TL;DR: Identity verification platforms now have to be measured against synthetic media and capture-layer abuse, not legacy fraud assumptions, according to Incode. The company says its identity verification platform met government-defined goals in DHS S&T’s RIVR Track 2 for liveness detection, document verification, and injection attack resistance, a controlled test focused on deepfakes, fraudulent documents, and bypass attempts.
At a glance
What this is: This is Incode’s account of DHS S&T RIVR Track 2 results, where the platform met defined goals for liveness detection, document verification, and injection attack resistance against deepfake, document fraud, and injection threats.
Why it matters: It matters because identity verification teams, fraud leads, and IAM programmes increasingly depend on controls that can withstand synthetic media and capture bypass, especially where IDV feeds onboarding, access, and trust decisions.
👉 Read Incode’s account of DHS RIVR Track 2 identity verification results
Context
Identity verification is being tested against a threat model that now includes synthetic faces, fraudulent documents, and direct capture bypass. That changes how enterprises should think about assurance: the control is no longer just whether a document looks valid, but whether the entire capture and decision chain can resist manipulation. For IAM, fraud, and trust teams, this sits at the boundary between onboarding assurance and downstream access governance.
The article is about a government evaluation, not a vendor certification, which makes the signal more useful than marketing claims. For practitioners, the question is whether their identity workflows can still distinguish real users from synthetic or injected inputs when the attacker controls the image stream, the document artefact, or both.
Key questions
Q: How should security teams evaluate identity verification against deepfake attacks?
A: They should test verification against the attack classes that matter in production, including 2D spoofs, video replay, 3D artifacts, and synthetic faces. The goal is not to score a model in isolation but to prove the full workflow can resist manipulated inputs, capture bypass, and downstream trust leakage before identity is accepted.
Q: Why do synthetic documents create governance risk for IAM and fraud teams?
A: Synthetic documents can turn a failed identity check into a trusted enrolment event if verification is treated as a binary pass or fail. That risk reaches IAM when onboarding, account recovery, or privileged issuance depends on the result. Teams need evidence thresholds, escalation paths, and manual review for uncertain cases.
Q: What breaks when capture pipelines allow injection attacks?
A: The trust boundary breaks before the biometric or document model even evaluates the input. If an attacker can inject imagery directly into the stream, the system may treat fraudulent evidence as legitimate capture. That undermines every downstream control that assumes the camera or device path is trustworthy.
Q: Which controls matter most when identity verification feeds access decisions?
A: The most important controls are capture integrity, documented assurance thresholds, and step-up checks for low-confidence outcomes. If verification supports access, provisioning, or account recovery, the result should flow into IAM policy rather than being treated as a standalone approval. That keeps weak identity evidence from becoming a permanent access decision.
Technical breakdown
Liveness detection against deepfake presentation attacks
Liveness detection tries to determine whether a person is physically present during capture rather than replaying a photo, video, or generated face. Modern attacks now include 2D spoofs, 3D artifacts, and video replays, which means older checks based on simple motion or image quality are not enough. The technical problem is adversarial adaptation: once defenders harden one cue, attackers shift to another. In regulated identity flows, liveness has to operate as one layer in a broader assurance chain that includes device, document, and backend risk signals.
Practical implication: validate liveness against realistic spoof classes, not just clean lab conditions.
Document verification under synthetic and tampered inputs
Document verification is the process of checking whether an identity document is authentic, unaltered, and consistent with the claimed identity. The challenge has widened because attackers can produce high-quality synthetic documents or alter existing ones to pass superficial checks. This creates a governance problem for identity programmes: if document confidence is overstated, every downstream decision built on that assertion becomes fragile. IDV teams need controls that inspect structure, metadata, and issuer consistency, not just visible text and layout.
Practical implication: test document verification against tampering and synthetic-generation scenarios before using it as a trust gate.
Injection attack resistance in capture pipelines
Injection attacks attempt to place fraudulent imagery directly into the capture stream rather than presenting a physical spoof to the camera. That makes them different from classic presentation attacks because the adversary may bypass sensor assumptions entirely. The risk is especially relevant in mobile and browser-based onboarding, where capture components, APIs, and device trust signals all become part of the attack surface. Identity assurance now depends on protecting the ingestion path as much as the biometric or document check itself.
Practical implication: secure the capture pipeline and API path, not just the biometric algorithm.
Threat narrative
Attacker objective: The attacker aims to pass identity verification with fabricated or injected evidence so they can obtain trusted access or onboard a false identity.
- Entry occurs when an attacker uses synthetic faces, tampered documents, or injected imagery to reach the verification workflow.
- Escalation happens when weak capture controls allow fraudulent inputs to be treated as real identity evidence.
- Impact is fraudulent enrolment, account takeover, or compromised trust in identity verification decisions.
NHI Mgmt Group analysis
Identity verification is now a capture-integrity problem, not just a document-check problem. RIVR Track 2 highlights a shift that many programmes still understate: attackers are targeting the ingestion layer, not only the identity artefact. When injected imagery or synthetic documents can enter the pipeline, assurance fails before downstream policy logic even begins. IDV, fraud, and IAM teams need to treat capture integrity as part of identity governance, not as a vendor feature.
Deepfake resistance and document verification must be governed as separate control domains. The article combines liveness, document checks, and injection resistance, but practitioners should not collapse them into one confidence score. Liveness defends against one class of attack, document verification against another, and pipeline security against a third. That separation matters because each failure mode maps to a different control owner, validation method, and escalation path. Security teams should align each control to its own risk threshold and evidence standard.
