Trusted AI Research at Ant Group: Advances in Computer Vision, Watermark Defense, Robust Machine Learning, and Explainable NLG

As deep learning matures, AI technologies are increasingly deployed in healthcare, transportation, and city management, but their risks have sparked global trust concerns.

Ant Group’s security labs, focusing on trustworthy AI, system security, and data security, have become world‑leading in AI safety patents, ranking first in 2021.

In the first half of the year, collaborations with Tsinghua, Shanghai Jiao‑Tong, and the Chinese Academy of Sciences produced ten papers accepted at top venues (CVPR, KDD, ECCV), covering computer vision, machine learning, and natural‑language generation.

1. Trusted Computer Vision Algorithms – The team introduced a hierarchical multi‑granular residual network (HRN) based on a label‑relation tree, achieving state‑of‑the‑art results on public datasets and enabling fine‑grained risk detection in tickets, forms, and illicit content.

2. Watermark‑Vaccine Defense – By designing destructive and hidden watermark vaccines (DWV/HWV), the researchers created adversarial perturbations that prevent blind watermark‑removal networks from erasing visible watermarks, demonstrating robustness against common image‑processing operations.

3. Multi‑modal Document Understanding (XYLayoutLM) – The XYLayoutLM model generates reading‑order‑aware layouts for visually rich documents, handling long sequences and complex hierarchical structures, improving accuracy on FUNSD and XFUN benchmarks and being deployed in Ant’s automated form‑understanding services.

4. Stable and Robust Trustworthy Machine Learning – Introducing “logit anchoring,” a high‑consistency fine‑tuning method, and a rejection‑aware multi‑task network (RMT‑net) that integrates causal inference, the work raises accuracy in risk‑control and identity‑verification scenarios while maintaining model stability.

5. Explainable NLG and Logic‑Driven Data2Text – A logic‑graph‑based Data2Text framework encodes expert knowledge as paths, uses attention to link generated text to logical routes, and applies rule‑based correction, achieving significant gains in anti‑money‑laundering applications.

The labs have also built the industry’s first industrial‑grade trustworthy‑AI detection platform, emphasizing continued collaboration between academia, industry, and research institutes to advance AI safety in real‑world scenarios.