Back to Blog

I’ve been developing identity fraud detection technology solutions for almost 35 years. With that background, I feel confident predicting that the identity fraud industry is at an inflection point. I believe 2022 will be a defining year in the identity fraud detection fight, but unfortunately, the “bad guys” have a leg up in technology innovation. 

Over the past few weeks, I’ve been posting a series of blogs with my thoughts on the five most game-changing identity fraud developments in 2022. These are not intended to be profound predictions. Rather, these developments have been building for some time, in numerous ways. In this series of posts, I’ve been examining how the battle against the bad guys is evolving and how the good guys (like you) can fight back.

What are Deepfakes and How Are They Created?

Deepfakes are a certain type of identity fraudsters’ best friend and most devious tools. They use sophisticated AI technology to create images of fake events or people. They can map fake faces on bodies, put false words in their mouths, and cause all kinds of harmful mischief. And they are almost impossible for legacy identity verification software to detect.

Deepfakes Are Becoming Mainstream

Deepfake technologies are getting better and becoming downright mainstream. In October of 2021, Adobe even released a limited technology of their own, called Project Morpheus, and Meta (née Facebook) continues to invest heavily in research to guard against future threats.

So far, the research is mostly focused on finding patterns within the deepfakes by reverse-engineering the methods used to create deepfake imagery. This raises issues in fraud detection rates because the fraud models can’t detect the patterns until they see a high volume of the same pattern and bad actors can easily manipulate patterns to limit detection.

Deepfakes Can Maneuver Around Liveness Detection

For instance, the winning algorithm in Meta/Facebook’s most recent deepfake detection competition was only able to detect about 65% of the deepfakes it analyzed.

Fraud Trend to Watch For: For the unprepared, deepfakes are already able to maneuver around standard document validation and “liveness” detection. In 2022, they will get astronomically better and more dangerous.

The Challenge of Detecting Deepfake Fraud Patterns

At Socure, we have seen an increasing pattern over the last year of what we call “impersonation” fraud attempts. Essentially, the PII provided on a document is 100% legitimate. However, the headshot in the document and the selfie picture may not match the true identity.

This kind of deepfake can only be detected if a capture app in an SDK is used in the document identification process, which mitigates the deepfake images. Socure has developed proprietary algorithms to detect this fraud type, but the technology didn’t come easily. It required unique technology innovation and stewardship from some of the best fraud detection minds I’ve ever met.

How to Combat Deepfakes & Other Digital Identity Fraud

If you are automating verifications using document validation and identity verification services, please ensure that your solution provider has done the hard work to get ahead of bad actors who are putting in long nights to overcome your defenses. Deepfakes, even bad ones, are difficult to detect unless the camera on the phone is actively in use via a SDK.

Want to learn more about how different identity document verification services detect and defend against deep fakes? Download analyst Aite-Novarica Group’s ID Document Verification Impact Report for an in-depth analysis of different solutions and providers.

This is the fourth of five fraud trends I’ve posted; get the full list (plus one bonus prediction) in my new white paper, Six Predictions for Battling Fraud.

Socure
Posted by

Socure

Socure

Socure is the leading platform for digital identity verification and trust. Its predictive analytics platform applies artificial intelligence and machine learning techniques with trusted online/offline data intelligence from email, phone, address, IP, device, velocity, and the broader internet to verify identities in real time.