forget that your fingerprint data already exists in everything right from Aadhar card to your office attendance machine.
The next time you are holding a cup of tea in a conference or networking event attended by your competitors, keep in mind that Scottish men took the pain to steal Chinese tea production secrets only because “the stakes were high enough” to attempt such an adventure.
WEBSITE: www.pi-labs.ai
E-MAIL: hello@pi-labs.ai
Together, let’s build a digital future where we can differentiate fake from real.