Liveness tests to verify ID: ‘Extremely Vulnerable’ to Deepfake Attacks

Automated “liveness tests” employed by banks and other institutions to verify users’ identities can be easily deceived by deepfakes, demonstrating a new report. Attackers can swap their faces for another.

Security firm Sensity, specializing in spotting attacks utilizing AI-generated faces, probed the exposure of identity tests provided by 10 top vendors.

Sensity used deepfakes to emulate a target face onto an ID card to be scanned and then copied that same look onto a video stream of a would-be attacker to pass vendors’ liveness tests.

Liveness tests typically ask someone to look into a camera on their phone or laptop, sometimes turning their head or smiling, to prove that they’re a natural person and compare their appearance to their ID using facial recognition. In the economic world, such checks are often termed KYC or “know your customer” tests and can form an element of a more exhaustive verification process that includes document and bill checks.

“We tested ten solutions, and we found that nine of them were exceptionally vulnerable to deepfake attacks,” Sensity’s chief operating officer, Francesco Cavalli, revealed.

“There’s a new generation of AI power that can pose serious dangers to companies,” states Cavalli. “Imagine what you can do with fake accounts constructed with these techniques. And no one can detect them.”

Sensity shared the identity of the enterprise vendors it tested with The Verge, but it requested that the names not be published for legal reasons. Cavalli says Sensity signed non-disclosure agreements with some of the vendors and, in other cases, fears it may have violated companies’ terms of service by testing their software in this way.

Cavalli also says he was disappointed by the reaction from vendors, who did not seem to consider the attacks significant. “We told them, ‘look, you’re vulnerable to this kind of attack,’ and they said ‘we do not care,'” he says. “We decided to publish it because we think the public should be aware of these threats at a corporate level and in general.”

The vendors Sensity tested sell these liveness checks to a range of clients, including banks, dating apps, and cryptocurrency startups. One vendor was even used to verify the identity of voters in a recent national election in Africa. (Though there’s no suggestion from Sensity’s report that deepfakes compromised this process.)

Cavalli says such deepfake identity spoofs are primarily a danger to the banking system where they can be used to facilitate fraud. “I can create an account; I can move illegal money into digital bank accounts of crypto wallets,” says Cavalli. “Or maybe I can ask for a mortgage because today online lending companies are competing with one another to issue loans as fast as possible.”

It is not the first time deepfakes have been identified as a danger to facial recognition systems. They’re primarily a threat when the attacker can hijack the video feed from a phone or camera, a relatively simple task. However, facial recognition systems that use depth sensors — like Apple’s Face ID — cannot be fooled by these attacks. This is because they verify identity-based on visual appearance and the physical shape of a person’s face.

The Samsung Galaxy S22 Ultra is a worthy Note successor in just about every way. With a built-in S Pen stylus, excellent camera system, improved portrait mode, and top-notch performance, it looks and acts like the $1,199 flagship.

Liveness tests can be configured to use these across-the-board protocols: HTTP, FTP, POP, POPS, HTTPS, DNS, SMTP, and SMTPS. You can also construct custom liveness tests by choosing a protocol like TCP or TCPS. In the simplest model, TCP/TCPS liveness testing succeeds if it can open a TCP connection on the specified port. For additional validation, you can send an optional Request String (including any applicable control characters, such as CR and LF, and look for a Response String. The Response string can occur in the first 8KB of the response. If the connection succeeds, but the response string doesn’t match, the liveness test fails, and the server is marked down.

Liveness testing is done by systems called liveness testing agents, also known as server monitors. GTM allocates a set of seven agents for each of your data centers. Servers in data centers are considered up if their liveness tests are deemed successful by a majority of the agents. The sets of liveness testing agents assigned to each of your data centers might overlap. Using multiple agents to conduct liveness tests minimizes the possibility of falsely declaring your data center down due to local network issues.