Meta, the company behind Facebook and Instagram says its testing new ways to use facial recognition—both to combat scams and to help restore access to compromised accounts.
The social media giant is testing the use of video selfies and facial recognition to help users get their hijacked accounts back. Social media accounts are often lost when users forget their password, switch devices, or when they inadvertently or even willingly give their credentials to a scammer.
Another reason for Meta to use facial recognition are what it calls “celeb-bait ads.” Scammers often try to use images of public figures to trick people into engaging with ads that lead to fraudulent websites.
Since it’s trivial to set up an account that looks like a celebrity, scammers use this to attract visitors for various reasons, ranging from like-farming (a method to raise the popularity of a site or domain) to imposter scams, where accounts that seem to belong to celebrities reach out to you in order to defraud you.
Meta’s existing ad review system uses machine learning to review the millions of ads that are run across Meta platforms every day. With a new facial recognition addition to that system, Meta can compare faces in the ad to the public figure’s Facebook and Instagram profile pictures, and then block them if it’s fake.
According to Meta:
“Early testing with a small group of celebrities and public figures shows promising results in increasing the speed and efficacy with which we can detect and enforce against this type of scam.”
Over the coming weeks, Meta intends to start informing a larger group of celebs who have been used in scam ads that they will be enrolled into the new scheme and allow them to opt out if that’s what they want.
The problem of celeb-bait ads is a big one and I applaud Meta for trying to do something about it. The account recovery by video selfie, however, is something I’m far less fond of.
The idea of using facial recognition on social media is not new. In 2021, Meta shut down the Face Recognition system on Facebook as part of a company-wide move to limit the use of facial recognition in their products.
In the newly-announced system, the user can upload a video selfie, and Meta will use facial recognition technology to compare the selfie to the profile pictures on the account they’re trying to access. This is similar to identity verification tools you might already use to unlock your phone or access other apps.
I do have a few questions though:
- With the current development of deepfakes, how long will it take for this technology to be used for the exact opposite? Stealing your account by showing the platform a deepfake video of your face.
- Do I want to provide Meta with even more material that might end up getting used to train its Artificial Intelligence (AI) models? Although Meta claims to delete the facial data after comparison, there are concerns about the collection and temporary storage of biometric information.
- People have a tendency to post their best pictures and not change them as they grow older. Is a comparison always possible?
- Is normalizing the use of biometrics for something as trivial as social media really necessary? Right now I only use a video selfie to approve bank transfers of over 1000 Euro (US$ 1075).
There are probably good reasons why Meta is not implementing this option in the UK or the EU, because it needs to “continue conversations with regulators” first. The same is true for Illinois and Texas, likely due to stricter privacy laws in these states.
Surely there are better ways to reclaim a stolen account. What do you think? Let us know in the comments.
We don’t just report on threats – we help protect your social media
Cybersecurity risks should never spread beyond a headline. Protect your social media accounts by using Malwarebytes Identity Theft Protection.