In recent years, with the advancement of artificial intelligence technology, some criminals have begun to use AI technology to fuse other people's faces and voices to create very realistic synthetic images to carry out new types of online fraud, which often cause large losses to victims in a short period of time. How can we see this kind of AI "deepfake"? Is there any good way to identify "AI face swapping"? Let's first take a look at a recent case of "AI face swapping" fraud that occurred in Xi'an, Shaanxi Province.
Ms. Zhang, a financial officer in Xi'an, Shaanxi Province, spoke to her boss **, and the boss asked her to transfer 1.86 million yuan to a designated account.
Victim Ms. Zhang: The boss asked me to transfer this money quickly, and I was very anxious about this money, because his voice and ** image looked the same as others, so I was even more convinced that this money was what he said, and then I transferred this money directly.
After the transfer, Ms. Zhang sent the electronic voucher to the company's financial internal group in accordance with the regulations, but unexpectedly, the boss in the group saw the information and asked her about the origin of the funds?
Victim Ms. Zhang: Then we called ** and then checked with the boss, and the boss said that he didn't send me **, and then he didn't say anything about the transfer.
Ms. Zhang, who realized that she had been deceived, hurriedly called the police for help, and immediately contacted the anti-fraud center and the relevant bank for an emergency stop payment, and finally saved most of the defrauded funds of 1.56 million yuan.
The AI "multi-person face-swapping" scam defrauded of HK$200 million.
More than one million cash, for most people is a huge amount of money, fortunately, the first time to deal with the loss, recovered most of the losses, let's take a look at another case, this case of "face change" technical difficulty is higher, the amount involved is also larger. Recently, Hong Kong** also disclosed an AI multi-person face swap fraud case, involving an amount of up to 200 million Hong Kong dollars.
In this case, an employee of the Hong Kong branch of a multinational company was invited to attend a multi-person meeting initiated by the chief financial officer of the head office. In accordance with the requirements, he transferred HK$200 million to 5 local bank accounts several times, and then checked with the headquarters to learn that he had been deceived. **Investigation learned that in this case, in the so-called** meeting, only one victim was a "real person", and the rest of the so-called participants were all fraudsters after AI face swapping.
After reading these two cases, you must be a little curious, what is the technical principle behind AI face swapping? At the technical level, how does it achieve accurate recognition and replacement of human faces to create realistic effects? Let's hear from the experts.
How to achieve accurate face recognition and replacement in technology.
Xue Zhizhi, an expert of the Artificial Intelligence Security Governance Committee of the China Cyberspace Security Association: The AI face swapping process mainly includes several key steps such as face recognition and tracking, facial feature extraction, face transformation and fusion, background environment rendering, and image and audio synthesis. The core behind it consists of three parts, first, the use of deep learning algorithms to accurately identify the face image in **, and extract key facial features such as eyes, nose, mouth, etc. Secondly, these features were matched, replaced, and fused with the target face image. Finally, the background environment is rendered and the synthesized sound is added to generate a highly realistic fake face swap**.
Fast AI "face swapping" can be done with just one **.
In order to understand how realistic AI face swapping can be, the reporter cooperated with professional and technical personnel to deeply experience AI face swap technology.
The technician first took a picture of the reporter's face with his mobile phone**, and after importing it into the AI artificial intelligence software, the reporter was surprised that although the technician in front of the computer camera was the technician, the output was indeed the reporter's**, which can almost be said to be a "one-click face change", which does not require a complex environment and decompression operation.
What's even more surprising is that as the facial expressions of the technicians change, the faces of the reporters on ** also change accordingly.
Reporter: Why does the technician's face move, and my ** will move with it?
Xue Zhizhi, an expert of the Artificial Intelligence Security Governance Special Committee of the China Cyberspace Security Association: First of all, through the collection of **, the face tracking of the face in ** can be located, and in the second step after locating, he can do the collection and extraction of facial features of a face, mainly including these obvious facial features related to the mouth, nose and eyes. After collecting, the third step is to take this original **, do a transformation, fusion and shaping.
Reporter: What else can be done through this **?
Xue Zhizhi, an expert of the Artificial Intelligence Security Governance Special Committee of the China Cyberspace Security Association: At present, through this ** technicians, this ** has been able to move and live, and if this ** is further saved, a large number of ** can be stored. Later, you can synthesize this **into a short **release**.
Artificial intelligence face detection technology is mainly implemented through deep learning algorithms, which can recognize facial features and analyze them accurately. It is possible to extract a person's facial expressions from a ** or ** and match them to another person's facial features. Experts told reporters that if you want to realize the use of artificial intelligence AI face swapping technology when making real-time calls, one is far from enough, and you need to collect nearly 1,000 photos from different angles.
Xue Zhizhi, an expert of the Artificial Intelligence Security Governance Special Committee of the China Cyberspace Security Association: If you want real-time point-to-point communication, you need to collect more **, and after the training of the deep learning algorithm model is completed, the model will be poured into our ** after training, and you can do real-time changes and transformations. In this case, you can change your face in real time. Voice communication is also possible, we need to collect some voices in our target group in advance, and then train the model to restore the voice of the target group.
AI generation is extremely high, difficult and expensive.
According to experts, for the purpose of fraud, the implementation of point-to-point calls requires AI artificial intelligence to generate a very high degree. It is not easy to achieve the effect of fake and real for fraud.
Fang Yu, member of the Digital Economy and Security Working Group of the Security Professional Committee of the China Computer Federation: For fraud, in fact, it is mainly through point-to-point calls, at this time, if you use face swap technology and voice synthesis to do real-time face swap fraud, if you want to complete these technical operations, you need to invest in strong technical support.
Xue Zhizhi, an expert of the Artificial Intelligence Security Governance Special Committee of the China Cyberspace Security Association: There needs to be a lot of capital investment behind it, including the collection of the best products, including the personnel of professional algorithms, etc., which requires a long cycle, including some computing algorithms. All aspects of investment need to be continuously iterated and operated for a long time in order to achieve a fairly realistic effect, and it is possible to achieve the actual effect of fraud.
At present, AI "face swapping" is more used in entertainment** recording.
In addition to some criminals trying to use AI technology to commit fraud, in fact, in recent years, AI technology has been more used in the secondary creation of short **, which is of an entertainment nature, and more and more celebrities AI face swapping ** appear on the Internet, many netizens sighed, this kind of ** "mouth shape, gestures are matched, so natural, I almost thought it was true." ”
For example, this software, after taking a picture of the reporter's face**, it can record and generate a video of the reporter becoming a racing driver in seconds**.
Fang Yu, member of the Digital Economy and Security Working Group of the Security Professional Committee of the China Computer Federation: At present, AI technology is mainly used to change the face of the short **, by doing some specific movements, dancing and so on. These ** actually seem to be a little unnatural, and they are also purely entertaining face changes.
The reporter found that in the mobile phone application**, there are dozens of face-swapping software, which can achieve the purpose of face-swapping.
Xue Zhizhi, an expert of the Artificial Intelligence Security Governance Committee of the China Cyberspace Security Association: If you look at it from the perspective of entertaining the public, there are many of these software and tools on the market, which can achieve the effect of AI face swapping, but the ** degree is only six or seven points, and the public can see it directly. But if you want to generate a scam to speak, you must generate this kind of point-to-point that we have a very high degree.
There may be legal risks associated with the "face and voice swapping" of AI technology.
However, AI technology is also a "double-edged sword", even if it is for entertainment to use AI to change faces and voices, there are legal risks. Legal experts said that using AI technology to change the face and voice of others or even translate it into other languages and publish ** may be suspected of infringement, mainly in three aspects:
First, it is suspected of copyright infringement, such as cross talk and sketches, which are all "works" protected by the Copyright Law of the People's Republic of China. For example, netizens who use AI software to "translate" cross talk, sketches, etc. into other languages need to be authorized by the copyright owner, otherwise there will be infringement problems.
According to the Civil Code of the People's Republic of China, no organization or individual may infringe upon the portrait rights of others by means of defacement, defacement, or forgery by means of information technology. Without the consent of the portrait rights holder, the portrait of the portrait rights holder must not be produced, used, or disclosed, except as otherwise provided by law.
Third, it is suspected of infringing on the right of voice, and according to the provisions of the Civil Code of the People's Republic of China, the protection of the voice of natural persons shall be subject to the relevant provisions on the protection of portrait rights. In other words, it is necessary to obtain the consent of the person who has the right to speak before you can use the voice of another person.
Learn a few tricks to easily identify AI "face and voice".
The emergence of AI face swapping technology has led to hearing being virtual and seeing not necessarily believing. So how can we prevent it? Experts said that in fact, no matter how realistic the AI artificial face swap is, there are still some ways to identify the real and fake.
Fang Yu, member of the Digital Economy and Security Working Group of the Security Professional Committee of the China Computer Federation: In fact, judging from the real-time deepfakes I have seen so far, there are actually some ways to verify it.
For example, we can ask the other party to carry out a recognition and real-time forgery by waving in front of the face when the ** is talking, because it needs to generate and process this ** in real time and change the face of AI.
Then in the process of waving his hand, it will cause the interference of this kind of facial data, and the final effect is what we see, in the process of waving, the face he forged will produce a certain amount of shaking or some flashes, or some abnormal situations.
The second is that in peer-to-peer communication, you can ask some questions that only the other party knows to verify the authenticity of the other party.
Raise awareness of prevention and avoid the leakage of personal biological information.
Experts said that in addition to some tips for identifying AI face swap scams, each of us should raise awareness of prevention, and take relevant precautions in daily life to develop good online habits. First of all, we should do a good job in the protection of daily information security, strengthen the security protection of biometric data such as faces, voiceprints, fingerprints, etc.: in addition, do a good job in the security management of software and hardware of personal mobile phones, computers and other terminal equipment. Second, don't log in to unknown sources** to avoid being invaded by viruses. Third, do a good job of authorization management for applications that may be used for sound, image and even ** and positioning collection. Not giving others the opportunity to collect their own information can also keep AI face-swapping scams away from them to a certain extent.
With the development of AI technology, there is a need for multi-level regulatory norms.
In addition to raising awareness of self-prevention, how to strengthen the supervision of AI technology has also become an issue of concern to more and more people. AI technology itself is not a problem, the key is how do we use it? How to form effective supervision? According to experts, the development of AI technology requires multi-level supervision and standardization.
First, at the source, it is necessary to further strengthen the protection of citizens' personal information, especially the technical and judicial protection of biometric and other private information. Second, management can be strengthened at the technical level. For example, you can use **spread** or social software to use professional identification software to identify, and mark the "AI-generated" watermark with an indelible "AI-generated" watermark for AI generation. At present, this digital watermark counterfeiting technology needs to be further popularized. Third, at the level of the legal system, it is necessary to further improve relevant laws and regulations in the field of artificial intelligence. On August 15, 2023, China officially implemented the Interim Measures for the Management of Generative AI Services. The Measures "draw red lines" from many aspects, aiming to promote the healthy development and standardized application of generative AI.