Researchers Use Facial Recognition Software to Get Social Security Numbers

I wrote about the coming privacy fears resulting from consumer facial-recognition technologies a few weeks ago, and just like that, it’s here.

A group from Carnegie Mellon recently released a study showing how someone can get your social security number – and thus your identity – starting with only a photo.

They used facial-recognition software to match the photo with profiles on social media sites. Through Facebook’s photo-tagging system, researchers could instantly find out the person’s name and any thing else they opted to share with the world – including their birth date and hometown.

From there, finding a social security number was easy, thanks in part to the weakness of SSNs as credentials. When the numbers were created in 1935, their only purpose was to track an individual’s contribution to the Social Security entitlement program, so the administration made no attempt to formulate them as secure identifiers. For all numbers issued until about a month ago, those nine digits have some sort of meaning based on where and when you were born. Curious about yours? The Social Security Administration will gladly tell you, and anyone else who wants to know, how to decode them.

With the knowledge of name, birth date and hometown gleaned from the profile, the researchers could often determine the pictured person’s social security number. Violia! Picture to identity theft, in mere minutes. It kind of makes me want to un-tag all of my photos on Facebook.

But one thing to remember is that facial recognition doesn’t really add anything to this security flaw. I can’t think of any reason an identity thief would find it advantageous to target someone they have a picture of rather than someone whose Facebook profile they simply stumble upon. The photo-to-SSN leap makes for good headlines but, in the end, really provides no new tools for people intent on stealing identities.

What it does point to is the importance of keeping your information private. Your friends don’t absolutely have to know the year or the specific town in which you were born, so don’t list them on your profile. Keep your privacy settings tight – chances are, your friends are not going to be the ones attempting to steal your identity.

Posted by Laura Williams on Aug 03, 2011

  • ONVIF is Reaching New Heights ONVIF is Reaching New Heights

    In this episode of SecurPod, Ralph C. Jensen and Leo Levit talk about the organization’s addition of GitHub and the milestone of more than 20,000 conformant products, as well as two Release Candidates. We also talk about the challenges ONVIF faced during this COVID-19 year and the biggest challenges they have faced.

Digital Edition

  • Security Today Magazine - May June 2021

    May June 2021


    • Tapping into Touch-free Digital
    • Deep Learning
    • Working from Home
    • Body-worn Technology
    • A Tragic Turn of Events

    View This Issue

  • Environmental Protection
  • Occupational Health & Safety
  • Infrastructure Solutions Group
  • Spaces4Learning
  • Campus Security & Life Safety