Identity crisis

by Mark Rowe January 26, 2026

Biometric authentication, once the golden child of identity verification, is facing a crisis of its own, says Tamás Kádár, CEO and co-founder of the platform SEON.

A method built on uniqueness and irrevocability is now colliding with generative artificial intelligence (GenAI) models that can mimic a voice or even a fingerprint with unsettling precision in seconds. Identity fraud no longer requires specialised equipment; consumer-grade tools and a handful of social media photos are sufficient to generate synthetic selfies and videos that can evade traditional liveness checks and facial-comparison engines.

As a result, many businesses respond by adding more checks: document uploads, selfies, liveness prompts, one-time codes, and device challenges. Yet, fraud losses continue to rise, particularly from synthetic identities and deepfake-enabled attacks, even as user abandonment increases. Human intuition is no safeguard either — recent research shows that only a tiny fraction of people can reliably spot high‑quality deepfakes, and biometric liveness detection engines are equally fallible when they only see the surface. When a single datapoint can no longer anchor trust, identity can’t be treated as a binary yes/no outcome. It has to be viewed as a constellation of signals and behaviours that evolve.

Reframing Identity In the Synthetic Media World

Biometric authentication was never designed for a world where synthetic media can be mass-produced, orchestrated in real time and injected directly into verification flows. Attackers now exploit every weak point in the biometric pipeline — from capture and liveness detection to transmission and matching — using tools such as 3D-printed masks, digital injection, face-swap models and voice cloning. Deepfake attacks on banking apps and a 704pc rise in face‑swap attempts between early and late 2023 underscore how quickly these techniques are moving from labs into commercial fraud operations.

At the same time, financial stakes are escalating. Synthetic identity fraud alone is expected to drive at least $23 billion in losses by 2030. As businesses attempt to compensate by adding verification steps, they unintentionally create a second problem: introducing friction for legitimate users while leaving the core vulnerability — reliance on a single, visible artefact — largely intact. Treating a successful biometric check as gospel turns identity into a snapshot, rather than a narrative, and that narrative is exactly where modern fraud hides or reveals itself.

Finding Proof of Face to Proof of Existence

The pivot required is both conceptual and technical: biometric authentication results should be treated as probabilistic signals, not absolute proof. A flawless face match can be part of the story, but it should never be the whole story. Fake profiles and synthetic identities tend to look “perfect” in isolation — crisp selfies, well‑formatted documents, clean form fills — yet they fall apart when examined across the whole customer journey: disposable devices, high‑risk IPs, thin or non‑existent digital footprints and velocity patterns that don’t resemble human life.

By contrast, real users leave messy, layered histories. Their email addresses often tie back to years of activity, including exposure in data breaches; their devices reappear across sessions; their IPs and locations follow plausible routines. Contextual fraud and digital footprint analysis move the focus from “Does this face match this document?” to “Does this identity behave like a real person with a real past?” In other words, the question shifts from proof of face to proof of existence.

Why Traditional IDV Punishes the Wrong People

Conventional ID verification flows tend to be brittle and unforgiving. Fail one check due to poor lighting, an ageing camera or motion blur, and you may be rejected outright, sent to manual review purgatory or forced to repeat the process ad nauseam. In one analysis of over 10,000 failed ID photos, approximately 46% were denied solely due to lighting issues, and 30% were rejected for image-quality problems, such as low resolution. This means that a single poorly lit or low-quality selfie can be enough to block your application.

Meanwhile, sophisticated attackers optimise for these exact constraints. Using deepfake engines, synthetic overlays, or replayed video, they can generate “ideal” biometric samples that are explicitly designed to satisfy automated checks on the first attempt. The result is a perverse inversion: genuine customers encounter friction and failure because reality is messy, while synthetic identities sail through because they were engineered to look perfect to a machine. Systems that hinge on one inflexible moment of verification end up punishing error instead of detecting intent.

Conditional Approvals as a New Default

A more resilient model treats onboarding as the start of risk assessment, not the finish line. Instead of demanding complete certainty upfront, organisations can issue conditional approvals: onboarding users with partial confidence and then introducing stronger verification only when the risk actually materialises or the regulations require it. This aligns with the risk-based approaches encouraged by regulators, such as FinCEN, which increasingly expect context-aware decisions rather than static checklists.

In practice, conditional approvals allow low-risk users to proceed with minimal friction, supported by strong, low-touch signals, such as digital footprint strength, device reputation and consistent behavioural patterns. Higher‑risk users are not blocked by default but are subject to stepped‑up checks when their actions justify it. When funds move, limits increase, sensitive data changes, or behaviour diverges sharply from their baseline. Identity stops being a one‑time gate and becomes an ongoing negotiation between trust, risk and user intent.

Fraud-Native IDV and the Always-On Journey

Fraud-native identity verification begins long before someone uploads an ID document or appears in front of a camera. From the first interaction — an email address, a phone number, a device fingerprint or an IP address — users emit hundreds of potential risk signals that can be evaluated passively and in real-time. These signals help distinguish between genuine newcomers and synthetic “sleepers” that pass initial checks only to go dormant and later orchestrate chargebacks, mule activity or bonus abuse at scale.

Modern platforms now capture and interpret real‑time signals across devices, networks and digital footprints, turning raw telemetry into risk scores that evolve with each session. In a fraud-native IDV flow, every subsequent touchpoint — such as login, device change, or high-value transaction — becomes another opportunity to validate that the person behind the account is still the same, still legitimate and still behaving like a human rather than a script or a coordinated fraud cell. Liveness biometric checks still play a role, but they are integrated as part of this larger context, rather than acting as a single point of failure.

Behavioural and Device Intelligence as Counter‑Biometrics

As biometric spoofing and hacking tactics mature, behavioural and device intelligence effectively become “counter‑biometrics”: traits that are far harder to fake at scale. Device fingerprinting can link sessions across browsers and apps, highlight emulators and virtual machines and expose tools commonly used in digital injection attacks. IP and network analytics can flag improbable locations, risky proxies and patterns that suggest botnets rather than individuals.

Behavioural biometrics, such as typing rhythm, navigation habits and interaction cadence, reveal how a user engages with an interface rather than just who they appear to be on camera. When combined with digital footprint strength — the age, consistency and credibility of emails, phones and domains — these signals create a multidimensional view of identity that deepfakes and synthetic accounts struggle to imitate over time. Instead of trying to out‑engineer every new spoofing technique at the sensor level, organisations can raise the bar by asking a more complex question: Does this pattern of life make sense?

Toward Adaptive, Multi‑Layer Identity

The path forward is not to abandon selfie biometrics but to demote them from “final word” to “first clue.” Biometric authentication is powerful when they contribute to a broader risk model that includes document checks, device intelligence, digital footprint analysis and ongoing monitoring. In this model, no single indicator has veto power; decisions emerge from how signals align or contradict one another across time.

Businesses that continue to rely on static, biometric‑first identity stacks will face mounting fraud losses, user drop‑off and regulatory pressure as deepfakes and synthetic identities become cheaper and more convincing. Organisations that adopt adaptive, multi‑layer verification — where friction is applied surgically based on live risk and identity is understood as a moving target — will be better positioned to grow safely in a world where fiction and reality share the same pixels.

In the end, the most critical question is no longer “Does this face look real?” but “Does this person’s story add up — and does it keep adding up every time they return?”

Newsletter

News

Products

Explore

Identity crisis

CISO view

Related News

Newsletter

News

Products

Explore