Create a fake Chris in minutes, thanks to AI

In a disturbing new development using AI, I can generate a fake passport in minutes that would fool Revolut and Binance for account opening. This was a discovery by Polish researcher Borys Musielak using ChatGPT-4o, who created a fake passport in five minutes

You can now generate fake passports with GPT-4o.

The fake passport bypassed checks on major bank and fintech platforms, which must surely be concerning. After all, four out of five financial institutions rely on paper-based documents like passports and driving licenses to prove identity, and these processes have now moved online.

How was this done?

Well, don’t go to ChatGPT and say create a fake passport. What Borys did is asked ChatGPT to change his business card details.

All of this, remarkably, was done in minutes using basic prompts. No code. No Photoshop. No underground know-how.  You can find out more here.

For all forms of commerce and contract, the rise of AI generated identities should be a concern. After all, I can not only generate false identity documents, but fake everything.

Generating fake invoices, spurious flight tickets, bogus school certificates, falsified rent receipts, forged visa docs etc just became super easy with Chatgpt 4o... check out this 🧵

So, we know we have a problem. What’s the solution?

ZKP.

What the hell is ZKP?

Zero-Knowledge Proof.

Tell me more …

ZKP is a cryptographic method where one party (the prover) can prove to another party (the verifier) that a statement is true, without revealing any information beyond the truth of the statement itself. This is achieved by providing a proof of knowledge or ownership without disclosing the details.

How does that work?

The prover has a secret piece of information or knowledge that supports a claim.

The prover creates a proof that demonstrates the truth of the claim without revealing the secret.

The verifier examines the proof and can either accept or reject it.

If the verifier accepts the proof, they are convinced of the statement's truth without knowing the secret details.

Here's a breakdown of the key aspects:

• Prover:The party who wants to prove the truth of a statement.
• Verifier:The party who wants to verify the truth of the statement.
• Statement:The claim that the prover wants to prove.
• Proof:The information provided by the prover to convince the verifier of the statement's truth, without revealing the underlying details.
• Zero-Knowledge:The core principle of ZKP, meaning the verifier learns nothing beyond the fact that the statement is true.

How can I use it?

Here are a few examples:

• Proving you have sufficient funds in your bank account without revealing your exact balance.
• Demonstrating that you own a specific digital certificate without revealing the contents of the certificate.
• Validating a transaction on a blockchain without revealing the sensitive transaction data.

The bottom-line is that we have moved from analogue to digital and our identity systems must move accordingly. Right now, we rely far too much on paper-based documentation. It may be issued by governments or institutions we trust, but if it is a document that can be shared online, it is a document that can be faked online. Traditional document verification died the moment AI learned to replicate it. There’s the rub.

Anyway, I tried it myself. Here is the result ...