Meta is trying out two new security procedures that incorporate facial recognition, one area Meta has had run-ins with many times.
First off, Meta is piloting a new process for facial matching that will help identify "celeb-bait," when fraudsters use images of public figures to bait users into interacting with their ads that lead them eventually to scam websites.
In this new process, Meta will match the faces used in ads with high-profile users, and where a match is found, confirm with the users' official profile whether it's a legit, endorsed promotion.
According to Meta:
If our systems detect that an ad may be fraud, which includes the image of a public figure at risk for celeb-bait, we will attempt to use facial recognition technology to compare faces in the ad to the public figure's Facebook and Instagram profile pictures. If we confirm a match and determine the ad is fraud, we will block it.". We immediately delete whatever facial data is generated from ads for this one-time comparison, regardless of whether our system finds a match, and we don't use it for any other purpose.
Notice the decisive explainer in the last line. As the article goes on to relate, Meta has faced several issues when it tried to use facial recognition in the past: privacy advocates have complained that kind of data could be used for nefarious ends if it fell into the wrong hands.
Meta completely shutoff its face recognition processes on Facebook in 2021, as part of a greater policy shift aimed to remove the platform from the controversies of its past. Facial recognition technologies are already being used for questionable purpose, such as identifying entrants to sports stadiums, matching people's criminal or credit history in real time. In China, for example, facial recognition technology is used to trace people crossing the streets illegally and will charge them by post or further penalize people who have not paid their parking fines. The worst scenario is to identify the Uyghur Muslim and separate them for further tracking. That is one of the more chilling use cases for facial recognition technology, in picking out certain groups and targeting them based on such information. That is a key concern for Western regulators in administering policy around its use and why Meta has sought to step away from the technology, for the most part.
But now, it's wading in again, with selected use cases for face ID.
In the second experiment, Meta is also exploring video selfies as an avenue for individuals to prove their identity so that they can restore access to accounts that have been compromised.
It's going to collect a video selfie uploaded by a user, and compare that against the profile pictures on an account that the person is trying to access - very much like the ways an identity verification tool might unlock your phone or let you into an app.
So again, this is a limited use case, and Meta is keen to point this out once again, that it will not retain any of these selfies on file.
As soon as a user uploads a video selfie, it will automatically get encrypted and safely stored. Such a video will never pop up on the profile, to friends, or to other people on Facebook or Instagram. We delete any facial data that is generated subsequent to this comparison instantly, regardless of whether there was a match or not." But it is another step into facial recognition, which will no doubt raise concerns among privacy and security experts.
So should Meta look to introduce more use of facial ID?
Well, it is a very strong vector for cross-checking and there clearly needs to be a value in the process for security means. It is risky and will bring more scrutiny on Meta once again, particularly in relation to how it stores and uses selfies and video face ID.
But perhaps, in a more limited, secure system, these will be able to come in as more widespread security measures. I do think Zuck and Co. will feel some heat as they look to ramp up such tools-but there may well be a case to justify face ID over other approaches.
In addition to these experiments, Meta also provided an overview of steps that users can take to improve security on their accounts.
Some great tips, but it's the use of facial recognition that will be the big focus of this new push.