Presentation attacks and deepfakes pose more than just technological threats — they challenge the very foundation of trust that powers every online interaction. Thankfully, IDnow remains dedicated to offering the industry’s most dynamic defense system against AI-generated attacks.
Although face verification has become an affordable and efficient way to authenticate user identities, it remains a vulnerable part of the identity verification process and highly susceptible to fraud attacks.
Businesses that wish to protect themselves – and their customers – from the increasingly tech-savvy fraudster must ensure they leverage the latest technologies, including liveness detection, to stay one step ahead. If they don’t, they run the risk of joining the growing list of European companies that lose millions in attacks every year.
IDnow continually enhances its face verification and liveness detection capabilities — not as isolated features, but as integral components of our comprehensive trust ecosystem.
Interested in how IDnow has been working to mitigate skin tone bias in face verification systems? Read our blog, ‘A synthetic solution? Facing up to identity verification bias.’
Fraud Prevention & Security
Stop Fraud before it starts.
Protect every interaction with advanced biometrics, AI-driven detection, and real-time risk signals—so you stay one step ahead of fraudsters and build lasting trust.
Cut fraud losses, reduce manual reviews, and protect your brand reputation—at scale.
Regulatory Compliance
Turn compliance into confidence.
Navigate complex regulations with ease—from KYC and AML, to eIDAS 2.0, with certified solutions, built-in audit trails, and qualified trust services that scale with you.
Reduce regulatory risk, avoid costly penalties, and accelerate go-to-market in new regions.
Customer Experience & Conversions
Frictionless journeys that drive results.
Deliver intuitive, secure, and inclusive customer experiences—powered by advanced AI and tailored to real-world user expectations.
Boost conversion rates, build brand loyalty, and reduce abandonment.
Operational Efficiency & Digitization
Work smarter, not harder.
Streamline your processes with automation, intelligent document handling, and centralized identity management—all designed to reduce complexity and eliminate inefficiencies.
Save time, lower costs, and focus on driving innovation and growth.
Scalability & Flexibility
Built to grow with you.
Adapt seamlessly to changing demands with modular solutions, flexible integrations, and global scalability—designed to fit your business, no matter the size or market.
Handle peak volumes effortlessly, expand into new regions faster, and stay future-ready.
What is liveness detection?
Liveness detection leverages biometric characteristics, such as facial features or fingerprints, to detect whether the presented subject is a living person. In the case of remote face verification, it ensures the captured digital image features a real face.
Liveness detection also flags so-called ‘unreal faces’, which fraudsters present during the selfie submission stage of face verification. In these presentation attacks, fraudsters present printed photos, videos on monitors, or even t-shirts or personalized hygienic masks in front of the recording device.
Liveness detection should also protect against new attack vectors, including those that use invisible noise and patterns to camouflage the attack. The attacker may also choose to exploit capture conditions, such as backlighting, to make detection more difficult.
While presentation attacks have been known to unlock mobile devices, they also pose significant risk during the face verification steps of identity verification and KYC processes. It is for this reason that businesses must ensure they have a robust identity verification process that includes liveness detection, presentation attack detection (PAD), injection detection, and deepfake detection.
How does presentation attack detection (PAD) work?
Thankfully, presentation attacks do leave clues that can be identified by liveness experts, such as moiré patterns (interference patterns that can be subtle and take many forms, such as color alteration, face deformation, or unnatural motion) that appear when recording a screen.
Well-crafted attacks can be difficult to identify by the human eye, but thanks to the rise of deep learning-based AI, PAD is becoming more effective. Trained on massive volumes of data, those models can detect subtle clues and anomalies. Some can point out invisible patterns, while others can detect unusual textures in image patches. Researchers have also managed to detect infinitesimal face color variations due to blood pulsation.
PAD has improved dramatically in both usage and accuracy over the years and remains an incredibly important area for online fraud prevention. To keep up to date with industry developments and reinforce our detection capabilities, IDnow regularly participates in initiatives like the SOTERIA project and research papers like the ‘A Novel and Responsible Dataset for Face Presentation Attack Detection on Mobile Devices,’ which was presented at the IJCB 2024 conference.
Deepfakes and the double edge sword of AI.
While artificial intelligence has enabled new fraud detection capabilities, it has also proven a powerful tool for attacking KYC systems using deepfakes (AI-generated or heavily modified faces).
In the not-too-distant past, the creation of deepfakes was only able to be done by experts, but now, thanks to easy-to-use multiple websites and apps, even those with little technological expertise can generate deepfakes in just a few seconds.
There are three main categories of deepfakes:
- Generated faces: Using Generative AI, the attacker creates a face to resemble the target or creates a whole new fake identity.
- Face reenactment: The attacker acquires a picture of a target’s face, typically from social media, and uses AI to animate the image; adding motion to a static picture to create a fake video from a single photo.
- Face swap: Here, the attacker acquires a picture of the target’s face and performs a capture of themself. They then upload both images to a deepfake tool that will extract the biometric traits of the target and modify the attacker’s face in a new capture that resembles the target.
Once generated, fraudsters inject deepfakes into the KYC process through ‘virtual cameras,’ where images are presented as regular selfies. Sophisticated deepfakes mimic actual capture sessions, with natural motion, lighting and texture that does not deform the face. As such, deepfakes can bypass both face verification and PAD, which makes the business case for implementing robust liveness detection even more compelling.
To address the complexity of threats posed by deepfakes, we combine our proprietary AI-based detection technologies, including liveness detection, with solutions from our trusted partners. This hybrid approach enables us to offer a powerful and adaptive fraud prevention system that complies with European regulations, without compromising the user experience and appetite for smooth and secure onboarding experiences.
How IDnow’s liveness detection works.
Our liveness detection technology features three separate checks:
- Presentation attack detection to flag when living faces are replaced by other media, such as pictures or masks.
- Injection attack detection to prevent the injection of harmful code or commands into an application, database, or other system.
- Deepfake detection to detect face alteration crafted by advanced AI.
Facing up to the future of liveness attacks.
As the ability to detect deepfakes improves, we can expect new types of attacks to emerge, especially adversarial attacks, which aim to exploit new-found weaknesses in AI models.
By seamlessly integrating our proprietary AI-driven liveness detection with complementary technologies from our trusted partner network, we’ve created a dynamic defense system that anticipates and neutralizes emerging threats before they can compromise security.
Plus, our commitment extends beyond our current capabilities. We’ve positioned our platform to evolve continuously, ensuring that as deepfake technologies advance, our detection and prevention mechanisms remain at the forefront of innovation. In doing so, we enable businesses to build lasting customer relationships founded on unshakeable trust, regardless of how the threat landscape transforms.
In this new era where digital identity verification faces unprecedented challenges, IDnow stands as the trusted European leader in identity verification technology, empowering businesses to turn potential vulnerabilities into competitive advantages through intelligent, adaptive and continuous trust management.
By
Nathan Ramoly
Research Scientist, Biometrics Team
Connect with Nathan on LinkedIn