AI-based deepfakes to undermine face biometrics: Gartner


By Dylan Bushell-Embling
Tuesday, 06 February, 2024
AI-based deepfakes to undermine face biometrics: Gartner

The rise of generative AI will threaten the integrity of face biometrics, research firm Gartner has predicted.

The research firm believes that by 2026, attacks using AI-generated deepfakes on face biometrics will result in 30% of enterprises no longer considering the identity authentication solution to be reliable in isolation.

As a result, Gartner is recommending that CISOs and risk management leaders choose identity vendors that can demonstrate that they have the capabilities and a plan that goes beyond current standards and are monitoring, classifying and quantifying the emerging class of deepfake attacks.

Gartner VP Analyst Akif Khan said presentation attacks, involving a threat actor using someone else’s physical characteristics to impersonate a legitimate user, are the most common attack vector. But injection attacks, involving bypassing the charged-coupled device of a camera to inject pre-recorded content, increased by 200% in 2023.

“In the past decade, several inflection points in the field of AI have occurred that allow for the creation of synthetic images. These artificially generated images of real people’s faces, known as deepfakes, can be used by malicious actors to undermine biometric authentication or render it inefficient,” Khan said. “As a result, organisations may begin to question the reliability of identity verification and authentication solutions, as they will not be able to tell whether the face of the person being verified is a live person or a deepfake.”

Preventing such attacks will rely on a combination of presentation attack detection, injection attack detection and image inspection, Khan said.

Organisations should start defining a minimum baseline of controls by working with vendors that have specifically invested in mitigating the latest deepfake-based threats using IAD coupled with image inspection,” he said.

Once a baseline is set, CISOs and risk management leaders will need to include additional risk and recognition signals such as device identification and behavioural analytics, Gartner warned.

Image credit: iStock.com/wildpixel

Related News

Elastic publishes security guidance for AI LLMs

Elastic Security Labs has published new guidance aimed at helping organisations defend against...

Report exposes unique cybersecurity threats in the public sector

A report from Trustwave SpiderLabs delves into the challenges the public sector faces from threat...

Elastic announces AI-driven attack discovery feature

Elastic has announced that Search AI will replace traditional SIEM with an AI-driven security...

Content from other channels on our network

Cybersecurity in the era of offshore energy

Lighting industry protests LED red tape

High-voltage 'zapper' could help decarbonise mining industry

Electrical safety laws set to change in Qld

CSIRO assists SMEs working in renewables

Strong co-operation leads to better hospital beds

A step into the world of Medline

US hospital uses hologram tech to connect doctors with patients

Telstra Health to fully acquire pharmacy tech company Fred IT

Men made up over half of the injury hospitalisations in a year: AIHW

Choosing the Right Intercom System for Your Business in 2024

Optus and Ericsson collaborate on energy-efficient 5G

Nokia acquires defence comms company Fenix Group

CGI joins program to deliver UK's Emergency Services Network

Wireless Broadband Alliance completes Wi-Fi OpenRoaming trial

  • All content Copyright © 2024 Westwick-Farrow Pty Ltd