Verification assurance is becoming a trust-framework issue across identity programmes. Where identity verification feeds onboarding, privileged access, or high-risk transactions, weak assurance becomes an IAM and fraud governance problem, not just an IDV issue. The field is moving toward evidence-based testing of verification controls under adversarial conditions, which should influence procurement, QA, and compliance review. Practitioners should demand proof of resilience against realistic attack classes, not generic accuracy claims.
Capture-layer abuse exposes a named failure mode: verification-path integrity gap. The central weakness is the assumption that the capture channel itself is trustworthy. Once that assumption breaks, even strong document or face models can be undermined because the input is already manipulated. This is the kind of failure mode that should be explicitly tracked in fraud, IDV, and identity architecture reviews, because it sits upstream of most policy decisions. Practitioners should classify capture integrity as a first-order control objective.
External validation is becoming the baseline for identity assurance claims. Controlled government evaluations matter because they force vendors and buyers to measure performance against current threat conditions rather than self-reported capability. That does not eliminate the need for internal red-teaming, but it does raise the bar for evidence. Teams should treat adversarial testing as a procurement and governance requirement, not as an optional assurance exercise.
What this signals
Identity verification programmes are moving from static accuracy claims to adversarial assurance, which means procurement language and governance metrics will need to change. Teams that feed IDV into onboarding or access decisions should expect more scrutiny of evidence quality, not just model performance. The practical shift is toward capture integrity, scenario-based testing, and clearer escalation boundaries when confidence is uncertain.
Verification trust gap: the industry is increasingly exposed to the difference between what a system recognises and what it can safely trust. That gap matters because fraud, IAM, and identity verification controls now share the same decision surface. Organisations should align verification thresholds with downstream access policy, then validate those thresholds against realistic attack paths rather than synthetic benchmarks alone.
For broader identity governance context, teams should map verification outcomes to lifecycle controls in the NHI Lifecycle Management Guide and use the Ultimate Guide to NHIs to frame where trust decisions become persistent identity risk.
For practitioners
- Test capture integrity against real attack classes Include 2D spoofs, 3D artifacts, video replays, synthetic documents, and injected imagery in your assurance testing. Validate both the verification model and the capture path so that fraud controls assess end-to-end integrity, not isolated model accuracy.
- Separate control ownership across liveness, documents, and pipeline security Assign distinct owners for biometric liveness, document authenticity, and capture-channel security so failures can be triaged quickly. This prevents a single score from hiding whether the weakness sits in the person, the document, or the transport layer.
- Require adversarial evidence in procurement Ask IDV suppliers to show tested performance against injection attacks and synthetic media, not just benchmark scores. Tie acceptance criteria to attack scenarios that match your onboarding, KYC, workforce, or customer identity flows.
- Feed IDV confidence into IAM and fraud controls When identity verification supports access or account creation, propagate low-confidence or anomalous outcomes into step-up checks, manual review, or restricted issuance. That keeps verification failures from becoming unconditional trust decisions.
Key takeaways
- Identity verification is being stressed by synthetic media, tampered documents, and capture-layer injection, which makes assurance a governance issue as much as a technical one.
- Government testing against liveness, document fraud, and injection resistance provides stronger evidence than vendor claims alone, but only if teams map those results to their own workflows.
- Practitioners should treat capture integrity, separate control ownership, and downstream IAM enforcement as the minimum response to modern IDV risk.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
NIST SP 800-63, NIST CSF 2.0 and NIST AI RMF set the technical controls, while GDPR define the regulatory obligations.
| Framework | Control / Reference | Relevance |
|---|---|---|
| NIST SP 800-63 | SP 800-63A | The article concerns identity proofing and evidence validation. |
| GDPR | Art.32 | Biometric and identity data processing can require security and privacy safeguards. |
| NIST CSF 2.0 | PR.AC-1 | Identity verification outcomes influence access and trust decisions. |
| NIST AI RMF | MANAGE | AI-driven verification systems need ongoing risk treatment and monitoring. |
Use MANAGE to establish monitoring, escalation, and model-risk treatment for verification systems.
Key terms
- Liveness Detection: Liveness detection is the set of checks used to confirm that a real person is physically present during identity capture. It reduces the chance that a photo, replayed video, or generated face can be mistaken for a live subject, but it must be paired with broader capture and document controls.
- Injection Attack: An injection attack in identity verification occurs when an attacker inserts fraudulent imagery or data directly into the capture stream instead of presenting it through the normal camera or document path. That makes the ingestion channel itself part of the trust boundary and can bypass controls that only inspect visible presentation.
- Verification Path Integrity: Verification path integrity is the assurance that identity evidence reaches the decision engine without being tampered with, substituted, or bypassed. It covers the camera, capture app, transport layer, and API path, because any weakness in that chain can undermine otherwise strong biometric or document validation.
What's in the full article
Incode’s full post covers the operational detail this post intentionally leaves for the source:
- Performance context for liveness detection against the specific attack classes used in RIVR Track 2.
- The evaluation framing used by DHS S&T and why controlled testing matters for regulated identity workflows.
- The distinction between document verification failures and capture-layer injection attacks in practical deployments.
- How Incode positions external validation as part of its broader identity assurance approach.
Deepen your knowledge
The NHI Foundation Level course, the industry's only accredited NHI security programme, covers NHI governance, identity lifecycle, and secrets management. It is designed for practitioners building tighter control over identity risk across modern security programmes.
Published by the NHIMG editorial team on 2026-02-24.
NHI Mgmt Group — the independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org