This article was originally published by OnBoard by MVSI as part of its research series focusing on emerging fraud risks in digital merchant onboarding.
Facial recognition has rapidly become a default layer in digital onboarding, particularly for organizations under pressure to verify identity quickly without adding friction. Research shows that 72% of global consumers prefer facial verification for secure online transactions, reinforcing why biometric checks are now widely adopted across regulated industries.
However, as adoption accelerates, so do the risks. In B2B and merchant onboarding, where financial exposure and regulatory accountability are significantly higher, relying on facial recognition alone creates material security gaps.
Deepfake attempts are now occurring every five minutes, while digital document forgery has increased 244% year-on-year. These trends highlight how quickly fraud techniques are evolving beyond traditional biometric defenses.
The consequences are already being felt. Identity fraud costs businesses an average of $7 million each year, with attackers exploiting weak points in biometric and verification workflows. Fraudsters are adapting faster than the technology itself, using deepfakes, spoofing, and injection attacks to bypass biometric checks entirely.
For risk and compliance teams, the message is clear: traditional facial recognition alone is no longer enough to protect onboarding from sophisticated, AI-driven fraud.
Key Insights for Risk and Compliance Teams
The sophistication of fraud attacks targeting facial verification has reached unprecedented levels. Here’s what businesses need to know:
- Deepfake technology and AI-driven face-swapping attacks jumped 704% between H1 and H2 2023, making traditional facial recognition increasingly vulnerable.
- Fraudsters now combine presentation attacks—like masks and photos—with digital injection attacks to systematically bypass verification systems.
- Liveness detection helps detect fraud by confirming real users, but true onboarding security requires layered defense with monitoring, compliance, and additional due diligence checks.
- Comprehensive anti-fraud onboarding solutions must address both physical spoofing and digital bypass techniques.
Understanding Deepfake Fraud in Digital Onboarding
Deepfakes are synthetic media generated using artificial intelligence and machine learning models, particularly Generative Adversarial Networks. Fraudsters use these tools to produce highly realistic videos, images, and audio that mimic real people with near-perfect accuracy.
During merchant onboarding, traditional manual verification workflows often fail to catch deepfakes. Human reviewers cannot reliably spot the tiny details that give away AI-generated media, such as unnatural facial movements or altered textures. This makes it easier for fraudsters to slip through identity checks and open the door to onboarding fraud.
The numbers tell the story. AI-driven crimes are surging, with face-swap attacks increasing 704% in just six months. Real-time fraud is quickly becoming the norm, and fraudsters are capitalizing on it to infiltrate organizations more easily than ever before.
Deepfake onboarding fraud creates serious risks for businesses verifying merchant or business identities remotely. Financial institutions, payment processors, and other regulated sectors face mounting pressure as criminals exploit weaknesses in digital KYC and KYB processes. Using deep-fake technology, bad actors impersonate legitimate customers, open fraudulent accounts, and conduct unauthorized transactions—all while appearing to pass standard facial verification checks.
Beyond face-swapping, fraudsters employ various spoofing techniques during onboarding. These methods range from simple printed photos to sophisticated 3D-printed masks. Some attackers use pre-recorded videos to simulate live presence, while others manipulate their appearance using digital filters and virtual camera software. Each tactic targets different gaps in the verification process, which makes strong anti-spoofing measures essential for risk teams to stay ahead.
How Fraudsters Bypass Facial Recognition Controls
While deepfakes represent a growing threat, fraudsters use numerous other methods to bypass facial recognition during onboarding.
Injection attacks occur when fraudsters feed fabricated biometric data directly into an application or API, rather than using a genuine camera feed. These attacks bypass liveness detection by manipulating the data stream before it reaches the verification system. Attackers use tools such as virtual camera software, modified app modules, or intercepted data streams to make fake inputs look authentic.
These attacks succeed most often when onboarding platforms lack endpoint protection, source validation, or device integrity checks. Strong defenses combine biometric protections with additional data sources, including credit checks, watchlist screenings, and official third-party records such as government registers. This layered approach gives risk teams greater confidence in verifying identities and stopping synthetic fraud.
Relay attacks present another challenge. Here, a real person performs the required liveness actions, but the interaction is relayed remotely from a different location to trick the biometric system. A fraudster might socially engineer a victim into a video call and secretly route that video to the liveness check.
The danger of relay attacks is that they show how easily facial recognition can be misused when it is the only safeguard in place. Compliance teams may see a genuine user completing the checks, yet it is actually approving a fraudster operating from elsewhere. For merchant onboarding, this creates a direct route to fraudulent account creation, account takeover, and regulatory breaches. This highlights why facial recognition alone is not enough, and why risk teams must rely on real-time fraud detection and multiple data sources, such as credit checks, watchlist screenings, and government registers, to verify identities with confidence.
App repackaging and virtual cameras allow fraudsters to modify legitimate applications, inserting tools that manipulate video streams before they reach verification systems. Virtual camera applications replace real camera feeds with pre-recorded videos or digitally altered content, effectively presenting a deepfake while appearing to use the device’s actual camera.
Facial recognition systems are only as reliable as their weakest link. Each layer needs to be secured to prevent spoofing, relay attacks, or tampering.
Why Modern Onboarding Requires More Than Facial Biometrics
Liveness detection is a useful starting point in stopping fraud, but on its own it is still not enough. Deepfakes, relay attacks, injection attacks, and app tampering all show how facial recognition can be bypassed if it is the only line of defense.
This is why businesses need onboarding strategies that extend beyond facial biometrics. The most effective solutions combine liveness detection and facial recognition with automated AML and compliance checks. With automated workflows and configurable rules, digital onboarding processes can merge identity verification, credit and risk checks, sanctions screening, and official registry data into a single seamless flow. This ensures that every applicant is screened consistently, without relying on manual reviews on facial recognition alone.
Automated underwriting and credit risk scoring further safeguard merchant onboarding from fraud. Applications can be evaluated in real time using configurable rules that automatically approve or reject based on defined risk thresholds. Low-risk applicants move through quickly and securely, while only anomalies or potential fraud cases are routed to fraud, risk, or compliance teams for review — a true management-by-exception approach that improves both speed and accuracy.
By using multi-layer defence strategies that bring together liveness detection, automated compliance, and real-time risk scoring, businesses can overcome the weaknesses of relying on facial recognition alone. This layered approach provides stronger protection against fraud and ensures more secure merchant onboarding.
AI-driven tools are increasingly becoming an essential part of this layered defence model. Solutions such as OnBoard AIQ enhance onboarding security by analyzing multiple data points in real time, including submitted documents, behavioral patterns, and digital footprints. Instead of relying solely on biometric checks, the system evaluates the broader context of each application to identify inconsistencies or unusual activity that may indicate potential fraud.
Strengthening Onboarding Defenses Against Biometric Fraud
Implementing comprehensive anti-fraud onboarding requires careful attention to security protocols. Critical questions include: Does the solution employ end-to-end encryption? Have independent audits proven resilience against spoofing?
Fraud prevention is not a single event but a constant battle. Real-time monitoring of user behavior and unusual anomalies helps risk teams spot attacks in progress and act before serious damage is done.
Portfolio monitoring and ongoing compliance screening within comprehensive onboarding solutions provide additional layers of protection, detecting anomalies and emerging risks before they escalate. Combined with automated due diligence and AML verification tools, businesses can create defence-in-depth strategies that safeguard every stage of the customer lifecycle.
