Ben Schlabs, of Security Research Labs in Berlin, says he and colleagues succeeded in fooling facial-recognition software by holding up a photo of a person’s face to the camera, then waving a pen in front of it. The system mistook the movement for blinking, and the photo was accepted for a living image. “This may be the worst idea ever,” Schlabs says. “Your face is literally recorded everywhere you go. It’s the only part of your body that you never cover up.”
Important to note, this is different from facial surveillance, which we debate here fairly regularly. In facial surveillance, you take a list of faces and try to find matches 'in the wild' without the suspects cooperating. In facial verification, someone tries to access a resource (to a building, to a bank account, etc.) and presents (hopefully) their own face to be allowed to access. What this researcher is saying is that if I know John Doe banks at ABC, I can get a photo of him and gain illicit access to John Does's bank account.
Agree/disagree with this researcher?