TruePic has developed technology that can be embedded in Qualcomm mobile chips to authenticate images from the moment they’re taken.
We’ve all seen the photos or videos. A politician or famous actor says something totally out of character. It looks like the person, sounds like the person and goes viral on social media. But it’s a deepfake, a form of digital manipulation that experts say is one of the biggest threats to trust on the internet.
Truepic, a San Diego startup, says it’s found a way to prevent deepfakes and doctored images before they can even show up online: by verifying the authenticity of videos and images at the time they’re captured. Now the company is working to put the technology, which it calls Truepic Foresight, in millions of smartphones around the globe by having it embedded it in the Qualcomm processors that power the majority of the world’s Android phones.
Truepic said Thursday that its code is now working on a Qualcomm Snapdragon-powered prototype smartphone, making secure photos — shot by a phone’s native camera app — a possibility in the not-too-distant future. The technology gives each image or video a permanent digital signature with information such as when and where it was taken, and whether it has been edited in any way. That would let someone seeing the image online know that it’s real.
“We [can] begin to elevate the level of trust on the internet,” Sherif Hanna, a Truepic vice president of R&D and a former Qualcomm executive, said in an interview. “Versus this … no man’s land that we’re in right now where we can’t even agree if the pixels were created by photons of light, or were created by AI.”
For nearly as long as photography has existed, people have found a way to doctor images and videos. But today, advanced technology and artificial intelligence have made it almost impossible to tell real video and photos from fakes. In an era of “fake news” and rampant misinformation on social media, AI can make people appear to say things they’ve never said or create entirely new, realistic-looking people out of thin air. It causes many people to question what they see, and once people doubt the legitimacy of photos and videos posted online, it becomes harder to convince them something is authentic.
Millions of potential users overnight
Many companies are working on finding ways to detect deepfakes or prevent them in the first place. Camera makers such as Canon have offered similar features for images captured by their devices. Even Adobe, the company whose Photoshop software is used to create doctored images, plans to embed metadata tagging and cryptography on images and videos to verify their authenticity.
Truepic has one advantage. It’s working with Qualcomm to potentially embed Truepic Foresight’s security smarts in every future Android phone. It will ultimately be up to a handset designer whether to use the technology, offering, for example, a “Secure” photo mode. Still, Truepic’s technology has the potential to reach millions of users very quickly. This year, smartphone vendors should ship 1.055 billion Android phones around the world, according to IDC, and a significant chunk of those devices use Qualcomm chips.
“We have the opportunity to get this in the hands of tens of millions or even hundreds of millions of people in very short order,” Hanna said.
Truepic and Qualcomm declined to say if the chipmaker will push the technology with smartphone makers but hinted at more news to come about the partnership. They also declined to say when the technology could appear in a consumer smartphone. But Qualcomm said Truepic Foresight could show up on everything from pricey flagship models to cheaper phones.
“The security infrastructure that it’s using is pretty much the same across all tiers of [Qualcomm] chipsets, so this function, once it’s enabled in one chipset, is available for any [Qualcomm] chipset, and then it comes down to the [device makers],” Manvinder Singh, Qualcomm vice president of product management, said in an interview. “We’ve made sure that it works before … customer adoption.”
Even if only a couple major Android handset makers adopt the technology, it would have much broader reach than the current form of Truepic’s technology. Today, Truepic has a free app that users have to download and launch when they want to take secure photos. The Vision Camera app for Android has been downloaded “10K+” times.
How it works
On the prototype phone, Truepic integrated its Truepic Foresight technology into the part of the Snapdragon 865 processor that stores sensitive data like biometrics. The phone’s native camera app then features a new “Secure” capture mode. When images are captured in that mode, they’re immediately moved from the image sensor into the trusted, isolated environment. The system generates a digital signature as well as other “crytographically-sealed” provenance information to help people authenticate the image is real. It authenticates the pixels, date and time, geolocation and 3D depth map that were fixed to the content at the time it was captured.
Android itself can’t see the image, and Truepic Foresight verifies that it hasn’t been modified in any way since being captured.
The company has ideas for how to indicate that a photo has been edited with common techniques, like lighting or contrast fixes. Hanna declined to specify those plans but noted that there are ways to keep a trusted record of edits for crops, rotations, filters and other run-of-the-mill photo fixes.
Truepic’s technology for smartphone chips doesn’t tap into blockchain like its earlier offerings. In the past, after a photo was marked with permanent metadata, it was saved to a blockchain and added to Truepic’s servers. Now photos and videos are stored on each user’s individual device, and Truepic doesn’t have access to them. The company said it doesn’t believe blockchain will scale enough to address the millions of photos taken every day.
Instead, it uses the same type of public key infrastructure that’s used in the Google Play Store to ensure the authenticity of an app by its developer.
“We don’t store the photos, we don’t store the hashes, we don’t store the digital signatures, we don’t store anything other than a record that we stand behind the key,” Hanna said. “We did not want this to become a tempting tool for surveillance.”
Truepic has a big hurdle to overcome: getting people to trust its technology. And it has to convince hardware makers to enable it in their phones and social media companies to display the information with the photos on their sites. For the latter, Truepic is working with standards bodies on the right way to present whether a photo is verified or not.
For the former, a user wouldn’t have to know Truepic’s name or trust Truepic itself, Hanna said. The person would just have to see something like the lock icon found on bank websites and trust the software, he said. And by working with Qualcomm, it will have a powerful ally in getting handset makers to adopt the software.
“There is this imminent, urgent need out there,” Hanna said. When it comes to putting the technology in consumer devices, “it will probably be sooner rather than later.”
Source CNETRelated posts: