Deepfake fraud protection: Prevent ID and biometric spoofing
Karthik Mani
CPTO, Documents & Biometrics
Throughout history, villains have used disguise to mask their appearance, deceive others and avoid detection. In the present day, artificial intelligence and deepfake technology have accelerated new threats of impersonation and identity cloaking.
In our recent global survey of fraud prevention professionals, it’s clear that many believe that GenAI, deepfake biometrics and documents will be the biggest trends in identity verification and fraud over the next three to five years.
In this guide, we'll explore how deepfake fraud works, the risks it poses to remote identity verification and customer onboarding, and the technologies your organisation can use to detect and prevent biometric spoofing, video injection attacks, face swap fraud, and deepfake ID fraud.
GBG is a digital identity company with 30+ years of experience in the identity verification space. To protect against deepfakes and ID fraud, reach out to our team.
Big bad identity fraud: An overview
Thousands of GenAI tools are instantly available. In criminal hands, the immense power of AI to create hyper-realistic images, video and audio can disguise digital appearance. Hugely popular face swap apps have escalated the risk of fake personas and fraud, making it harder to trust who we see online.
These rapid developments have exposed vulnerabilities in remote identity proofing systems which are designed to test for a genuine ID and the authentic presence of the owner. In this more dangerous world, however, advanced identity proofing technologies have evolved rapidly to answer two essential security questions:
- Can I trust that the person I see on the screen is real?
- Can I trust that this ID is not fake?
Protect against fraud with FaceMatch
Can I trust that the person I see on the screen is real?
Biometric authentication has become a cornerstone of remote onboarding. Whether using facial recognition, fingerprints or voice biometrics, these technologies help organisations verify that a customer is who they claim to be.
In facial recognition workflows, a customer is typically asked to capture a selfie. The system analyses and maps key facial features to create a unique biometric template, often called a faceprint. This faceprint is then compared with the photograph on the customer's identity document to generate a match score.
But ever since remote biometric authentication took the world beyond passwords and PIN codes, there have been attempts to undermine biometric security.
Wherever face, fingerprints or voice are used as a unique identifier, identity fraud will follow in the hope of bypassing onboarding safeguards to gain access.
Identity proofing systems must detect and defend against this, and as these attacks become more sophisticated with deepfake media, so too must the defences against them.
One such example is a presentation attack.
What is a presentation attack?
A presentation attack targets biometric authentication systems by presenting fake biometric data, purporting to be the victim of the imposter.
In facial recognition, this biometric security threat might come from the presentation of deepfake video or images to the camera, or even a mask. In a presentation attack, however, even digital deepfakes and manipulations are physically 'presented' to the camera on a mobile or laptop screen.
Liveness detection
One method of spoof-proofing biometric authentication is liveness detection.
Passive liveness detection checks a face is real and live without requiring us to turn our head, smile or blink into a device camera. Instead, this technology spots subtle indicators like skin texture, blood flow under the skin and natural lighting to confirm we are genuinely present and not a deepfake image or screen replay.
This process is faster and requires less processing power than active liveness detection as it requires a single image not a video feed to provide liveness assurance to the highest ISO standard for liveness detection.
“As the power to manipulate and imitate biometric markers increases, advanced identity proofing systems continue to build defences against deepfakes.”
Deepfake video detection
As the power to manipulate and imitate biometric markers increases, advanced identity proofing systems continue to build defences against deepfakes.
What are deepfakes?
Deepfakes are rendered digital media that convincingly mimic real people. With the growth in GenAI technology, Generative Adversarial Networks (GANs) that can create hyper-realistic but entirely fake images and video have proliferated and elevated the security threat for identity-proofing systems.
Popular face-swapping apps, like Deep-Live-Cam, Reface and Magic Hour offer out-of-the-box solutions to generate passable facial deepfakes that can be injected into an unprotected biometric authentication process.
Deepfakes are increasingly used to attack biometric security. The most common deepfake technique is face swapping; a simple and highly accessible spoof that can insert the face of any real person into an image or video.
These deepfakes can be 'injected' into unprotected identity proofing systems using a hardware or software hack that bypasses the principal device camera. This is known as a ‘video injection attack.’
What is a video injection attack?
