Defeating Deepfakes: Securing the Lens and the Mobile Network

I was reading a recent piece in Infosecurity Magazine about biometric fraud, and it got me thinking about how quickly the identity verification industry has changed over the past few years.

For a long time, identity fraud followed a relatively familiar pattern. Criminals needed stolen credentials, compromised databases, intercepted SMS messages, or enough personal information to convince a business they were somebody else. The challenge for fraudsters was obtaining convincing evidence. The challenge for security teams was spotting the gaps.

Generative AI has fundamentally changed that equation.

Today, an attacker doesn’t necessarily need access to a victim’s personal data to create a convincing digital representation of them. Publicly available photographs, social media content, video clips and voice recordings can be combined with increasingly accessible AI tools to create realistic synthetic identities. The cost of producing a convincing impersonation continues to fall while the quality continues to improve.

That shift matters because much of the identity verification industry has traditionally relied on visual evidence. If someone can generate a face that appears genuine and behaves naturally on camera, many of the assumptions that underpinned earlier verification systems start to become less reliable.

My concern is that, as an industry, we risk focusing too heavily on the output rather than the source.

As AI-generated video becomes more convincing, the challenge is no longer simply determining whether a face looks real. In truth, we should stop treating perfect deepfakes as a hypothetical future problem. The trajectory of generative AI is clear: models are improving at a pace that consistently outstrips our ability to detect them through visual inspection alone. It is increasingly becoming a question of when, not if, synthetic video becomes effectively indistinguishable from genuine footage to both humans and traditional verification systems.

When that point arrives, analysing facial pixels for signs of manipulation will offer diminishing returns. The more important question becomes whether the image reaching the verification platform originated from a genuine physical device in the first place.

Why Deepfakes Are No Longer the Main Problem

Historically, discussions around biometric fraud focused on presentation attacks.

Most people are familiar with the concept. A fraudster holds up a printed photograph, displays an image on another screen, or attempts to use a mask to fool facial recognition software. The industry responded by developing increasingly sophisticated liveness detection techniques designed to identify these obvious forms of spoofing.

Interestingly, presentation attacks are not always about making someone appear older or impersonating another individual. In age assurance environments, there have been examples of younger users attempting to appear below a minimum age threshold by holding up crude drawings, stick figures or other non-human images to confuse verification systems and gain access to age-restricted spaces designed for younger audiences.

While the motivations differ, the underlying challenge remains the same: determining whether the system is interacting with a genuine person rather than a manipulated presentation.

Those protections remain important, but the threat has evolved.

Modern attackers increasingly target the software layer rather than the camera itself. Instead of attempting to fool a camera lens, they attempt to bypass it entirely.

This is where injection attacks become particularly concerning.

Rather than presenting a fake face to a physical device, an attacker inserts synthetic media directly into the verification workflow. From the perspective of the receiving system, the video appears to be a legitimate camera feed. There is no glare from a screen, no tell-tale signs of a photograph being held up, and no obvious artefacts associated with older spoofing techniques.

In many cases, the synthetic content has been specifically designed to satisfy the same liveness prompts that traditional verification systems rely upon. Blink, smile, turn your head, follow the dot on screen – modern AI systems can often replicate these actions convincingly.

That creates a significant challenge for any solution attempting to determine authenticity solely through visual analysis.

At some point, analysing pixels becomes an arms race.

Trusting the Camera, Not Just the Face

What I find particularly interesting about Yoti’s approach is that it shifts the conversation away from trying to identify increasingly convincing fakes and towards proving the authenticity of the capture process itself.

Rather than asking whether a face appears genuine, the focus becomes whether the image was captured by trusted hardware under controlled conditions.

This distinction is important.

If a fraudster can inject a synthetic video stream directly into an application, it matters little how advanced the facial analysis engine may be. The system is ultimately working with compromised input.

Yoti’s approach addresses that problem by establishing trust at the point of capture.

Their protections include the ability to detect virtual cameras and emulator environments commonly used to inject synthetic media. They also employ Secure Image Capture technology, using cryptographic techniques to establish that captured images originated from a genuine physical camera rather than manipulated software. Combined with extensive application hardening and code protection, the objective is to prevent attackers from gaining control of the capture process in the first place.

What I find compelling about this approach is that it recognises a simple reality: if you cannot trust the source of the image, it becomes increasingly difficult to trust any analysis performed on that image afterwards.

What the Camera Cannot Tell You

While securing the camera feed is a critical part of the solution, I would argue that it still only addresses part of the wider identity challenge.

Fraud prevention has a habit of exposing the limitations of single-point controls. Attackers naturally gravitate towards whichever component of a process is least protected.

That is why I continue to advocate for layered verification strategies.

One of the most underappreciated assets available during authentication is the mobile network itself.

Unlike software-generated identities, mobile network signals are rooted in infrastructure that fraudsters cannot easily manipulate. SIM ownership, network authentication events, number intelligence data and real-time device relationships provide a completely different set of indicators to those available through visual biometrics alone.

This is where the worlds of biometric verification and mobile intelligence begin to complement each other.

A secure camera feed can establish confidence that a real person is present and interacting with a trusted device. Mobile network intelligence can establish confidence that the device, SIM and subscriber relationship remain consistent with expected behaviour.

These are fundamentally different forms of evidence.

Importantly, they are also independent of one another.

An attacker who manages to compromise one layer still faces additional barriers presented by the other.

Combining Physical Presence with Network Truth

In my view, the strongest identity systems increasingly combine multiple sources of trust rather than relying on any single signal.

A secure capture layer can verify that images originate from genuine hardware rather than synthetic software streams.

Network intelligence can validate relationships between devices, SIM cards and subscriber information using authoritative data from mobile operators.

Authentication mechanisms such as Silent Network Authentication can further strengthen assurance by leveraging the inherent trust already established between a mobile device and the network itself.

The result is not simply a stronger security posture. It also creates opportunities to reduce friction for legitimate users.

Too often, security and user experience are presented as opposing objectives. In reality, the most effective identity systems are usually those that make intelligent use of background signals so customers can complete journeys without unnecessary interruptions.

Winning the Trust Battle, Not the Detection Race

The industry sometimes falls into the trap of searching for a definitive answer to identity fraud.

History suggests there isn’t one.

Every major advance in fraud prevention eventually triggers a response from attackers. Deepfakes are simply the latest example. The objective is not to find a technology that can never be bypassed. The objective is to make attacks increasingly difficult, increasingly expensive and increasingly impractical.

That requires moving beyond isolated controls and thinking more broadly about trust.

Securing the camera feed is becoming essential in a world where synthetic media is readily available. Equally, establishing trust through independent signals such as mobile network intelligence provides an additional layer of assurance that visual analysis alone cannot deliver.

The organisations that succeed against the next generation of identity fraud will not be those relying on a single source of truth. They will be those capable of combining trusted signals from multiple layers of the authentication journey and using them together to create a more complete picture of identity.

Deepfakes may continue to improve. The good news is that trust does not need to depend on pixels alone.