Biometric injection attacks, AI-powered fake IDs move the fraud prevention goalposts

Biometrics has advanced as a field to the extent that matching selfies and detecting simplistic spoofs are largely considered solved problems, yet fraud rates continue to rise. The top stories of the week on *Biometric Update *are developments from the new frontier in identity protection, where injection attacks delivering deepfakes and fakes made with generative AI are pitted against the most sophisticated liveness detection and document validation technologies.

A couple of large American technology providers are testing the limits of public tolerance of video surveillance in everyday life, while EU and the MOSIP stakeholders consider the finer details of implementing population-scale digital identity systems.

Fighting fakes

Biometric injection attacks have become the wild frontier of identity security, Chris Allgrove of Ingenium Biometric Laboratories explained in an EAB lunch talk this week. Injection attack detection technologies and standards-based IAD testing are still maturing, but will have to grow up fast to deal with the fraud threat deepfakes already pose.

The proliferation of deepfakes and fraudulent content are a growing concern as America prepares for elections later this year. Even hyper-local campaigns to reduce voter turnout could impact results, and Reality Defender’s Ben Colman tells *Biometric Update *we should expect more deepfakes with each election.

FaceTec’s Jay Meier expounds on the importance of biometric liveness detection to the digital wallet infrastructure projects currently underway in the Biometric Update podcast. Government, businesses and people are asking digital wallets to do a lot for them, they need to be able to trust who is controlling them.

Entrust is working on upgrading the accuracy of its face biometrics, and hails the progress shown in its latest results in the NIST FRTE. The new version of Entrust’s Onfido algorithm showed dramatic improvement across several different one-to-one matching scenarios.

A team from Idemia Public Security including prominent authentication and cryptography expert Teresa Wu has been granted a patent for a visible digital seal technology. The cryptographic graphic would be printed onto a document to enable its authentication.

India-based identity verification provider IDfy raised $52 million to expand its operations, including into international markets. The company plans to strengthen its TrustStack digital onboarding and risk mitigation platform, and acquisitions may be ahead, too.

DHS

An RFI from the U.S Department of Homeland Security and accompanying documents show the extent of plans to modernize, consolidate and scale its biometric matching infrastructure. DHS seeks a single software platform to handle requests from CBP, ICE, the TSA, USCIS, the Secret Service and its headquarters.

The results of the latest phase of the Remote Identity Validation Rally held by DHS S&T and the MdTF are in, and they aren’t pretty. RIVR phase two covers identity document validation, with the seven vendors chosen as state-of-the-art ranging from qualified success to abysmal failure.

The paperwork for U.S. Customs and Border Protection’s integration of Clearview AI’s facial recognition leaves unknown at this time whether the required privacy analysis has been completed yet. Depending on the details of Clearview’s work with CBP, either a Privacy Threshold Analysis or an independent assessment of the company’s security and privacy controls for security authorization is required.

Surveillance statements

U.S. privacy group EPIC has asked the FTC to investigate Meta’s “smart glasses” and their native facial recognition capability, which it hoped to sneak by civil society while it’s backs were turned. The biometric wearables were also kicked out of court and nominated as a costly liability risk.

Ring’s ambitions of a network combining residential surveillance with license plate tracking through a partnership with Flock may be on ice, but the Search Party’s just getting started. Leaked internal communications suggest the company has hopes of using the opt-out feature to “zero out crime in neighborhoods.”

Making digital identity work

The ambition and technology behind the EU’s Digital Identity Wallets are sound, Signicat VP of Digital Identity and Regulation Jon Ølnes writes in a guest post for Biometric Update. But EUDI Wallets will fail, partially or completely, if four distinct risks are not addressed.

Practical lessons learned during brownfield implementations of MOSIP have started to roll in, with Uganda’s migration complete and Sierra Leone in progress. MOSIP Connect 2026 provided a forum for those insights to be shared as Nigeria advances with the largest brownfield implementation yet.

Please let us know if you spot any podcasts, online presentations of other content we should share with those in biometrics and digital identity, either in the comments below or through social media.

Article Topics

biometric liveness detection | biometrics | digital ID | digital identity | week in review