Southeast Asia (SEA) has become a showcase for digital transformation and artificial intelligence (AI) adoption, but it is also emerging as a testing ground for cybercriminals using increasingly sophisticated identity fraud techniques.
Facial biometric verification and authentication solutions company iProov cited publicly available data showing identity fraud surged by as much as 700% in some quarters of 2025, highlighting what it described as a major turning point in the threat landscape.
“That tells you we have reached an inflection point for fraud activities,” Dominic Forrest, chief technology officer of iProov, told Back End News in an email interview.
The surge of deepfakes is making the situation more concerning as more organizations rely on selfie-based identity verification during digital onboarding.
“Identity can no longer be treated as a one-time verification checkpoint because it is now a continuous risk signal that must be validated throughout the entire customer lifecycle, particularly in digital-first environments where onboarding friction is intentionally low,” Forrest said.
According to iProov, cybercriminals are increasingly exploiting advances in generative AI to bypass traditional identity verification systems. AI-generated videos can now replicate facial expressions, movements, and subtle head motions closely enough to defeat basic liveness checks commonly used by banks, fintech firms, and online platforms.
“Many of these systems were originally designed to confirm the presence of a real person, but advances in generative AI are now challenging the reliability of those checks,” Forrest said.
Injection attacks are also becoming a major concern. These attacks involve fraudsters feeding synthetic or pre-recorded video streams directly into identity verification systems instead of presenting themselves through a live camera feed.
On iOS devices alone, injection attacks increased by 1,151%, contributing to an overall year-on-year rise of 741%, according to iProov.
“What makes injection attacks so effective is that they remove the physical environment from the equation entirely,” Forrest said.
Forrest noted that attackers are no longer relying solely on fake documents or stolen credentials. Fraudsters are increasingly combining stolen government IDs, selfies, names, and personal information to create synthetic identities capable of passing automated verification checks.
In some cases, genuine information is mixed with fabricated details, allowing attackers to avoid detection while appearing legitimate enough to gain access to services.
Forrest described the trend as a shift from opportunistic fraud to industrialized identity exploitation, driven by automation that allows criminals to generate and test thousands of identity variations until they successfully bypass security controls.
In the Philippines, banks, e-wallet providers, fintech firms, and government platforms are among the sectors most exposed to these threats because of their emphasis on fast and convenient digital access.
“Once a credential is compromised, it can potentially unlock access to multiple services,” Forrest said. “We are also seeing AI-generated impersonations of public officials being used to deceive citizens at scale.”
The threat is also expanding beyond account opening and onboarding. Deepfakes are increasingly appearing in video calls, customer support interactions, approval workflows, and internal communications, transforming identity fraud from a one-time verification challenge into a continuous operational risk.
To counter these attacks, Forrest recommends adopting additional security layers such as behavioral analytics, device intelligence, and advanced liveness detection. The firm also urged organizations to move toward continuous identity verification and real-time threat detection.
“Coordinated identity attacks can now unfold in minutes or less, while many institutions still require hours or longer to detect and respond,” Forrest said.
Identity-based attacks are no longer limited to account sign-ups or onboarding checks. Deepfakes and synthetic identities are now appearing in everyday business processes such as video calls, customer support chats, approval workflows, and even internal company communications.
This means identity fraud is no longer a one-time problem solved at login or registration. Instead, it has become an ongoing risk that can follow a user throughout their entire interaction with a digital service.
Experts say traditional facial verification alone is no longer enough. They point to newer layers of protection such as behavioral signals, device checks, and advanced liveness detection. These tools look beyond a face scan and analyze how a person behaves on a platform, what device they are using, and whether their activity patterns are consistent over time.
By combining these signals, organizations can better detect when an account or interaction may be fake, even if it passes a basic selfie or ID check.
The speed of these attacks has also changed with artificial intelligence tools, Forrest noted. Fraudsters can now automate large-scale attacks that test many identity variations at once, quickly refining them until one gets through.
As a result, some identity attacks can now unfold in minutes or even seconds.
This creates a major gap with many organizations, which still rely on slower methods such as manual review, rule-based fraud systems, or post-incident analysis. These processes can take hours or even days, giving attackers enough time to use stolen or fake identities before they are detected.
At the same time, the cost of launching these attacks has dropped significantly. Generative AI tools now allow criminals to create deepfakes, fake voices, and synthetic identities using widely available software.
What once required advanced technical skills and expensive infrastructure can now be done for a few hundred to a few thousand dollars, often using ready-made “crime-as-a-service” tools.
This shift has turned identity fraud from small, high-cost operations into large-scale, low-cost campaigns that can be repeated across many platforms.
Another challenge is that fraud networks often operate across multiple countries, while law enforcement and regulations remain mostly national. This slows down coordination, information sharing, and investigations, which criminals can take advantage of.
In Southeast Asia, deepfakes and synthetic identity attacks are increasingly part of a connected fraud ecosystem that crosses borders and digital platforms. While there are early signs of stronger cooperation in countries like the Philippines, regional coordination is still limited.
Experts also point out a common misunderstanding among organizations: that identity verification is a one-time step.
Many systems still rely on initial checks such as OTPs, ID uploads, or selfie verification during onboarding. Once users pass these checks, they are often trusted for all future actions.
However, modern fraud techniques allow attackers to bypass these entry points and stay active across multiple stages, including transactions, account recovery, and high-risk changes.
Because of this, identity is increasingly being treated as something that must be checked continuously, not just once. Organizations are now combining multiple signals such as behavior patterns, device information, and real-time risk scoring to monitor trust throughout the entire user journey.
This shift reflects a move away from static checks toward continuous, adaptive identity protection that can respond to threats as they happen.
You must be logged in to post a comment.