Unlike presentation attacks which involve 'presenting' manipulated video to the device camera from a second screen, injection attacks set out to bypass the camera completely by ‘injecting’ deepfake media directly into the authentication process.
The attack involves hacking into the hardware or software of the device camera used for biometric authentication and replacing those signals with deepfake footage delivered from an external or virtual camera.
There are two ways that advanced identity proofing systems protect against video injection attacks using deepfake media.
Deepfake media analysis
Deepfake media analysis can assess image or video frames for telltale signs of impersonation. Subtle clues in pixel structure and lighting, or synchronisation failure in lip movement and mouth shape can all reveal evidence of face-swapping apps.
Accelerated by machine learning, deepfake media analysis offers a powerful defence against imposters launching video injection attacks on identity proofing systems.
“Advanced biometric security analyses camera hardware and software for sign of non-standard cameras or system code that would indicate a ‘man-in-the-middle’ attack.”
Injection attack detection
Injection attack detection monitors the integrity of the camera feed used in the biometric authentication process.
This advanced biometric security analyses camera hardware and software for signs of non-standard cameras or system code modifications that would indicate a ‘man-in-the-middle’ attack, ensuring the identity proofing process remains secure.
There are several ISO standards for security in information management systems that cover the performance of video injection attack detection.
To protect your business against deepfake fraud, get in touch with our team.
Can I trust that this ID is not fake?
This is another essential security question for identity proofing systems.
The dark web is a marketplace for identity fraud. Counterfeiting tutorials, software, deepfake document templates and even mail-order ID services are available. This easy access means even low-skilled imposters can fabricate high-tech documents to commit identity fraud.
Deepfake IDs on the dark web
GenAI is also driving counterfeit identity documents and an underground network of fake ID factories on the dark web. Hyper-realistic images and high-quality printers have made homemade Photoshop renderings a thing of the past and created a niche industry serving anyone intent on committing identity fraud.
Tamper detection
Digital and physical document tampering and counterfeiting are not new. The spectrum of cheapfakes to deepfakes contains a wide diversity from simple to sophisticated manipulation to match stolen or synthetic identities.
Secure identity proofing systems must include detection techniques that pick up suspicious anomalies, inconsistencies or absent security features.
Face swapping
Digital or physical substitution of the original photo and face displayed on the identity document is common in identity fraud. Pixel-by-pixel checks for signs of tampering or inconsistency between face and identity data are essential.
Document tamper detection and fraud protection
Text tampering
Imposters will often alter identity data, such as, the name, date of birth or a document number to match their story. Secure tamper detection can spot inconsistencies in font, spacing, alignment, patterns and security features.
Document presence
Like biometric presentation attacks, document tampering detection must determine whether an ID is genuinely present. Picture quality, resolution and texture are all indicators of the absence of an original and evidence of digital or printed fakes.
Deepfake ID detection
Just as artificial intelligence has advanced deepfake fraud it has also advanced identity fraud protection.
Smart identity proofing systems are increasingly building a multi-layered identity fraud defence against deepfake documents, combining biometric authentication with AI-powered data mining to detect ID anomalies and other fraud signals.
Make the right customer decisions in real time
Identity intelligence
Fake documents may appear genuine but does the document data match up? Criminals expect to encounter siloed identity security, so a global network of identity intelligence increases safeguards against fake documents.
Identity intelligence networks, like GBG Trust, securely combine millions of identity data records, applying expert pattern matching, data mining and machine learning to trust-test ID data and its application history before onboarding a new customer.
Tapping into a global data intelligence network can reveal useful insights without breaking data privacy. Document number, issue and expiry date, name, address and other data can be tested for authenticity and consistent appearance in combination.
The Big Bad Wolf of deepfakes has opened new frontiers in the fight against identity fraud. Advanced identity proofing technologies are fighting back, however, with enhanced defences against counterfeit faces and fake IDs combined with smart use of identity data intelligence.
Why choose GBG for deepfake fraud protection
In a world where generative AI can manufacture entire synthetic identities in seconds, your onboarding process needs more than a simple check. At GBG, a digital identity company with 30+ years of experience in the identity verification space, we provide a multi-layered defence that helps stop deepfake fraud before it progresses further down the onboarding funnel.
