BUFFALO, NY – The researchers from the University of Buffalo has found a way to determine which smartphone took a photo by analyzing even just a single photo that particular device has taken.
The researchers have their efforts centered on photo-response non-uniformity (PRNU), a flaw in the digital imaging. It made their discovery on how to pair a photo to a smartphone or find which smartphone took a photo like how bullets are matched to a gun possible.
PRNU takes place when there are tiny variations on the sensor of the camera during the manufacturing process. These differences can, in turn, create millions of pixels in the sensor of the camera which project colors that vary. Some are slightly darker or brighter than what is normal. It then makes a systemic distortion of the picture which is called the pattern noise.
The photo’s pattern noise can’t be seen with the naked eye and can only be extracted by some special filters. It is also rather unique for every camera. The process where images are being analyzed typically needs around 50 photos that were taken by each camera. However, the study has found that it only takes a single picture from a smartphone since the image sensor inside a phone is ten times smaller.
When it comes to the camera sensor, smartphones are unique from one another, like snowflakes. Regardless of the manufacturer of the device, it can be identified using the pattern of its microscopic imaging flaws for every photo the device takes. It is according to the lead author of the study, Kui Ren, who discovered the process to identify which smartphone took a photo.
In his statement, he also added that the whole process is the same one when bullets are being matched with a gun. The study was done using about 16,000 photos from 10 different Samsung Galaxy Note 5 devices and 30 iPhone 6s smartphones. The result of the ID tests yielded an accuracy rate of 99.5.
According to the researchers of the study, the identification process can also be used in the future as an authentication during cash withdrawals or when buying something. The study has also found that this photo analysis can also help reduce the risk of potential attacks in a way that the system can be used as a PRNU fingerprint.
For example, a photo that was taken by one’s smartphone can be used in a transaction between a customer and a supply business as a reference. At times that a particular customer will purchase something, the business or retailer can ask for a photograph of the two QR codes that are usually presented on the screen or an ATM.
By using a particular application, the customer can then send the photo taken to the retailer who will then check the PRNU and the picture as a way to verify that the device is making a purchase.
But according to the researchers, there are still slight problems with the system. Cybercriminals can remove the PRNU. However, they also noted that the probe signal embedded in QR codes would weaken when removed. In their statement, the researchers said that the study simply suggests that the new PRNU-based authentication provides a promising approach when it comes to security.
The latest technology that identifies which smartphone took a photo will be unveiled on February next year.
