Deepfake KYC fraud exposes the limits of selfie-to-ID checks

At a glance

What this is: This is an analysis of a deepfake-enabled banking fraud scheme that used stolen identity documents and mobile onboarding to open 46 fraudulent ABN AMRO accounts.

Why it matters: It matters because IAM, KYC, and fraud teams need identity assurance that can distinguish a real applicant from a synthetic one, not just a face from a document.

By the numbers:

• In the first half of 2025 alone, regulators levied $1.23 billion in financial penalties, a 417% increase year-over-year.
• iProov’s 2026 Threat Intelligence Report documented a 1,151% year-over-year increase in iOS injection attacks in the second half of 2025.
• The fraudster used stolen IDs to open 46 fraudulent bank accounts at ABN AMRO, one of the largest banks in the Netherlands.

👉 Read iProov's analysis of the ABN AMRO deepfake KYC fraud case

Context

Deepfake KYC fraud is when a fraudster uses synthetic media to impersonate a real applicant during digital onboarding. The ABN AMRO case shows how a selfie-to-ID check can be fooled when the system validates image similarity but not liveness, document provenance, or the presence of a real person at capture time.

For IAM and fraud programmes, this is a human identity control problem with direct downstream NHI implications. Once synthetic identity gains a foothold in onboarding, the same trust failure can propagate into account abuse, mule activity, payment fraud, and weak lifecycle controls across customer identity systems.

Key questions

Q: What breaks when selfie-to-ID verification is used without liveness detection?

A: Selfie-to-ID verification without liveness detection can approve synthetic faces that only appear to match the identity document. The control confirms resemblance, not presence, so deepfakes, replays, and injected video can pass through as if they were genuine applicants. That is why document matching alone is not enough for high-risk onboarding.

Q: Why do deepfakes create a bigger risk for mobile KYC than traditional document fraud?

A: Deepfakes let an attacker keep the document authentic while fabricating the person presenting it. That changes the problem from spotting fake paperwork to proving a live human is actually behind the capture. Mobile KYC becomes easier to automate and harder to review manually, so the same attack can scale across many applications.

Q: How can security teams tell if biometric onboarding controls are actually working?

A: They should test whether the control detects presentation, replay, and injection attacks under realistic conditions, not just whether it matches two images. Useful signals include failed capture attempts, challenge completion quality, false acceptance rates, and how quickly the system flags suspicious device or image patterns.

Q: Who is accountable when deepfake fraud bypasses customer onboarding controls?

A: Accountability sits with the organisation that set the assurance model, not just the vendor that provided the tool. Teams that own KYC, fraud prevention, and customer identity governance need to define what evidence is required before an account can be opened and which risk exceptions are allowed.

Technical breakdown

Why selfie-to-ID matching fails against deepfakes

Selfie-to-ID matching compares a submitted photo or live image against an identity document and scores the similarity. That works only if the image is authentic. Deepfakes break the model by generating a face that is close enough to satisfy the comparison engine while still being synthetic. If the pipeline checks only geometry and texture, it can approve an image that was never captured from a live person. The failure is structural: the control confirms resemblance, not reality.

Practical implication: treat face match as a threshold check, not proof of identity.

How liveness detection changes the verification stack

Liveness detection adds an active or passive test that looks for signs of a real person at the moment of capture. Passive methods analyse motion, depth, texture, and device signals, while active methods ask the user to respond to a challenge. The control is designed to detect presentation attacks, replay attacks, and injection attacks before the identity decision is made. In high-assurance environments, liveness is not an optional enhancement. It is the control that makes biometric comparison meaningful.

Practical implication: require independent testing of liveness controls against presentation, replay, and injection attacks.

Why mobile onboarding is a fraud multiplier

Mobile onboarding compresses the identity decision into a short, automated workflow. That speed helps customer conversion, but it also reduces the opportunity for manual review, especially when fraud signals arrive late or are hidden across devices and channels. The result is a high-throughput trust decision that can be exploited repeatedly once a pattern works. The ABN AMRO case shows that fraud at scale is often a workflow problem as much as a model problem.

Practical implication: add step-up review and anomaly detection to the highest-risk onboarding paths.

Threat narrative

Attacker objective: The attacker sought to create bank accounts under stolen identities so he could move funds, support laundering, and preserve anonymity.

1. Entry: the attacker harvested genuine identity documents through a fake rental listing and from social media, then used them to enter the bank’s mobile onboarding flow.
2. Credential_harvested: he combined stolen passports with deepfake imagery so the selfie and document check could be satisfied by synthetic media rather than a real applicant.
3. Escalation: the onboarding workflow approved account creation repeatedly because the verification stack did not detect manipulated capture at the point of enrollment.
4. Impact: 46 fraudulent accounts were opened, debit cards and PINs were obtained, and the accounts were linked to cash deposits and laundering activity.

Breaches seen in the wild

• Cisco DevHub NHI breach — IntelBroker exploited exposed Cisco credentials, API tokens and keys in DevHub.
• IOS app secrets leakage report — iOS apps leaking hardcoded secrets and credentials endangering user privacy.

Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.

NHI Mgmt Group analysis

Selfie-to-ID checks are not identity assurance. This case worked because the bank’s onboarding logic treated face similarity as sufficient proof of personhood. That assumption collapses when synthetic media can bridge a stolen document photo and the attacker’s real face, because the control validates likeness rather than presence. The implication is that digital onboarding built on image comparison alone is structurally unable to distinguish authentic applicants from manufactured ones.

Deepfake fraud turns KYC into an assurance problem, not a document problem. The attacker did not need to defeat the passport. He needed to defeat the trust model that assumes a genuine document implies a genuine applicant. That is a different failure mode from simple document forgery, and it is why liveness, device telemetry, and capture-time assurance now sit at the centre of human identity governance. Practitioners should treat identity proofing as a layered assurance chain, not a single gate.

Static verification thresholds create fraud debt. A selfie-to-ID flow that stays unchanged after deployment gradually accumulates exposure as synthetic media tools improve. iProov’s reported 1,151% rise in iOS injection attacks shows that the attack surface is evolving faster than many verification programmes. The practical conclusion is that identity assurance must be measured against adversarial drift, not launch-day baseline performance.

Named concept: synthetic identity capture gap. This is the gap between validating an identity artifact and validating the live human behind it. In this case, the bank validated a document-image pair but not whether the applicant was physically present and authentic at capture time. That gap is now a core weak point in mobile KYC, especially where onboarding is optimised for speed and automation.

Fraudulent onboarding is a lifecycle failure as much as an authentication failure. Once the account opened, the attacker obtained cards, PINs, and transaction capability under a seemingly valid identity record. That shows how weak proofing at intake can contaminate downstream access, transaction monitoring, and account lifecycle governance. The implication for practitioners is that onboarding cannot be isolated from post-provisioning fraud controls.

From our research:

• 96% of organisations store secrets outside of secrets managers in vulnerable locations including code, config files, and CI/CD tools, according to Ultimate Guide to NHIs.
• Only 20% have formal processes for offboarding and revoking API keys, and even fewer have procedures for rotating them, which leaves long-lived trust patterns exposed.
• That same lifecycle gap is why practitioners should also study 52 NHI Breaches Analysis for recurring failure modes and control gaps.

What this signals

Synthetic identity attacks are now a governance problem, not just a fraud problem: as capture, verification, and onboarding decisions move deeper into mobile workflows, assurance must be measured against adversarial media rather than static image comparisons. The control question is no longer whether a face matches a document, but whether the applicant was real at capture time.

With 97% of NHIs carrying excessive privileges according to Ultimate Guide to NHIs, identity programmes already live with a broad trust deficit. Human onboarding systems now face the same pattern: once a weak proofing decision is made, downstream access, transaction authority, and monitoring assumptions all inherit that error.

Synthetic identity capture gap: this is the point where proofing verifies an artifact instead of the living subject behind it. For practitioners, the forward signal is clear: verification stacks need continuous adversarial testing, and their risk decisions should feed fraud controls, access limits, and lifecycle review in the same programme.

For practitioners

• Add liveness as a mandatory control for high-risk onboarding Require passive or active liveness testing on any mobile onboarding path that accepts identity documents and selfies. Validate that the control detects presentation, replay, and injection attacks, not just live-camera captures.
• Separate document authenticity from applicant authenticity Design the workflow so a valid passport or national ID does not by itself complete proofing. Add device intelligence, capture-time signals, and risk-based step-up review when the applicant history or image context is inconsistent.
• Reassess automated approval thresholds for low-friction onboarding Review every flow that can approve accounts with no human checkpoint. Prioritise routes where fraud can be repeated at scale, and test whether exceptions or escalations are triggered before account issuance.
• Link onboarding controls to account lifecycle monitoring Tie proofing confidence to downstream account restrictions, monitoring intensity, and early review triggers. Where identity assurance is weak, reduce transaction limits and increase review before cards and payment rails are fully enabled.
• Benchmark against current injection-attack evidence Use independent testing to verify that verification vendors can withstand modern injection and deepfake methods rather than legacy spoofing tests. Require evidence from current attack classes before relying on any biometric onboarding control.

Key takeaways

• Deepfake-enabled onboarding succeeds when systems validate image similarity but fail to prove a live person is present.
• The scale is already material, with 46 fraudulent accounts in this case and a broader surge in injection-style attacks.
• Liveness detection, capture-time assurance, and downstream lifecycle controls are the practical barriers that would have reduced the impact.

Key terms

• Synthetic Identity Capture Gap: The synthetic identity capture gap is the point where an onboarding system validates an identity artifact instead of verifying the living person behind it. In practice, it appears when a selfie-to-ID flow checks similarity but fails to prove presence, authenticity, or real-time capture under adversarial conditions.
• Liveness Detection: Liveness detection is the control that tests whether a biometric sample comes from a real person present at capture time. It can use passive signal analysis or active challenges, and it is meant to defeat presentation, replay, and injection attacks that try to fake human presence.
• Identity Proofing: Identity proofing is the process of establishing that a person is who they claim to be before granting an account or credential. In digital onboarding, it combines document checks, biometric checks, and risk signals, but it only works when the control stack verifies both the document and the applicant.
• Injection Attack: An injection attack feeds synthetic or manipulated biometric data directly into the verification pipeline rather than through the camera or sensor. It bypasses simple capture assumptions and can make a deepfake or replay appear legitimate unless the system validates device integrity and capture provenance.

Deepen your knowledge

Synthetic identity defence and liveness assurance are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are building stronger onboarding controls or reviewing identity proofing after this kind of fraud, it is worth exploring.

This post draws on content published by iProov covering deepfake-enabled bank account fraud: an analysis of the ABN AMRO case and the limits of selfie-to-ID checks. Read the original.