Presentation Attack Injection, Injection Attack Detection, and Deepfakes (version 2)
I just posted a link to the LinkedIn version of this article, written for “The Wildebeest Speaks” subscribers who generally understand deepfakes and the attacks used to create them.
But I can’t assume my Substack readers have this background.
So I’m rewriting it.
Setting the scene
Let’s say that you have an app on your smartphone that verifies that you are who you say you are.
Maybe it’s a banking app.
Maybe it’s an app that provides access to a government benefits account.
Maybe it’s an app that lets you enter a football stadium.
As part of its workflow, the app uses the smartphone camera to take a picture of your face.
But is that really YOUR face?
Presentation Attack Detection
A “presentation attack” occurs when the presented item is altered. In the case of a face presented to a smartphone camera, here are three examples of presentation attacks:
Your face is altered by makeup, a mask, or another disguise.
Your face is replaced by a printed photo of someone else’s face.
Your face is replaced by a digital photo or video on a monitor or screen.
Injection Attack Detection
But what if the image is NOT from the smartphone camera?
What if it is “injected” from another source, bypassing the camera altogether?
It Doesn’t Matter!
From the fraud victim perspective, it doesn’t matter whether a presentation attack or an injection attack is used.
The only thing that matters is that some type of deepfake fraud was used to fool the system.
Make sure your system providers employ both presentation attack detection and injection attack detection.
