this post was submitted on 06 Apr 2025
14 points (85.0% liked)

Hacker News

1267 readers
625 users here now

Posts from the RSS Feed of HackerNews.

The feed sometimes contains ads and posts that have been removed by the mod team at HN.

founded 7 months ago
MODERATORS
patrick@lemmy.bestiver.se
rssbot@lemmy.bestiver.se
14
ChatGPT-4o used to create a replica of his passport in just 5 mins bypassing KYC (securityaffairs.com)
submitted 3 weeks ago by rssbot@lemmy.bestiver.se to c/hackernews@lemmy.bestiver.se
3 comments fedilink hide all child comments
 

Comments

you are viewing a single comment's thread
view the rest of the comments
[–] wizardbeard@lemmy.dbzer0.com 5 points 3 weeks ago (1 children)

Note: Did not actually bypass any KYC systems.

[–] yojimbo@sopuli.xyz 1 points 3 weeks ago* (last edited 3 weeks ago) (1 children)

Doesn't it say:

Although the fabricated passport likely would not withstand scrutiny due to the absence of an embedded chip, it proved sufficient to bypass the most basic KYC procedures employed by some fintech services.

From what i gather about these "Know Your Customer" systems, they take the photo of your ID, check if it is realistic enough and then check the picture on your ID (bad as it is) against your authentic photo made through the app. Verification against 3rd party API confirming existence of such ID while welcome / preferred seems to be optional (doesn't work for all IDs - there may be technical/ legal barriers).

So the vulnerability has probably always been there, still is (?!?), for a sweet moment in time it was just more easy to exploit?

[–] wizardbeard@lemmy.dbzer0.com 1 points 2 weeks ago

There's some comments on HN that indicate that the first article said it could theoretically bypass a few specific ones, which later articles (including the one linked here) "telephoned" into saying that it actually did.