Israeli tech firm undercuts facial recognition to bolster privacy

Toshiba names ex-banker as CEO, seen tackling opposition to chip unit sale
February 14, 2018
Rise of the data protection officer, the hottest tech ticket in town
February 14, 2018
This post was originally published on this site

TEL AVIV (Reuters) – Big brother is watching. But in the future he may no longer be so all-knowing.

Riding the wave of a global push to comply with new privacy standards, a small Israeli company believes it can help you, and your face, stay anonymous in a hyper-connected world.

The startup, called D-ID, says it has developed a “firewall” to block facial recognition, the ubiquitous technology that can now unlock smartphones, tag friends on Facebook, or help police pick out an individual hiding in a crowd.

The problem is that with facial recognition on the rise, hackers have a new target: huge reservoirs of profile pictures linked to personal information.

Companies around the world are spending big money to protect such databases before a stricter European law takes effect in May. Called the General Data Protection Regulation (GDPR), it gives people more control over their online information and applies to all groups that do business in Europe.

The idea for D-ID took shape a decade ago, when two of its founders took a trip to South America after serving in Israel’s special forces. Friends would post pictures online, but because of their previous jobs, they were forbidden from sharing pictures publicly in case they were recognized.

They began looking for a way for people to share pictures while protecting their identities and a year ago formed the company.

The challenge was to foil facial recognition algorithms, which analyze a person’s face and match it to a stored digital image in the same way that crime scene fingerprints are run against a database.

“More and more organizations are using our faces as identifiers, if it’s to access our phones, to withdraw money or at border controls. That’s why our photos must be protected, because unlike passwords, you cannot change your face,” said Gil Perry, D-ID’s CEO.

Gil Perry, CEO of startup company D-ID, sits in his office during an interview, in Tel Aviv, Israel February 7, 2018.REUTERS/Amir Cohen

Designers have created eyeglasses that reflect light to jam cameras and websites offer fashion and make-up tips for camouflaging your face, but in general little can be done to avoid being identified.

DIGITAL ALCHEMY

D-ID’s solution is a system of digital alchemy that subtly alters stored pictures, enough to escape detection by facial recognition algorithms. Side by side the changes are noticeable, but on its own the altered picture appears normal.

Slideshow (5 Images)

D-ID is planning a pilot with Cloudinary, a firm that manages 15 billion cloud-based images and videos for web and mobile developers.

It has also signed preliminary agreements with a number of leading government organizations – Perry would not disclose which ones, nor how much the product will sell for.

The product launch is planned for the end of May, around the time the new European law takes effect.

Yuval Elovici, who heads the cyber security research center at Israel’s Ben Gurion University, said there is now an “arms race” between groups developing facial recognition algorithms and those looking to confound them. He said D-ID’s technology was an achievement and important for privacy, but that it did have its limitations.

“You cannot oblige everybody to use this technology and to publish pictures only after a transformation,” he said.

Tech startups are often located in high-rises of Tel Aviv’s financial district. D-ID’s second-floor office is secluded in an inconspicuous residential block, opposite a playground. It has raised $4 million, including from Israel’s Pitango Venture Capital and Silicon Valley’s Y Combinator, to support a team of 14 computer engineers.

There are drawbacks. For law enforcement agencies using the system it will be harder to locate a suspect. So D-ID is working on a solution that will allow such agencies to authenticate identities without storing biometric information, Perry said. How? He declined to elaborate.

Editing by Adrian Croft