Deepfakes and Fraud: Why Facial Recognition Alone Isn't Enough

Facial verification has become a core part of digital onboarding across industries, helping businesses verify identity quickly and securely. 72% of global consumers prefer using facial verification for secure online transactions, and it’s easy to see why: the process is fast, familiar, and frictionless.

Yet in business-to-business and merchant onboarding, where the financial and reputational stakes are far higher, this reliance on facial recognition introduces serious vulnerabilities. Deepfake attempts now occur every five minutes, and digital document forgeries have surged 244% year-on-year, trends that expose how rapidly fraud tactics are evolving.

The consequences are already being felt. Identity fraud costs businesses an average of $7 million each year, with attackers exploiting weak points in biometric and verification workflows. Fraudsters are adapting faster than the technology itself, using deepfakes, spoofing, and injection attacks to bypass biometric checks entirely.

For risk and compliance teams, the message is clear: traditional facial recognition alone is no longer enough to protect onboarding from sophisticated, AI-driven fraud.

‍

Key Takeaways

The sophistication of fraud attacks targeting facial verification has reached unprecedented levels. Here's what businesses need to know:

• Deepfake technology and AI-driven face-swapping attacks jumped 704% between H1 and H2 2023, making traditional facial recognition increasingly vulnerable.
• Fraudsters now combine presentation attacks—like masks and photos—with digital injection attacks to systematically bypass verification systems.
• Liveness detection helps detect fraud by confirming real users, but true onboarding security requires layered defence with monitoring, compliance, and additional due diligence checks.  
• Comprehensive anti-fraud onboarding solutions must address both physical spoofing and digital bypass techniques.

‍

What Is Deepfake Onboarding Fraud?

Deepfakes are synthetic media generated using artificial intelligence and machine learning models, particularly Generative Adversarial Networks. Fraudsters use these tools to produce highly realistic videos, images, and audio that mimic real people with near-perfect accuracy. 

During merchant onboarding, traditional manual verification workflows often fail to catch deepfakes. Human reviewers cannot reliably spot the tiny details that give away AI-generated media, such as unnatural facial movements or altered textures. This makes it easier for fraudsters to slip through identity checks and open the door to onboarding fraud.

The numbers tell the story. AI-driven crimes are surging, with face-swap attacks increasing 704% in just six months. Real-time fraud is quickly becoming the norm, and fraudsters are capitalising on it to infiltrate organizations more easily than ever before. 

Deepfake onboarding fraud creates serious risks for businesses verifying merchant or business identities remotely. Financial institutions, payment processors, and other regulated sectors face mounting pressure as criminals exploit weaknesses in digital KYC and KYB processes. Using deepfake technology, bad actors impersonate legitimate customers, open fraudulent accounts, and conduct unauthorised transactions—all while appearing to pass standard facial verification checks.

Beyond face-swapping, fraudsters employ various spoofing techniques during onboarding. These methods range from simple printed photos to sophisticated 3D-printed masks. Some attackers use pre-recorded videos to simulate live presence, while others manipulate their appearance using digital filters and virtual camera software. Each tactic targets different gaps in the verification process, which makes strong anti-spoofing measures essential for risk teams to stay ahead. 

‍

Attackers Go Beyond Deepfakes to Bypass Facial Recognition

While deepfakes represent a growing threat, fraudsters use numerous other methods to bypass facial recognition during onboarding.

Injection attacks occur when fraudsters feed fabricated biometric data directly into an application or API, rather than using a genuine camera feed. These attacks bypass liveness detection by manipulating the data stream before it reaches the verification system.Attackers use tools such as virtual camera software, modified app modules, or intercepted data streams to make fake inputs look authentic.

These attacks succeed most often when onboarding platforms lack endpoint protection, source validation, or device integrity checks. Strong defenses combine biometric protections with additional data sources, including credit checks, watchlist screenings, and official third-party records such as government registers. This layered approach gives risk teams greater confidence in verifying identities and stopping synthetic fraud.

Relay attacks present another challenge. Here, a real person performs the required liveness actions, but the interaction is relayed remotely from a different location to trick the biometric system. A fraudster might socially engineer a victim into a video call and secretly route that video to the liveness check.

The danger of relay attacks is that they show how easily facial recognition can be misused when it is the only safeguard in place. Compliance teams may see a genuine user completing the checks, yet it is actually approving a fraudster operating from elsewhere. For merchant onboarding, this creates a direct route to fraudulent account creation, account takeover, and regulatory breaches. This highlights why facial recognition alone is not enough, and why risk teams must rely on real-time fraud detection and multiple data sources, such as credit checks, watchlist screenings, and government registers, to verify identities with confidence. 

