Security researchers have warned video conferencing users not to post screen images to social media after they managed to unmask the identities of users relatively easily.
A team from Ben-Gurion University (BGU) of the Negev used image processing recognition tools and social network analysis to process 15,700 collage images and over 142,000 face images of meeting participants from Zoom, Microsoft Teams and Google Meet.
AI-based image processing algorithms allowed them to identify the same individuals’ participation at different meetings, either via facial recognition or analyzing features in the background.
According to BGU, they were able to detect faces 80% of the time, as well as gender and approximate ages.
Web-based text recognition libraries available free-of-charge allowed the researchers to work out almost two-thirds of usernames from screenshots. Images can be cross-referenced with social media data to raise further potential security and privacy risks, BGU claimed.
The researchers were able to unmask individuals as well as networks of colleagues, highlighting the risk to corporate users as well as consumers.
“The findings in our paper indicate that it is relatively easy to collect thousands of publicly available images of video conference meetings and extract personal information about the participants, including their face images, age, gender and full names,” said Michael Fire of the BGU Department of Software and Information Systems Engineering (SISE).
“This type of extracted data can vastly and easily jeopardize people’s security and privacy, affecting adults as well as young children and the elderly.”
BGU urged individuals and companies not to post video conference images or videos online and to use generic pseudonyms rather than unique usernames or real names on such platforms. A virtual background is also a better choice as real backgrounds can help “fingerprint” user accounts across multiple meetings, it added.
There was also advice for the platform-makers themselves: BGU said that by adding filters or Gaussian noise to images they can disrupt facial recognition without interfering with the image.
“Since organizations are relying on video conferencing to enable their employees to work from home and conduct meetings, they need to better educate and monitor a new set of security and privacy threats,” Fire said. “Parents and children of the elderly also need to be vigilant, as video conferencing is no different than other online activity.”