Researchers Say ‘Voila’ App Is Safe to Use but Not Free of Risks

Last updated September 25, 2021
Written by:
Bill Toulas
Bill Toulas
Cybersecurity Journalist

A new AI-powered photo manipulation app is rising high in popularity right now, called 'Voila AI Artist.' The app invites users to upload a high-quality portrait of themselves and then gives them the option to generate a realistic "hand-drawn painting" from the source material. The choices include "cartoon," "caricature," "18th century", and "Renaissance era," and the results are pretty impressive. The problem? The app is uploading the user images to its own servers, where it processes the material.

The excuse for this has always been that the AI needs a lot of power to work its wonder, and having it run on a smartphone would take ages to complete the process, overheat the device, and hurt the overall experience. We have heard these excuses again and again, and they are almost always accompanied by shady or incomplete data management and privacy protection policies.

To clear up the fog, researchers at CheckPoint have decided to take a deeper dive into the Voila app and shared their findings with TechNadu, so here's what they discovered.

As it becomes clear from the above, Voila does come with some risks, even though they all appear to be mitigated. In essence, it all comes down to trust, both in terms of data retention policies and the security of the information. Data breaches aren't unprecedented, so whatever is stored on an online computer could potentially be accessed by unauthorized individuals. In fact, this is often a question of "when" rather than "if."

Yaniv Balmas, Head of Cyber Research at Check Point Software told us:

Most users likely assume that the processing of Voila app is done locally on their phone. This is not the case. A non-obvious fact here is that the company sends face pictures to its servers for processing. When a face photo is sent to the company’s server, the app includes unique installation IDs that were generated by Google Play. So each photo is packaged up with user identification details. While this fact is mentioned in the company’s privacy policy, the possibility for misuse of the data opens up – either by the company itself or by a 3rd party.

For example, if the company is hacked, the attackers could potentially gather a large data base of all faces of application users. We have no way of telling if the company is doing anything illegal or malicious, but I do think it’s important for new users to be aware of the inherent risks in sending content to servers for processing. The risk being pictures of your or your loved ones face in malicious hands, in the event of a data breach or cyber attack.

If we were to give you a piece of advice, that would be to refrain from using any non-essential apps like Voila. We share your enthusiasm for technology, but whenever you engage with an app of this kind, you should keep the risks at the back of your mind and act accordingly.

That said, if you are to upload something on Voila or any other app of this kind, make sure that you are using your own images so as not to expose other people, employ a VPN app to try and trick the "fingerprinting" algorithms, and ideally experiment with royalty-free images just to get an idea of how the tech works. Your data privacy is worth a lot more than a moment of fun.



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: