By NHI Mgmt Group Editorial TeamDomain: Breaches & IncidentsSource: IncodePublished February 5, 2026

TL;DR: DHS’s Remote Identity Validation Rally tested commercial identity verification systems against deepfake, document fraud, and injection attacks, and Incode was one of only two vendors to meet multiple performance goals across those categories, according to Incode. The result reinforces that IDV governance now has to treat presentation attacks and stream injection as core control issues, not edge cases.


At a glance

What this is: This is Incode’s analysis of DHS’s Remote Identity Validation Rally, which tested commercial IDV systems against deepfake, fraudulent document, and injection attack scenarios.

Why it matters: It matters because identity verification teams, fraud leaders, and IAM programmes need evidence on which controls can withstand synthetic identity and capture-layer bypass attacks in regulated environments.

👉 Read Incode's analysis of the DHS Remote Identity Validation Rally


Context

Commercial identity verification is being judged less on promise and more on whether it can survive realistic attack conditions. This post examines how the DHS Remote Identity Validation Rally stress-tested deepfake detection, document fraud controls, and injection resistance, and why that matters for identity verification governance in regulated sectors.

For IAM, fraud, and compliance teams, the important shift is that identity assurance now depends on how well systems handle synthetic inputs, not just whether they can authenticate a user once. That makes verification quality, fraud telemetry, and downstream access decisions part of the same control story.


Key questions

Q: What fails when identity verification trusts the video stream too early?

A: When the capture layer is trusted before integrity checks, attackers can inject synthetic or replayed frames that look legitimate to the verification engine. The result is not just a bad photo, but a false identity signal that can flow into onboarding, recovery, or access decisions. Organisations need device trust, stream integrity, and tamper detection before acceptance.

Q: Why do deepfake and document fraud controls need to be assessed together?

A: Attackers rarely rely on one broken control. A convincing face spoof, a forged document, and a manipulated capture stream can combine into a single successful proofing event. Testing each control separately can miss how the workflow behaves when signals reinforce one another. Teams should evaluate the full identity proofing chain, not just isolated model scores.

Q: How do security teams know if an IDV system is actually resilient?

A: Look for independent testing against realistic attack conditions, not just lab accuracy claims. A resilient system should show evidence of performance under presentation attacks, document forgeries, and injection attempts, with clear thresholds that map to your own onboarding or recovery risk. If those tests are missing, the assurance claim is incomplete.

Q: Who should own accountability when IDV failures create access risk?

A: Accountability should sit with the team that decides how verification results affect trust, not only with the vendor or the fraud unit. If a weak proofing outcome can lead to onboarding, privilege, or account recovery, IAM, fraud, and compliance all share governance responsibility. Policy should define who accepts residual risk and who reviews exceptions.


Technical breakdown

Deepfake and liveness testing in identity verification

Liveness and deepfake checks try to distinguish a real human subject from a replay, mask, or synthetic face generated by AI. The technical challenge is that modern presentation attacks can look visually plausible while still being machine-generated or manipulated. Good systems combine signal layers such as motion cues, texture analysis, challenge-response logic, and device telemetry rather than relying on a single facial match score. In government and regulated use cases, weak liveness means the verification stack can be convinced that a fabricated subject is real, even when the rest of the workflow appears intact.

Practical implication: Treat liveness as an assurance layer, not a checkbox, and test it against both commodity and AI-generated presentation attacks.

Document fraud detection and identity proofing controls

Fraudulent document detection evaluates whether the proofing flow can spot altered, forged, or synthetic identity documents before they are accepted into a trust workflow. That requires more than OCR. Effective pipelines compare document structure, security features, metadata consistency, and cross-field coherence, then correlate those signals with identity proofing rules. In practice, the threat is not just a bad image but a fraudulent credential entering a regulated process and being reused downstream for account opening, employment, or access decisions. Once a forged document passes, the rest of the identity lifecycle inherits that error.

Practical implication: Verify that document checks feed into proofing and access decisions, not just manual review queues.

Injection attacks that bypass the capture layer

Injection attacks do not attack the camera or the subject directly. They bypass the capture layer and insert pre-recorded or synthetic frames into the video or image stream, which means controls focused only on the live camera feed can miss the manipulation. This is especially hard because the data may look legitimate by the time it reaches the verification engine. Defending against it usually requires device attestation, secure capture paths, transport integrity checks, and tamper-evident telemetry. The issue is architectural: if the system trusts the stream too early, the attacker controls what the verifier sees.

Practical implication: Validate capture integrity end to end, including device trust and stream tamper resistance, before accepting verification outcomes.



NHI Mgmt Group analysis

Identity verification is now an access-control dependency, not a front-door formality. When verification is used to decide onboarding, step-up checks, account recovery, or workforce access, weak assurance becomes an IAM problem as much as a fraud problem. The DHS rally shows that the real question is whether an IDV workflow can stand up to synthetic input under operational pressure. For practitioners, identity proofing must be governed as a control that influences trust decisions across the lifecycle.

Injection attack resistance is the named concept practitioners should be watching. The article highlights a failure mode where the attacker never needs to outmatch the camera or the human observer, only the trust placed in the data stream. That makes capture-layer integrity a distinct governance concern, separate from face matching or document authenticity. For teams, the control boundary has to move from presentation checks to stream assurance and device trust.

