TL;DR: Facial deepfakes now span synthetic faces, face swaps, and face animation, and Incode says even trained labelers can no longer rely on visual inspection alone because realistic AI-generated media is being used to bypass identity verification and biometric authentication. The operational problem is not just detection accuracy, but the collapse of trust in human review as a security control.
NHIMG editorial — based on content published by Incode: The 3 Most Common Types of Facial Deepfakes Explained
By the numbers:
- The average labeler also rejected more than 15% of real selfies.
Questions worth separating out
Q: How should security teams defend identity verification against deepfake attacks?
A: Use layered verification that combines passive liveness, device signals, behavioural telemetry, and policy-based risk scoring.
Q: Why do facial deepfakes create risk for biometric authentication programmes?
A: Because they undermine the assumption that a face capture is strong evidence of a real person present in the session.
Q: What do teams get wrong about spotting deepfakes in user onboarding?
A: They overestimate human detection and underweight signal correlation.
Practitioner guidance
- Add multi-modal liveness checks Use passive liveness, device intelligence, and behavioural telemetry together so a deepfake must defeat more than one control path before approval.
- Remove human-only adjudication for high-risk captures Reserve manual review for exception handling and correlation, not as the primary method for spotting synthetic faces or face swaps in production flows.
- Correlate identity proofing signals across the session Compare capture context, document evidence, camera characteristics, and session behaviour so a manipulated selfie cannot pass as a standalone trust event.
What's in the full article
Incode's full article covers the technical detail this post intentionally leaves at the pattern level:
- Visual examples of synthetic faces, face swaps, and face animation that help fraud teams recognise each attack family.
- Technical discussion of GAN and diffusion model behaviour in image and video generation.
- Examples of how real-time and pre-recorded deepfakes can be injected into verification pipelines.
- Notes on the limits of human labelers when distinguishing deepfakes from real captures.
👉 Read Incode's analysis of the three most common facial deepfake types →
Facial deepfakes and identity fraud: are your controls keeping up?
Explore further
Visual inspection is no longer a viable trust control for biometric identity. The article’s own testing shows why human review fails: experts can spot many deepfakes, but they also reject a meaningful share of real users. That means the control is not merely noisy, it is structurally unfit as a primary verification layer. The practical conclusion is that identity programmes must stop treating human eyes as an adjudication mechanism for deepfake risk.
A few things that frame the scale:
- Only 5.7% of organisations have full visibility into their service accounts, according to Ultimate Guide to NHIs.
- Another 97% of NHIs carry excessive privileges, which broadens attack surface and magnifies the impact of compromised identities.
A question worth separating out:
Q: How can organisations reduce fraud from synthetic faces and face swaps?
A: Shift from standalone verification decisions to session-level risk evaluation. Correlate capture quality, camera behaviour, document checks, and repeat patterns across attempts so synthetic identities and swapped faces are easier to separate from legitimate users.
👉 Read our full editorial: Facial deepfakes are outpacing biometric identity verification