Israeli firm’s “firewall” neutralizes facial recognition algorithms on uploaded photos

In a bold move to secure personal privacy, D-ID’s “firewall”, planned to be launched in May, will foil facial recognition algorithms by subtly altering uploaded images to protect identities, undercutting automatic social media facial recognition capabilities.
• Firm’s CEO, “Our photos must be protected because unlike passwords, you cannot change your face.”

By Reuters & Israel Hayom Staff


Big brother is watching. But in the future, he may no longer be so all-knowing.

Riding the wave of a global push to comply with new privacy standards, a small Israeli company believes it can help you, and your face, stay anonymous in a hyper-connected world.

Altered screenshot from

The startup, called D-ID, says it has developed a “firewall” to block facial recognition, the ubiquitous technology that can now unlock smartphones, tag friends on Facebook, or help police pick out an individual hiding in a crowd.

The problem is that with facial recognition on the rise, hackers have a new target: huge reservoirs of profile pictures linked to personal information.

Companies around the world are spending big money to protect such databases before a stricter European law takes effect in May. Called the General Data Protection Regulation, it gives people more control over their online information and applies to all groups that do business in Europe.

The idea for D-ID took shape a decade ago when two of its founders took a trip to South America after serving in Israel’s special forces. Friends would post pictures online, but because of their previous jobs, they were forbidden from sharing pictures publicly in case they were recognized.

They began looking for a way for people to share pictures while protecting their identities and a year ago formed the company.

The challenge was to foil facial recognition algorithms, which analyze a person’s face and match it to a stored digital image in the same way that crime scene fingerprints are run against a database.

“More and more organizations are using our faces as identifiers, if it’s to access our phones, to withdraw money or at border controls. That’s why our photos must be protected because unlike passwords, you cannot change your face,” said Gil Perry, D-ID’s CEO.

Designers have created eyeglasses that reflect light to jam cameras and websites offer fashion and make-up tips for camouflaging your face, but in general little can be done to avoid being identified.

D-ID’s solution is a system of digital alchemy that subtly alters stored pictures, enough to escape detection by facial recognition algorithms. Side by side the changes are noticeable, but on its own, the altered picture appears normal.

D-ID is planning a pilot with Cloudinary, a firm that manages 15 billion cloud-based images and videos for web and mobile developers.

It has also signed preliminary agreements with a number of leading government organizations – Perry would not disclose which ones, nor how much the product will sell for.

The product launch is planned for the end of May, around the time the new European law takes effect.

Yuval Elovici, who heads the cybersecurity research center at Israel’s Ben Gurion University, said there is now an “arms race” between groups developing facial recognition algorithms and those looking to confound them. He said D-ID’s technology was an achievement and important for privacy, but that it did have its limitations.

“You cannot oblige everybody to use this technology and to publish pictures only after a transformation,” he said.

Tech startups are often located in high-rises of Tel Aviv’s financial district. D-ID’s second-floor office is secluded in an inconspicuous residential block, opposite a playground. It has raised $4 million, including from Israel’s Pitango Venture Capital and Silicon Valley’s Y Combinator, to support a team of 14 computer engineers.

There are drawbacks. For law enforcement agencies using the system, it will be harder to locate a suspect. So D-ID is working on a solution that will allow such agencies to authenticate identities without storing biometric information, Perry said. How? He declined to elaborate.


View original Israel Hayom publication at: