Perceptual Hashing: How Fraudsters Attack Businesses

Perceptual hash functions are widely used in multimedia applications to fingerprint similar media. However, criminals have found ways to use it for fraud.
By 

Daniël de Jager

 on October 26, 2022. 
Reviewed by 

Joshua Genuth

Perceptual hash functions are widely used in multimedia applications. Facial recognition is a typical example of perceptual hashing, where the same face in different images or videos will generate similar hashes. In digital forensics, perceptual hashing can help analysts isolate similar data. Such hash functions also assist in catching online copyright infringement even when the media has been modified.

What Is Perceptual Hashing?

Here's how it works. An algorithm generates perceptual hash functions as shorthand fingerprints of various types of multimedia, producing a similar fingerprint for content with similar features. Conventional hash algorithms are based on the avalanche effect, where one small change drastically alters the hash of a file. Perceptual hashing focuses on what humans perceive to be related, generating only slightly different hashes for comparable media.

How Fraudsters Exploit Perceptual Hashing

While many businesses use perceptual hashing to prevent fraud, criminals have found ways to use this technology for their own nefarious ends.

Many websites display images or audio to confirm that a user is a human. Fraudsters have found ways to pass such challenges undetected by creating automated solvers—software that generates perceptual hashes for thousands of media files and then compares those hashes to challenges presented on a website. When deployed successfully, a challenge can be solved automatically without human input.

Fraudsters have also found ways to exploit weaknesses in perceptual hashing algorithms by forging similar media like facial images or by changing corresponding media just enough to avoid detection.

Can Perceptual Hashing Fraud Be Prevented?

nSure.ai is an advanced AI platform that does away with aging security challenges that are easily bypassed with sophisticated attacks. Instead, nSure.ai uses advanced AI technology to identify and stop these fraudsters in their tracks. Their machine learning platform uses behavioral and contextual analysis for temporal linking between transactions, intercepting both single fraud events and scalable fraud attacks.