LEE COUNTY, Fla. — Some people raised concerns since a Russian company created the now trending FaceApp. But cyber-security experts said users should be skeptical when uploading their face to any app, no matter where it was created.
FaceApp isn’t new, but it took the internet by storm this week with celebrities like Drake and LeBron James posting older versions of themselves. But cybersecurity expert John Benkert with Cigent said be wary.
“If you’re giving up a really high-res image of your face, you’ve now given up a biometric fingerprint or signature of you,” he said.
Benkert said that means if you upload your photos to any app and use facial recognition to access your phone or computer, so can hackers.
The Democratic National Committee took it a step further Wednesday and warned presidential campaigns to delete the app since a Russian company created it. But Benkert said hackers can take your information no matter where an app gets developed.
“It really doesn’t matter where the company is from,” said Benkert. “It’s what they do with the data that matters.”
Benkert said photos uploaded to the app don’t go back to Russia, but get stored here in the U.S. on the Amazon cloud. He said this still doesn’t mean you’re completely safe.
“They say that they typically delete, typically, delete your data within 48 hours,” he said. “But they’re very lose with the third parties that they’re able to share the data with.”
He said make sure you read the fine print.
“People just want to have fun, they want to do the app, they want to do what everyone else is doing,” he said. “So, they just keep hitting allow. You have to stop and read what you’re allowing and what you’re giving access to.”
Once you hit allow, you’re giving any app permission to access all of your photos, even if you only upload one. And when you upload pictures you’re also sharing metadata, which includes where and when a photo is taken.