Chinanews, October 29, "Every new technology application and development must go through a period of barbaric growth, and then gradually move towards safety and regulation." When referring to the abuse and trafficking of facial information reported by CCTV news recently, Said Qiu Zhaoqiang, CEO of 360 Vision Technology.

  He believes that the current face recognition equipment is more about the high recognition rate and fast recognition speed. Just like the early days of the Internet, no one talks about network security, only how fast the network speed is.

  However, as we enter the era of "face-brushing", especially after the gradual implementation of smart communities and smart cities, it is urgent to ensure the safety of "face-brushing".

  It is reported that 360 Vision Technology will carry out a 90-day "Face Recognition Security Season Free Large Detection Campaign" nationwide on November 1. Any user can send face recognition equipment to 360, which will be researched by 360 artificial intelligence. The institute conducts comprehensive safety inspections on equipment and issues authoritative safety inspection reports.

  "It is necessary for every user to use a truly safe face recognition product." Qiu Zhaoqiang emphasized.

  The "streaking" face recognition equipment

  "The quality of face recognition equipment is uneven, and more than half of the devices on the market can pass a photo." said Qiu Zhaoqiang, CEO of 360 Vision Technology.

  He told reporters that 360 Artificial Intelligence Research Institute tested many mainstream face recognition devices in the market. If distinguished by price, most of the low-end face recognition devices can be directly verified with photos.

The reason is that adding live algorithms, building various attack protection models, adding facial feature points, etc. will greatly increase R&D and production costs, leading to higher sales prices of face recognition terminals, so some face recognition manufacturers who pursue low prices have abandoned this part. High availability, blindly pursuing low prices, in order to confuse the audiovisual with low prices, and shoddy.

  "This is completely irresponsible and nakedly undermining the healthy development of the face recognition industry." Qiu Zhaoqiang said.

  Mid-to-high-end face recognition equipment is not worry-free.

"Some face recognition equipment has a very high recognition rate, but there is no security protection for the algorithm." Qiu Zhaoqiang said that in this case, an ordinary security engineer can easily replace the algorithm used by the equipment, resulting in a significant level of face recognition reduce.

  If the security protection is not enough, it will not only cause the failure of face recognition, but also cause the problem of face information leakage.

  According to CCTV reports, on some online trading platforms, you can buy thousands of face photos for only 2 yuan, and more than 5,000 face photos are priced at less than 10 yuan.

  In the opinion of experts, a large amount of face data is stored in the centralized database of each application operator or technology provider.

Once the server is compromised, highly sensitive face data will be exposed to the risk of leakage.

  Qiu Zhaoqiang once led a test engineer to do an offensive and defensive experiment. Through Wi-Fi access, a few lines of scripts were written with decompilation to easily crack the administrator password and "steal" the information stored in the device such as photos and ID numbers. .

If the debugging interface, Bluetooth, Wi-Fi and chip interface are not closed in time, you can use these interfaces to connect directly to the device terminal. Or, if the code is not obfuscated and encrypted, you can directly implant the Trojan program through decompilation or loopholes. The face data information recognized by the device is transmitted to the designated IP address.

  "It is equivalent to automatically syncing and giving me a face information without the knowledge of the equipment manufacturer and the user." Qiu Zhaoqiang said.

  He believes that many face recognition devices are currently in a "streaking" state, which eventually leads to the failure of face recognition equipment or the leakage of face information, and even forms a black industry chain.

  Facial recognition applications are expected to bid farewell to barbaric growth

  Ideally, security should take precedence over the application of technology and should become the basis of the "new infrastructure".

But the reality is often the opposite.

  "The application and development of each new technology has to go through a period of barbaric growth, and then gradually move towards safety and regulation." Qiu Zhaoqiang said that at present, face recognition equipment is more concerned with the high recognition rate, just like the early days of the Internet. People will talk about network security, but only how fast the network is.

  However, the user privacy and security issues involved in face recognition are more serious than the Internet.

  There are already signs of damage to face recognition equipment running naked.

"Face Recognition Application Public Survey Report (2020)" shows that 60% of respondents believe that face recognition technology has a tendency to abuse, and 30% of respondents said that they have suffered privacy or property losses due to the leakage and abuse of facial information.

  Out of concern, when smart communities and smart cities become the future trend, some residents still oppose the use of face recognition equipment in the community. Some people even pointed out, “If safety cannot be guaranteed, it is better not to use face recognition, because it will cause more problems for users. Big damage."

  Therefore, how to ensure the safety of face recognition equipment has become a difficult problem faced by all manufacturers.

  "360 City Security Brain can protect all smart hardware terminals including face recognition equipment, including sensors, sweeping robots, smart cars, etc., to prevent hacker attacks." Qiu Zhaoqiang said.

  He explained that the 360 ​​City Safety Brain guarantees security in real time. If any new attack is found in the world, it can be directly fed back to the face recognition device and the vulnerabilities can be repaired immediately, so that smart communities can be implemented on the basis of security. Smart city construction.

  In addition to technical solutions to technical problems, legal protection is also on the agenda.

At present, the "Personal Information Protection Law of the People's Republic of China (Draft)" is seeking public opinions from the public.

The draft proposes that the installation of image collection and personal identification equipment in public places should be necessary to maintain public safety, comply with relevant state regulations, and set up prominent reminders.

The collected personal images and personal identification information can only be used for the purpose of maintaining public safety, and shall not be disclosed or provided to others; unless the individual consent is obtained or the laws and administrative regulations provide otherwise.

  With the blessing of security technology and legal protection, the application of face recognition is expected to bid farewell to barbaric growth and enter standardized development.