• Military
• WMD

• Intelligence Menu               

• Systems
• Operations
• Countries
• Hot Documents
• News
• Reports
• Policy
• Budget
• Congress
• Imagery
• Links

• Homeland Security
• Space

MSS warns of foreign espionage risks from facial data theft

Global Times

By Chen Qingrui Published: Aug 06, 2025 08:44 AM

China's Ministry of State Security (MSS) on Wednesday sounded the alarm over the risk of personal information theft through biometric identification technologies, warning that publicly disclosed cases have shown foreign spies stealing facial data to carry out close-targeted espionage against China.

The ministry made the remarks in an article published on its official WeChat account on Wednesday.

Riding the wave of the digital era, biometric identification technologies have advanced rapidly and seen widespread adoption for their accuracy and convenience. These technologies enable the swift collection, analysis, storage and recognition of facial features, fingerprints, irises, body shapes and gaits.

The MSS cautioned that the risks of data leaks and theft behind such collection should not be underestimated.

Cases showed that foreign intelligence agencies have illegally stolen facial data from key targets, forged the information to obtain classified materials, and even infiltrated sensitive workplaces to conduct espionage, endangering national security, MSS said.

Moreover, a foreign company directly connected its fingerprint payment system to its corporate database, and due to poor management, hackers repeatedly breached the system, stealing information and causing severe data leaks.

The ministry warned that because iris patterns are highly stable, difficult to replicate, and possess exceptional precision and uniqueness, they are often used in high-security fields and have become prime targets for criminal exploitation.

Cases have shown that a foreign company used the issuance of cryptocurrency tokens as a pretext to scan and collect iris data from users worldwide, later transferring the data overseas and posing risks to both personal information security and national security.

The ministry sounded the alarm for the public to be cautious when providing biometric information, saying that when using facial, fingerprint or iris recognition technologies, individuals have the right to require data collectors or service providers to clearly explain how the data will be stored, processed and used, to review their privacy policies in detail, and to remain alert to excessive collection.

Biometric data is unique and immutable - fingerprints, facial features and irises remain constant throughout a person's lifetime and cannot be altered. Once compromised, users cannot simply "replace" their fingerprints or irises, industry experts warned.

The exposure of biometric information carries risks beyond password breaches, enabling AI-powered face swaps and deepfake technologies that threaten personal privacy and financial security, with potential consequences that can shadow victims for life, Chen Jing, vice president of the Technology and Strategy Research Institute, told the Global Times on Wednesday.

Chen said that with technological advances and the spread of smart devices, wearables and smart cities, biometric authentication is moving toward cross-platform "universal verification." Given the irrevocable nature of such data, the potential uncertainty will expand sharply, he said, noting that facial, iris, voiceprint, palm print, gait and even heartbeat data could be captured without users' awareness through smart streetlights, shared e-scooters, AR glasses, health bands and other connected devices.

When implementing facial recognition, fingerprint payment and similar systems, companies must adopt rigorous measures across technology, management and compliance, Chen stressed.