Identity fraud, increasingly fueled by artificial intelligence (AI), is outpacing traditional security measures. A new report by AU10TIX reveals how fraudsters are exploiting deepfake technology to bypass conventional identity verification systems, posing serious challenges for organizations relying on biometric authentication.

AI-generated synthetic selfies, which mimic real facial features with high accuracy, are now a key weapon in the arsenal of fraudsters. These hyper-realistic images can easily bypass systems that rely on traditional KYC (Know Your Customer) methods, which have long depended on facial matching technology.

Historically, biometric systems that use selfies were considered secure, as faking a convincing facial image was out of reach for most criminals. However, deepfake technology has made this tactic more accessible and effective. AU10TIX highlights that 100% synthetic selfies are particularly troubling, as they allow fraudsters to create entirely new identities that appear legitimate.

As digital platforms continue to face this growing threat, sectors such as social media, payments, and cryptocurrency are experiencing an unprecedented rise in AI-driven fraud attacks. The AU10TIX Global Identity Fraud Report, which analyzed millions of transactions between July and September 2024, found that automated bot attacks on social media platforms surged significantly, accounting for 28% of all fraud attempts during this period.

The rise of synthetic identities goes beyond deepfake selfies. Fraudsters are now leveraging AI to create entire fake profiles by manipulating a single ID template. This "image template" attack allows fraudsters to quickly generate multiple unique identities, each with randomized features and personal identifiers, making it easier to establish fraudulent accounts across various platforms.

Despite these growing challenges, the payments sector has seen a reduction in direct fraud attacks, dropping from 52% in Q2 to 39% in Q3 of 2024. This decline is attributed to increased regulatory oversight and law enforcement efforts. However, fraudsters, deterred by heightened security measures in traditional payment systems, have redirected their efforts toward the crypto market, which accounted for 31% of all fraud attempts in Q3.

To combat these AI-driven threats, AU10TIX recommends that businesses move beyond traditional document-based verification methods. Instead, they suggest adopting behavior-based detection systems that can analyze user activity patterns, such as login routines and traffic sources. This approach enables organizations to identify unusual behaviors that may indicate fraudulent activity.

Dan Yerushalmi, CEO of AU10TIX, emphasized that fraudsters are evolving rapidly, exploiting AI to scale their operations. "While companies are using AI to bolster security, criminals are weaponizing the same technology to create synthetic selfies and fake documents, making detection almost impossible," he stated.

TECHRADAR