Biometric IDV and deepfake fraud: are your controls keeping up?

TL;DR: Biometric identity verification is now being used to counter deepfakes, synthetic identities, and AI-driven impersonation, but platform choice still hinges on liveness detection, document coverage, compliance, and integration depth according to 1Kosmos. The underlying problem is that verification strength alone does not resolve the trust assumptions in onboarding, recovery, and step-up flows.

NHIMG editorial — based on content published by 1Kosmos: five identity verification platforms that offer biometric authentication

Questions worth separating out

Q: How should security teams use biometric identity verification in account recovery flows?

A: Security teams should use biometric identity verification in account recovery only when it is paired with stronger proofing than routine sign-in.

Q: Why do deepfakes change the way organisations evaluate identity proofing?

A: Deepfakes change identity proofing because they can make a remote subject appear real even when no genuine person is present.

Q: What breaks when biometric authentication is treated as a standalone trust control?

A: What breaks is the assumption that visual similarity equals authentic identity.

Practitioner guidance

• Define the identity event before choosing the control Map each biometric flow to a specific event such as onboarding, account recovery, step-up access, or re-authentication.
• Set a higher assurance bar for recovery paths Require stronger evidence for password resets, account takeover recovery, and other high-risk changes than for routine enrolment.
• Test liveness against realistic impersonation methods Validate active and passive liveness controls using photos, replay videos, masks, and AI-generated faces before trusting them in production.

What's in the full article

1Kosmos's full article covers the operational detail this post intentionally leaves for the source:

• Platform-by-platform positioning for 1Kosmos, Jumio, Veriff, Onfido, and Mitek Systems
• Detailed feature comparison across facial recognition, liveness detection, and document coverage
• Implementation criteria for enterprise integrations, including APIs, SDKs, and no-code options
• Use-case guidance for workforce, customer, and citizen identity deployments

👉 Read 1Kosmos's comparison of biometric identity verification platforms →

Biometric IDV and deepfake fraud: are your controls keeping up?

Explore further

View Full Forum →  |  NHI Foundation Course →