App repackaging and virtual cameras allow fraudsters to modify legitimate applications, inserting tools that manipulate video streams before they reach verification systems. Virtual camera applications replace real camera feeds with pre-recorded videos or digitally altered content, effectively presenting a deepfake while appearing to use the device's actual camera.

Facial recognition systems are only as reliable as their weakest link. Each layer needs to be secured to prevent spoofing, relay attacks, or tampering.

When Facial Recognition Is Not Enough: Why Businesses Need Anti-Fraud Onboarding Solutions

Liveness detection is a useful starting point in stopping fraud, but on its own it is still not enough. Deepfakes, relay attacks, injection attacks, and app tampering all show how facial recognition can be bypassed if it is the only line of defense.

This is why businesses need onboarding strategies that extend beyond facial biometrics. The most effective solutions combine liveness detection and facial recognition with automated AML and compliance checks. With automated workflows and configurable rules, digital onboarding processes can merge identity verification, credit and risk checks, sanctions screening, and official registry data into a single seamless flow. This ensures every applicant is screened consistently, without relying on manual reviews on facial recognition alone.

Automated underwriting and credit risk scoring further safeguard merchant onboarding from fraud. Applications can be evaluated in real time using configurable rules that automatically approve or reject based on defined risk thresholds. Low-risk applicants move through quickly and securely, while only anomalies or potential fraud cases are routed to fraud, risk, or compliance teams for review — a true management-by-exception approach that improves both speed and accuracy.

By using multi-layer defence strategies that bring together liveness detection, automated compliance, and real-time risk scoring, businesses can overcome the weaknesses of relying on facial recognition alone. This layered approach provides stronger protection against fraud and ensures more secure merchant onboarding.

AI solutions like MVSI’s OnBoard AIQ^TM enhancement are now strengthening this layered approach to fraud prevention. Built on the OnBoard platform’s unified data and workflows, OnBoard AIQ^TM analyzes applications, documents, and digital footprints in real time to flag anomalies or inconsistencies that may indicate fraudulent activity. By embedding intelligence directly within the onboarding process, these solutions help risk and compliance teams detect potential threats earlier and adapt faster to new fraud patterns.

For a deeper look at how modern onboarding strategies improve both compliance and customer experience, download our free ebook Breaking Bottlenecks: Driving Growth Through Faster Merchant Onboarding.

‍
Securing Your Business Against Facial Recognition Fraud

Implementing comprehensive anti-fraud onboarding requires careful attention to security protocols. Critical questions include: Does the solution employ end-to-end encryption? Have independent audits proven resilience against spoofing?

Fraud prevention is not a single event but a constant battle. Real-time monitoring of user behavior and unusual anomalies helps risk teams spot attacks in progress and act before serious damage is done.

Portfolio monitoring and ongoing compliance screening within comprehensive onboarding solutions provide additional layers of protection, detecting anomalies and emerging risks before they escalate. Combined with automated due diligence and AML verification tools, businesses can create defence-in-depth strategies that safeguard every stage of the customer lifecycle.

‍

Building a Resilient Defence Against Deepfake Fraud

As deepfake technology becomes more accessible and sophisticated, businesses can't rely on facial recognition alone. The convergence of presentation attacks and digital injection techniques creates vulnerabilities that single-layer defences simply can't address adequately.

OnBoard by MVSI delivers the end-to-end digital onboarding solution businesses need to grow securely and confidently. It unifies automated KYC and KYB workflows, a configurable risk and decisioning engine, and ongoing portfolio monitoring within a single platform. By combining advanced automation with human expertise, OnBoard simplifies complex compliance tasks, helping businesses prevent fraud without creating friction for legitimate merchants. It truly makes the complex simple and secure.

At MVSI, innovation is grounded in real-world compliance challenges. Our technology evolves from the needs of the organizations we serve, combining automation with human insight to deliver measurable results. OnBoard AIQ^TM, MVSI’s latest AI-driven enhancement, builds on the strength of the OnBoard platform, using its unified data, workflows, and risk engine to analyze applications, documents, and web information in real time. This intelligence enables faster, more accurate decision-making and helps businesses stay ahead of the next generation of fraud.

Ready to protect your business from deepfake fraud and facial recognition bypass attempts? Discover how OnBoard by MVSI can help you onboard merchants faster, safer, and with complete confidence. Book a demo to see it in action!