Protect Your Business from Deepfakes with Dynamic Liveness Detection

A face swap is a particularly malicious and sophisticated form of deepfake cues from a source video (under the control of the threat actor) and a targeted face is realistically grafted onto another using AI technology. Face swaps combine existing images and videos in order to superimpose another identity over the original feed in real time. 

As this sample demonstrates, dangerous tools are now available that make crafting hyper-realistic face swaps surprisingly easy. While the technology behind these tools is advanced, they are often easy to use with a “plug-and-play” approach – which means even non-tech-savvy attackers can generate face swaps and other types of synthetic media with minimal coding skills needed, increasing attack accessibility and frequency. 

iProov has shared valuable in-production data to prove this. We uncovered a staggering 704% increase in face swap attacks across 2023 in our latest threat intelligence report. 

Our analysts continue to track over 110 different face swap tools and repositories, such as SwapFace, DeepFaceLive, and Swapstream as they rapidly evolve.

Ultimately, bad actors can now create deepfakes that are increasingly realistic in less time than ever before. The risk posed by deepfakes is significant, as they can undermine trust in digital media and facilitate identity theft and other cybercrimes.

Deepfakes and other synthetic media pose a significant threat to all remote verification methods, including video conferencing products. Bad actors can potentially:

• Physically present a deepfake video on a digital device to bypass basic liveness checks.
• Digitally inject deepfake videos or images into the remote onboarding/authentication process.
• Use synthetic media along with forged identity documents to impersonate legitimate individuals – or create new, fictitious identities from real and fake information with seemingly legitimate documentation.

This can allow bad actors to bypass your onboarding and authentication security measures and gain unauthorized access to sensitive systems or accounts. This can lead to identity theft, financial fraud, system compromises, and crippling losses for impacted organizations.

Deepfakes become particularly dangerous when deployed in digitally injected attacks, as they can be scaled very quickly to cause significant damage. Digital injection attacks are sophisticated, highly scalable, and replicable cyberattacks that are injected into a data stream or bypass the device’s camera entirely. Ultimately, these attacks and the use of deepfakes is skyrocketing:

• iProov witnessed a 255% increase in digital injection attacks against mobile web platforms from H1 to H2 2023.
• iProov recorded a 353% increase in threat actors using emulators, a form of video injection attack, from H1 to H2 2023.

Deepfake scams are becoming increasingly sophisticated and consequential, as evidenced by a recent incident where a finance professional in Hong Kong was deceived by a fraudulent deepfake video call into transferring a staggering $25 million.

Organizations of all sizes must urgently implement robust identity authentication measures – the financial dangers are all too real:

• Organizations spent between $5 million and $25 million in operational costs on investigating, combatting, or rectifying financial crime in 2023 – and many expect this to rise further still.
• Recent statistics reveal that 26% of smaller and 38% of large organizations experienced deepfake fraud in the past year, with losses reaching up to $480,000.
• One-third of businesses report video and audio deepfake attacks as of April 2023

iProov’s multilayered defense effectively distinguishes live users from deepfake videos during onboarding and authentication. Our unique passive challenge-response mechanism leverages patented flashmark technology to illuminate the user’s face with a random color sequence, analyzing light reflections to confirm liveness and thwart sophisticated digital injection and deepfake attacks.

Criminal adoption of emulators, virtual cameras, and spoofing metadata techniques means organizations can no longer rely upon device data, widening the attack surface for threat actors. iProov also utilizes state-of-the-art injection detection capabilities to combat this with robust injection and metadata detection capabilities in place; our cloud-based delivery method combined with continuous threat monitoring means that security updates can be applied rapidly (as opposed to on-premise or device-based solutions, which are largely static as they become obsolete the moment a threat actor is successful).

Multi-frame liveness with cloud deployment and a dedicated Security Operations Center (SOC) is vital to detecting and preventing generative AI threats like deepfakes on an ongoing basis. This is iProov’s specialism: providing the industry’s most robust identity assurance to protect against novel and evolving synthetic media threats targeting identity processes.

In the face of rapidly evolving deepfake threats, iProov provides the industry’s most robust identity assurance solution to protect your business. Our patented technologies, like Flashmark™, ensure only legitimate users can access your systems while delivering a seamless experience. That’s why we’re the partner of choice for secure remote identity verification among global leaders like the U.S. Department of Homeland Security, ING, the UK Home Office, and many others.

iProov also recently became the first biometric vendor to achieve the FIDO Alliance’s certification for Face Biometric Identity Verification in a rigorous process conducted by Ingenium Biometrics. The certification followed no less than 10,000 tests, and iProov’s Dynamic Liveness achieved a flawless success record with no attacks passing the system. These results set a new benchmark for accuracy and reliability, achieving a 0% Imposter Attack Presentation Accept Rate (IAPAR), and a 0.14% False Reject Rate (FRR).

Don’t leave your organization vulnerable to crippling financial losses and reputational damage from deepfake fraud. Safeguard your identity processes with iProov’s cutting-edge synthetic media defenses trusted by global leaders worldwide. Book your demo today and learn how iProov can secure your business against these threats.