Know-Your-Customer (KYC) programs have long relied on visual checks of identity documents, selfies, and one-time passcodes (OTPs) sent to the user’s phone. 2024–2025 has seen an explosion of highly realistic deepfake video, voice-cloning, and AI-generated ID cards, placing those legacy controls under existential strain.
Between 2024 and 2025, attackers have begun leveraging generative AI to create synthetic identities, clone voices, and forge lifelike identification documents. Advanced “face puppets” now mimic real-time facial movements, enabling deepfake videos that can bypass basic liveness detection.
Cybercriminals are also exploiting OTP workflows through AI-driven social engineering tactics. Fraudsters increasingly trick victims into revealing OTPs or intercept them via SIM-swaps and VoIP farms, undermining the security of out-of-band authentication.
Worryingly, these attacks scale invisibly. One individual, using automation, can attempt hundreds of fraudulent KYC submissions across financial platforms simultaneously - far outpacing human review capacity.
|
Control |
Deepfake Weak-Point |
Resulting Risk |
|
ID-photo match (selfie) |
Face-swap video matches fake ID in real-time. |
Account opening in a false name. |
|
Basic liveness (blink / smile prompt) |
GANs generate responsive eye movement & lighting. |
Fraudster bypasses the “are you real?” check. |
|
SMS / e-mail OTP |
Victim socially engineered; SIM-swapped; or number acquired via VoIP farm. |
Funds or credentials diverted. |
Supervisory bodies including the European Banking Authority (EBA) and the U.S. Financial Crimes Enforcement Network (FinCEN) are now pushing financial institutions to adopt biometric and cryptographic identity verification methods. Static image comparisons and OTP-only flows are no longer considered sufficient for secure onboarding.
In response to this growing threat landscape, our company’s R&D and cybersecurity teams are actively developing next-generation measures to detect and prevent deepfake-enabled fraud. These include advanced biometric validation tools, cryptographic identity anchoring, and real-time anomaly detection systems designed specifically to counter synthetic identities and automated KYC attacks.
The deep-fake threat is real and growing. Without cryptographically anchored proof of identity, any KYC flow relying solely on selfies or OTPs is vulnerable to synthetic fraud.
These innovations are part of the DISRUPT program, co-funded by the Research and Innovation Foundation of Cyprus, supporting breakthrough technologies that strengthen the country’s position as a tech and fintech leader. Dynamic Works is proud to contribute to this mission by developing solutions that are built in Cyprus and designed to scale globally.
We use cookies to ensure the best possible experience as a guest in our site. Please configure your cookies settings before proceeding.
These cookies are strictly necessary to enable you to move about the website and to provide certain features you have requested. There is no need for consent for the use of such cookies.
Cookies that are used
| Cookie Name | Used By |
|---|---|
| CFID | System |
| CFTOKEN | System |
| JSESSIONID | System |
These cookies ensure that the website stores your choices (e.g. your user name, language and location) and offers enhanced and customized functions
Cookies that are used
| Cookie Name | Used By |
|---|---|
| _cflb | Cloudflare |
Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.
Cookies that are used
| Cookie Name | Used By |
|---|---|
| _ga | Google Analytics |
| _ga_S73XR2H4JT | Google Analytics |
| _gat | Google Analytics |
| _gid | Google Analytics |