Camera Makers Have Ignored Security, Putting Photographers at Risk

A silhouette of a camera with an unlocked lock icon

It goes without saying that anything that is valuable is eminently stealable. If there’s a market for consumer goods, then there’s a market for stolen consumer goods.

Cars have locks, laptops have passwords, credit cards have PINs, houses have alarms, and phones have fingerprint readers. Why then do cameras, and particularly high-end cameras, have nothing? Are manufacturers culpable in creating a market for stolen cameras?

Theft comes in one of two main varieties: actively taking an item that belongs to someone else or more passively failing to return an item you find. Either leads to the same pain for the owner or, rather, “previous owner”. Having something stolen can be traumatic and sadly all too common, such as the recent robbery at gunpoint of a San Francisco Chronicle photographer, while losing something is frustrating, particularly as there’s usually only one person to blame!

If your gear is stolen, then the thief has no intention of returning it and the best you can do is scour eBay, Craigslist, Gumtree, and your local pawn shop to see if any of it turns up; you might get lucky.

You can also use a service such as Lenstag or CameraTrace to keep track of your equipment, including their serial numbers. First and foremost, it’s a single location for logging your gear, which is useful if you ever need to report an item as stolen to the police or an insurance company. It also lets you log it as stolen, which other users can search for. StolenCameraFinder trawls online photos matching serial numbers to find where they have been uploaded and allows you to log lost and found cameras.

In light of all of this, if you buy second-hand gear, search for it online first. I label all my equipment, which means if someone is intending to return a lost item they can. And it goes without saying, that insurance will mean you aren’t totally out of pocket.

Ideas for Camera Security Features

A photographer taking a lens out of a camera bag

Cameras meet the criteria required for theft: high value, relatively easy to steal, and easy to sell on. If any one of these aspects can be disrupted, then the risk can be reduced.

Now you can’t do anything about value other than buy a cheaper camera, but there’s probably a reason you went for that top-end model in the first place! You can try to reduce the likelihood of the second; for example, avoid high crime areas, use unbranded straps, and don’t carry an obvious camera bag. However, focusing upon the third point, there is one aspect that is conspicuous by its absence in theft deterrence: the ease with which camera gear can be resold.

Now while both buyers and sellers should avoid handling stolen goods, this would become a moot point if the camera equipment could only be used by the owner. Smartphone manufacturers hit upon the solution initially through addressing issues related to privacy: by automatically locking a device. Authentication is required at the point of use through a PIN, fingerprint, or facial recognition, with the additional benefit that it becomes unusable when locked, which significantly reduces its value to a thief.

Illustrations of fingerprint and iris recognition technology

Why then, in 2021, do no cameras require authentication to unlock and operate them? All the ingredients are in place: they have a system processor, onboard software, external sensors, and (obviously) the ability to capture images. Yet to use a camera simply requires you to flick a switch.

There is a range of measures that manufacturers could introduce that would reduce the ease with which stolen cameras can be resold. Perhaps most significantly would be PIN, fingerprint, or facial recognition authentication. I’m not a fan of introducing yet another PIN to remember and it tends to be the slowest access method, so fingerprint or face/iris recognition would offer the least intrusive option.

A fingerprint reader could be incorporated into the shutter button or next to the handgrip, while iris scanning should be achieved through the electronic viewfinder. This would necessitate an extra sensor and supporting software, but it should be readily possible.

Where eye and thumb recognition could be located in a Nikon Z9 mirrorless camera.
Eye recognition could be built into eyepieces and fingerprint recognition could be built into grips.

Taking this a step further, you could offer features such as a once-a-day unlock (so that unlocking doesn’t become intrusive), along with the introduction of two-factor authentication (2FA). The latter could require you to use a physical “key” to unlock the camera during a set period, for example, every three months. This could use NFC to transmit the token, a technology that some cameras already use for pairing.

By locking the camera down, the focus would shift to lenses. Most modern lenses incorporate firmware for their fly-by-wire operation, so adding a requirement to authenticate the use as well as pair a lens to a camera should be possible. In this instance, you need to lock down both sides of the pairing process, which means authentication by camera and lens.

Once set up, the lens could use authentication provided by the camera against its stored users and then additionally match to the serial number of the camera. Alternatively, a 2FA approach could be adopted that would require an external key to initiate the pairing process.

The Future of Camera Security

What’s remarkable, then, is that this hasn’t already happened given that it would offer a significant benefit to end-users and a competitive advantage to manufacturers. So why is this the case and are manufacturers culpable? There are three reasons commonly raised.

Firstly is that consumers aren’t interested. Now I’ll be the first to admit that if I had the choice between, for example, IBIS or a fingerprint reader I’d go for IBIS every time! Cameras aren’t like that anymore, as we are seeing an incremental space race of video and stills specifications; I’d happily forego the increase from 5 to 6 stops of IBIS for the inclusion of a fingerprint reader!

Secondly, manufacturers aren’t interested. In the absence of any comment from leading camera makers, it’s difficult to know where this sits on their radar, although the fact we haven’t heard anything perhaps says enough. What we need is for consumers to talk loudly enough and for one manufacturer to jump in with both feet, in the same way, we’ve seen other camera features added (for example, automatic sensor cleaning).

Finally, cost may well be raised as an issue. The hardware involved, given the implementation by smartphone manufacturers, is readily available and low cost.

In this sense manufacturers’ failure to introduce security features has made them culpable in encouraging a market for stolen cameras, particularly as there has been a focus in recent years upon developing higher-end, premium, cameras. This is particularly potent at the moment as pent-up consumer demand and a lack of supply have driven up second-hand prices.

In short, if you see a camera on the street it’s more likely (than previously) to be valuable, commands a higher resale price, and is easy to pass on for cash.

A man holding a Canon DSLR on a street with a red target on the camera

Camera Software May Be an Obstacle

Perhaps hiding behind the scenes, however, is the wider issue of in-camera software, which may well be causing manufacturers to stutter. Each has its own camera firmware developed in-house; when a new camera feature is introduced it has to be incorporated into the software.

Part of the problem is that firmware has developed from simple digital controllers using a restricted set of hardware, much like your microwave oven, central heating, or DVD player. Yet, manufacturers now face the situation where cameras need to evolve into general computing devices.

The success of the smartphone is largely predicated on the ability to instantly edit and instantly share photos that are “good enough” and that success is rapidly evolving into something that can genuinely challenge the camera. The expectation of consumers is that cameras now have similar features, such as editing software, a mobile data connection, and — yes — biometric security.

By evolving the camera into a general computing platform, security features that have been previously discussed such as GPS tracking and remote disabling become feasible. Not only that, but a software store could allow third-party developers to introduce new features; for example, image editing presets or more advanced computational photography functionality.

Developing a new software platform from scratch is a major undertaking and the rush to mirrorless has required significant hardware engineering to achieve the highest possible quality imaging results. Minimizing software development by using current technologies and so evolving existing hardware lines has been the obvious path to take, but it represents a missed opportunity to redefine the fundamental building blocks of the camera.

Security features are one aspect that highlight the significant flaws in the approach camera manufacturers are taking. Either way, consumers need to demand authentication as a pre-requisite for new cameras; it is the least we can expect for investing in and supporting manufacturers.

Image credits: Photos licensed from Depositphotos