Deepfake detection and document fraud should be measured together, not as separate vendor features. A system that performs well on one axis can still fail when fraudulent identity signals are combined in a single workflow. That matters because real abuse chains often stack manipulated faces, forged documents, and account takeover logic. For IAM and fraud teams, the practical conclusion is to test the whole proofing journey, not just isolated model outputs.

Regulated buyers should treat third-party evaluations as a governance input, not a procurement verdict. A government-led evaluation gives a more credible stress context than vendor self-claims, but it still needs to be mapped to the organisation's own risk profile and assurance thresholds. The useful question is not whether a system passed a rally, but whether it can support the assurance level required for your onboarding, recovery, or access workflow. For practitioners, governance should translate test results into explicit policy decisions.

From our research:

  • 43% of security professionals are concerned about AI systems learning and reproducing sensitive information patterns from codebases, according to The State of Secrets in AppSec.
  • The average estimated time to remediate a leaked secret is 27 days, despite 75% of organisations expressing strong confidence in their secrets management capabilities.
  • Forward look: 32.4% of security budgets are already devoted to secrets management and code security on average, according to The State of Secrets in AppSec.

What this signals

Identity proofing programmes are moving toward evidence-based assurance, where independent testing matters more than vendor assertions. For IAM teams, that means verification outcomes should be tied to risk tier, not treated as a universal trust gate. The governance question is whether your current onboarding and recovery flows can absorb synthetic identity pressure without creating durable account risk.

Capture-layer integrity: if the video stream or image pipeline is trusted too early, attackers can bypass face and document controls without defeating them directly. That means organisations should review device attestation, secure transport, and tamper telemetry as part of identity governance, not only as fraud tooling. For regulated use cases, the control boundary is shifting closer to the source of the signal.

For identity programmes that touch workforce access, customer onboarding, or account recovery, the next step is to translate assurance findings into policy thresholds. Link the verification result to the decision that follows it, and align exception handling with the risk that synthetic or injected identity signals create.


For practitioners

  • Stress-test the full proofing journey Validate face, document, and stream controls together in one workflow so attackers cannot combine a weak liveness check with a forged document or injected frame stream.
  • Add capture-layer integrity checks Require device attestation, tamper-evident telemetry, and secure transport paths before accepting any verification outcome from live or recorded media.
  • Map verification outcomes to downstream access decisions Tie IDV confidence levels to onboarding, step-up authentication, account recovery, and privilege grant rules so weak proofing cannot silently create trusted identities.
  • Use third-party testing as a policy input Compare government or independent evaluation results against your own fraud tolerance, regulated-use requirements, and assurance thresholds before approving deployment.

Key takeaways

  • Identity verification failures become IAM failures when weak proofing creates trusted accounts, recovery paths, or access grants.
  • The DHS rally underscores that deepfake, document fraud, and injection resistance must be tested together because attackers chain them in practice.
  • Practitioners should convert independent evaluation results into policy thresholds, device integrity checks, and downstream access rules.

Standards & Framework Alignment

This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.

NIST SP 800-63, NIST CSF 2.0 and NIST SP 800-53 Rev 5 set the technical controls, while GDPR define the regulatory obligations.

FrameworkControl / ReferenceRelevance
NIST SP 800-63SP 800-63AIDV and proofing outcomes map directly to identity proofing guidance.
NIST CSF 2.0PR.AA-01Authentication assurance is central to identity verification governance.
NIST SP 800-53 Rev 5IA-2Identity verification supports strong identification and authentication controls.
GDPRArt.32Biometric and identity data processing requires security safeguards where personal data is involved.

Apply Art.32 safeguards to identity proofing data, especially where biometrics are processed.


Key terms

  • Identity verification: Identity verification is the process of confirming that a user, workload, or agent is the entity it claims to be before access is granted. In AI-heavy environments, that verification must include the requester, the system acting on its behalf, and the sensitivity of the action.
  • Liveness Detection: Liveness detection is the mechanism that checks whether a biometric sample comes from a real, present person rather than a spoof such as a photo, screen, or mask. In identity programmes, it is a core defence against presentation attacks and should be tested under realistic operating conditions.
  • Injection attack: An attack that inserts synthetic or manipulated data directly into the verification flow rather than fooling the sensor itself. For identity programmes, this is a control-path problem, because the attacker may bypass the visible presentation layer and exploit the software decision point.
  • Identity proofing: The process of verifying that a person is who they claim to be before granting or restoring access. In higher-risk recovery paths, proofing can include stronger evidence checks such as government ID validation or liveness-based facial verification so the assurance level matches the sensitivity of the request.

What's in the full analysis

Incode's full analysis covers the operational detail this post intentionally leaves for the source:

  • The DHS evaluation framing and how RIVR was structured across liveness, document fraud, and injection testing.
  • The vendor's explanation of which attack conditions differentiated stronger IDV performance from weaker approaches.
  • The context behind why government-led testing matters for regulated deployment decisions.
  • The article's view of how organisations should interpret third-party validation in their own risk programmes.

👉 Incode's full post covers the RIVR context, attack categories, and interpretation for regulated buyers.

Deepen your knowledge

The NHI Foundation Level course, the industry's only accredited NHI security programme, covers NHI governance, machine identity security, and secrets management. It helps practitioners connect identity assurance decisions to the broader security programme they already run.
NHIMG Editorial Note
Published by the NHIMG editorial team on July 14, 2026.
NHI Mgmt Group — the independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org