Subscribe to the Non-Human & AI Identity Journal

Notifications
Clear all

Jailbroken devices and deepfake fraud: are your controls keeping up?


(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 11631
Topic starter  

TL;DR: Deepfake and synthetic identity fraud is a top concern for 96.4% of fintech professionals, while nearly 30% encountered such incidents in the past year, according to Incode. The article links iPhone jailbreaking and Android rooting to camera injection, device spoofing, and multi-angle fraud, and the governing problem is that identity checks relying on a trusted device and live camera feed can be subverted at the same time.

NHIMG editorial — based on content published by Incode: How iPhone Jailbreaking Is Used to Commit Deepfake Fraud

By the numbers:

Questions worth separating out

Q: How should security teams detect deepfake fraud when devices may be jailbroken or rooted?

A: Use correlated signals rather than any single indicator.

Q: Why do jailbroken and rooted devices increase identity fraud risk?

A: They give attackers control over the operating environment, which lets them bypass device checks, spoof location, tamper with camera feeds, and run automation that looks like a legitimate user session.

Q: What breaks when liveness checks rely on the camera feed alone?

A: They break when the attacker can intercept or replace the feed before the verification logic sees it.

Practitioner guidance

  • Correlate device, camera, and behaviour signals Require onboarding decisions to combine device posture, camera integrity, and interaction pattern telemetry before trust is granted.
  • Tighten liveness controls against camera injection Validate camera feed provenance, not only liveness motion or image response.
  • Score tamper risk as part of identity assurance Create a risk score that weights jailbreak or root indicators alongside behavioural anomalies and geolocation inconsistencies.

What's in the full article

Incode's full blog post covers the operational detail this post intentionally leaves for the source:

  • Step-by-step examples of how jailbroken iPhone and rooted Android devices are used in deepfake fraud flows
  • Specific device, camera, and behaviour signals the vendor uses to detect tampering during onboarding
  • How multi-frame video liveness is applied to spot spoofing attempts in real sessions
  • Operational examples of escalating or blocking high-risk verification attempts after signal correlation

👉 Read Incode's analysis of how jailbroken devices are used in deepfake fraud →

Jailbroken devices and deepfake fraud: are your controls keeping up?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
(@mr-nhi)
Member Moderator
Joined: 2 months ago
Posts: 11186
 

Device integrity has become an identity control, not a mobile security side issue. The article shows that jailbreaks and rooting are used to weaken the trust foundation beneath KYC and KYE flows, not just to alter the phone. That shifts the control discussion from device hardening alone to identity assurance across endpoint, camera, and behaviour signals. Practitioners should treat endpoint integrity as part of the identity decision, not a separate security domain.

A few things that frame the scale:

  • Only 44% of developers are reported to follow security best practices for secrets management, exposing a significant developer behaviour gap, according to The State of Secrets in AppSec.
  • 43% of security professionals are concerned about AI systems learning and reproducing sensitive information patterns from codebases, according to The State of Secrets in AppSec.

A question worth separating out:

Q: Who is accountable when compromised devices are used to bypass KYC or KYE?

A: Accountability sits with the identity programme owner, fraud operations, and the teams responsible for endpoint and verification policy. The control failure is usually a governance gap, not a single tool failure. If the workflow can approve synthetic input, the programme must own that risk explicitly.

👉 Read our full editorial: Jailbroken devices are amplifying deepfake fraud in identity checks



   
ReplyQuote
Share: