Like matching bullets to a gun

Verge Article

Researchers can determine what smartphone a photo was taken on by analyzing it

Researchers at the University at Buffalo have discovered a way to identify smartphones by analyzing just a single photo taken by the device. The researchers centered on a flaw in digital imaging called photo-response non-uniformity (PRNU) to do so.

PRNU happens when the imperfections in the manufacturing process of each camera's sensors create tiny variations. Those variations can cause the millions of pixels in the camera's sensor to project colors that are slightly brighter or darker than normal, which creates a systemic distortion in the photo called pattern noise. This is invisible to the naked eye, and is extracted by special filters -- where each pattern is unique for each camera. This process to analyze images usually requires 50 photos taken by a camera, but the study found that only one photo is needed for smartphones, as the image sensor inside phones are tens of times smaller.

"Like snowflakes, no two smartphones are the same. Each device, regardless of the manufacturer or make, can be identified through a pattern of microscopic imaging flaws that are present in every picture they take," said Kui Ren, the study's lead author, in a statement. "It's kind of like matching bullets to a gun, only we're matching photos to a smartphone camera." The research was conducted using 16,000 images and 30 different iPhone 6s smartphones and 10 Samsung Galaxy Note 5 devices. The ID tests resulted in 99.5 percent accuracy.

The researchers say the identification process may one day be used for authentication when withdrawing cash, or buying something. The study found that the photo analysis could stop potential attacks in this way: A customer could supply a business with a photo taken from their smartphone that's used as a reference -- a PRNU fingerprint. Whenever that customer buys something, the retailer can ask the customer to photograph two QR codes that are presented on an ATM or screen. Through an app, the customer can then send the photo back to the retailer who can then check the picture and the PRNU, which will verify the device making the purchase. The researchers do note that cybercriminals could potentially remove the PRNU, but said the QR codes include an embedded probe signal that would be weakened if removed. "Our user study suggests that the PRNU-based authentication is a promising approach for security," the researchers wrote in the paper.

https://www.theverge.com/platform/amp/2017/12/13/16771854/researchers-study-smartphone-photo-id-analysis


Comments


[25 Points] AlpraCream:

Selfies taken in the mirror make it easy to identify the phone the photo was taken with as well.


[15 Points] Glaukos86:

If one were to photoshop it slightly, like adding a blur in one part of the picture, I doubt that they could account for it at this time and your picture could not be identified.


[6 Points] Thx002:

Change resolution, apply a filter, done, you got em.


[5 Points] RedditAccount28:

Idc I’m still gonna do xanax


[1 Points] scoobydrool:

dead pixels


[1 Points] mymuse100:

“Like snowflakes, no two smartphones are the same. Each device, regardless of the manufacturer or make, can be identified through a pattern of microscopic imaging flaws that are present in every picture they take."

Custom rom on android people...


[1 Points] east_joe:

Some cameras, you can use photoshop and pull a qr code from the image. Look up watermarks and metadata. Be safe out there.


[1 Points] DOXX_R_US:

Take a screenshot of the image. Remove EXIF data


[1 Points] fuckuuunoob:

it call metadata?¿


[0 Points] SingleTabs_Vendor:

Pretty easy to deal with and even better when anon hosting sites do it. Automatically during the upload phase.

And would they have to have the device (or at least pics taken from it) ? Like a matching game? Manufacturers aren't taking note of these tiny imperfections for each device each producer of phones.. At least not until a discovery like this, maybe they would painfully* test and create a note for each camera.