Deep Fakes and Identity Decentralization

This post is also available in: עברית (Hebrew)

The growing trend of AI-generated content and deep fakes is making us lose our trust in the internet. Can identity decentralization be the solution? The following article summarizes an opinion piece by Cybernews.

Our trust in the digital world is as important as our trust in the real world, but with deep fakes being increasingly prevalent, humans don’t know how to deal with this change. Protocol designers and developers are constantly working to ensure that the communications between software and computer systems are built on layers of technological trust- encryption, digital signatures, and identity verification are proxies for trust in the digital world.

However, the reason schemes like phishing and social engineering are so successful is that humans on the Internet tend to trust other humans. The next stage of social engineering is the use of deepfakes, but this is more dangerous because they can also trick technological barriers and challenge verification security.

Experts from Cybernews warn that the increasing use of deep fakes in breaking trust should be causing alarm. The AI boom brought with it cheap and accessible generative AI, resulting in a proliferation of deep fakes- malicious actors are creating cheap deep fakes to build a fake identity profile and even provide the documentation needed to pass an identity verification process.

One way verification services are used to circumvent synthetic identity scams is to incorporate biometrics into the process (facial recognition and liveliness tests), but unfortunately, deep fakes are being used to bypass such tests.

The race against technology sounds hopeless, but an emerging defense and security tactic presented as anti-deep fake prevention is identity decentralization- A decentralized identity lets users and organizations manage and control their identity in a distributed approach. Rather than relying on a siloed identity provider, the decentralized model relies on a Web 3.0 approach, using distributed ledger technology (DLT), including blockchain, and storing information in a digital wallet. Some claim that AI can be used to detect the misuse of verified credentials to ensure they are not being hijacked and used for fraud.

Nevertheless, if this method is so easy, what stops malicious actors from creating a decentralized identity? Fraudsters could potentially work out how to create deep fake verified credentials and have a fake identity to exploit.

Verified but decentralized identity is a great concept, but we must refrain from thinking it is a panacea for trust. Decentralized identity and its verified credentials must always be dynamic and should always be verified, but this line of reasoning breaks the rule of decentralization. Perhaps the whole idea of decentralization in an online world is impossible.

Cyber reliance is the new cyber resilience and a must-have requirement where people’s identity is concerned. This challenge the world must overcome will unfortunately not have a single-point fix. The fix will have to be multi-layered and contain capabilities of various solutions, and even then, fraudsters are sure to find a way to bypass the best security efforts.

This information was provided by Cybernews.