Look, I’ve been covering Silicon Valley since flip phones were cutting-edge and the phrase ‘disruptive innovation’ hadn’t yet become the corporate cliché it is today. And honestly? I’m still waiting for the next big thing that doesn’t boil down to someone else’s data being scraped or a new way to put your face on a screen. So when I heard about Jake Moore’s little stunts with facial recognition, my first thought wasn’t “wow, advanced tech!” it was, predictably, “who’s making money off this mess, and who’s getting screwed?”
Because that’s always the question, isn’t it? We get sold these shiny new toys, these “solutions” to problems we didn’t even know we had, and somewhere along the line, the actual mechanics of it all, the real implications, get buried under a mountain of marketing fluff. Facial recognition, supposedly the ultimate in biometric security, the digital handshake that’s impossible to forge, is the latest shiny thing to get a much-needed dose of reality.
Can Your Face Really Be Stolen?
Moore, who apparently moonlights as a “Global Cybersecurity Advisor” for ESET (marketing departments love those titles, don’t they?), decided to take this whole “trust your face” mantra for a spin. And what he found shouldn’t exactly shock anyone with more than a decade of tech reporting under their belt. His experiments, detailed in his upcoming talk at RSAC 2026 (save the date, folks, March 23rd-26th in San Francisco—more marketing opportunities!), basically proved that facial recognition, as it’s currently deployed, is about as strong as a screen door on a submarine.
His first trick? A pair of souped-up smart glasses. Nothing fancy, just off-the-shelf gear, apparently. He waltzed through a public space, pointed his glasses at people, and within seconds, bam, he had their names and social media profiles pulled from public data. Think about that for a second. Your fleeting glance in a coffee shop, your hurried walk through the park, could now be tagged, identified, and added to some unknown database with relative ease. Handy for remembering names at a dull networking event, sure. But for the less savory characters out there? It’s a goldmine of personal information, ripe for the picking.
“The powerful technology can actually be both misused and defeated.”
Now, this isn’t some theoretical breach. This is real-time reconnaissance happening with consumer-grade hardware. The implications for privacy are staggering, and that’s before we even get to the money shot.
Your Bank Account Is As Secure As Your Selfie
This is where it gets really interesting, and frankly, infuriating. Moore then turned his attention to the financial sector. You know, the place that’s supposed to be all about security and protecting your hard-earned cash. Using AI-generated images and—wait for it—freely available software, he created a fake person. A digital ghost. And guess what? This fabricated face, this non-existent human being, successfully opened an actual bank account. The bank’s “know your customer” platform, their state-of-the-art facial recognition and eKYC system, apparently looked at this digital puppet and said, “Yep, checks out. Here’s a bank account.”
And that’s the kicker, isn’t it? After Moore proved his point (and presumably alerted the bank, who then patched their specific vulnerability – good for them, I guess?), the broader, chilling question remains: how many other banks, how many other institutions, are still wide open to this exact same trick? We’re talking about the very foundations of identity verification being less secure than a hastily drawn doodle.
Not Even the Cops Can See You
Moore wasn’t done. His final act of defiance against the digital panopticon involved a busy London train station. He added himself to a facial recognition watchlist (because of course he did) and then, as he walked through the monitored area, he ran real-time face-swapping software. His face, on the CCTV feed, was replaced by that of Tom Cruise. Not a blurry, low-res imposter. A convincing, real-time overlay. The system, reportedly used by the UK police, didn’t bat an eye. He was, in essence, invisible. A ghost in the machine, or rather, a movie star.
This is the part that really grinds my gears. We’re told these systems are for our safety, for security. Yet, a determined individual with readily available tools can essentially become a digital phantom. It’s not just about fooling a gate at the airport; it’s about evading law enforcement, about disappearing from surveillance nets. And all while the companies selling these systems are likely touting their unparalleled accuracy and tamper-proof nature.
Who’s Actually Benefiting Here?
The underlying message from Moore’s experiments is clear: we’re deploying facial recognition systems with a level of trust that’s simply not warranted. The tech is fragile, easily outmaneuvered with off-the-shelf components and accessible software. Identity verification that leans solely on a facial match? That’s not just risky; it’s borderline negligent. It’s a house of cards built on the assumption that everyone’s face is a unique, unforgeable key, when in reality, it’s more like a cheap, easily copied fingerprint.
The vendors of these systems, and the organizations that implement them, need to wake up. Testing under adversarial conditions isn’t an optional extra; it’s a fundamental requirement. The allure of convenience and perceived security is leading us down a dangerous path, one where our faces become our biggest liability. And as always, the real question is: who profits from this widespread vulnerability? My money’s on the folks selling the “next generation” of security that will, no doubt, also be susceptible to some clever hacker with a laptop and a dream.