Here’s why businesses partner with GBG to protect against identity theft and AI fraud:
Secure your camera feed with injection attack detection
As explained above, criminals often try to bypass the physical camera altogether using a video injection attack. Instead of showing a screen to a camera, they use software to feed a pre-recorded deepfake directly into the onboarding stream. This is a highly effective way to commit remote identity spoofing because it avoids the low-resolution issues of a typical presentation attack.
We defend against this by monitoring the integrity of the hardware and software link during the onboarding process. Our system checks for non-standard virtual cameras, emulators, or system code modifications. By ensuring the video is coming from a genuine physical lens, we help stop deepfake attempts before they even need to be analysed for liveness.
Authenticate presence with passive liveness and forgery detection
Once the camera stream is secured, the next challenge is verifying that the person is real. Many legacy systems use active liveness, which requires users to blink or turn their head, but AI video forgery detection for onboarding has shown that deepfakes can now mimic these movements quite convincingly.
We use passive liveness technology to identify the biological markers that AI can't yet perfect. Our system analyses a single high-resolution image for subtle indicators like skin elasticity and how natural light reflects off a real human eye. This pixel-by-pixel media analysis detects the artifacts common in face swap fraud, which helps provide a faster and more secure user experience than traditional video-based checks.
Block synthetic personas using the GBG trust network
Deepfakes are often just one part of a synthetic identity. While an AI-generated face might pass a basic biometric check, the data behind the identity often carries hidden fraud signals. To prevent onboarding fraud effectively, it's best to combine biometric analysis with global data intelligence.
By tapping into the GBG Trust network, for example, you can see beyond the screen: our network securely combines millions of identity records to find patterns that a single check would miss.
If a deepfake ID document appears genuine but has been used in a high velocity of applications across different industries in a short window, for instance, our system flags it as a high-risk anomaly.
This cross-referencing of biometric results with real-world data can help ensure you are onboarding genuine customers.
Protect against deepfake fraud with GBG
The rise of hyper-realistic digital forgery doesn't have to mean a rise in your fraud rates. While face swap apps and video injection kits have made it easier for criminals to attempt identity theft, the technology used to detect these threats has evolved just as quickly.
By combining hardware-level security with passive biometric analysis and a global intelligence network, you can build a defensive perimeter that stops deepfake fraud without adding friction for your genuine customers.
The goal is to move from a place of uncertainty to a position where you can accurately trust that the person on the screen is real and their documents are authentic.
If you’re ready to strengthen your defences against remote identity spoofing, get in touch with our team today.
Frequently Asked Questions
How do deepfake scams bypass identity verification?
Many deepfake scams target remote onboarding processes by attempting to impersonate a legitimate customer. Fraudsters may use face-swapping technology, AI-generated images, voice clone technology or synthetic videos created using advanced AI models to trick biometric authentication systems. Advanced identity proofing solutions help detect these attacks through liveness detection, deepfake media analysis and identity document verification.
What is a video injection attack?
A video injection attack occurs when a fraudster bypasses the device camera and feeds manipulated or AI-generated content directly into the identity verification process. Unlike a presentation attack, which displays a deepfake on a screen, injection attacks use software, virtual cameras or modified systems to deliver the fraudulent video stream. These attacks are becoming a growing component of sophisticated cyberattacks targeting remote onboarding systems.
Can passive liveness detection stop deepfake fraud?
Passive liveness detection is one of the most effective tools for preventing deepfake fraud. Rather than asking users to blink, smile or turn their head, it analyses subtle indicators such as skin texture and natural lighting. Combined with machine learning algorithms, passive liveness detection can help identify manipulated media, presentation attacks and other forms of biometric spoofing.
Can deepfakes be used for account takeover fraud?
Yes. While deepfakes are often associated with onboarding fraud, they can also contribute to account takeover attempts. Criminals may use deepfake videos, stolen credentials or synthetic identities to impersonate legitimate customers during account recovery or re-verification processes. Strong biometric verification and liveness detection help reduce this risk.
How do identity proofing systems detect fake IDs?
Identity proofing systems use a combination of document authentication, tamper detection and identity intelligence to identify fraudulent documents. They analyse security features, text consistency, image quality and document integrity to detect signs of manipulation. These security measures help organisations identify counterfeit documents, synthetic identities and other forms of identity fraud.
