How Fraudsters Bypass Facial Recognition and Stay Hidden in 2026

Since the dawn of facial biometric verification, fraudsters have been looking for ways to bypass facial verification—from simple paper masks to sophisticated deepfake technology. 

Sumsub's Q1 2025 fraud trends research found that synthetic identity document fraud in North America rose by 311% year over year, while deepfake fraud surged by 1,100%. The sharp increase highlights how fraudsters are increasingly using AI-generated documents, faces, and biometric data to evade identity verification systems. Synthetic media is rapidly becoming a weapon of choice for fraudsters targeting financial institutions.

The misuse of deepfake technology extends far beyond financial scams. In 2025, the FBI warned that North Korean IT workers were using false identities to obtain work at US companies to raise funds for the sanctioned regime. There is growing evidence that these fraudsters are using real-time deepfake technology in remote job interviews, enabling impostors to animate stolen, purchased, or synthetic identities with AI-generated video and audio during virtual interviews and onboarding.

This article explores how fraudsters bypass biometric face recognition systems and what companies can do to verify that the person on screen is real, present, and legitimately linked to the identity being verified.

How facial recognition works

Biometric facial recognition is a technology that identifies or verifies individuals by analyzing their facial features. It works by mapping key biometric markers in a selfie or short video, such as the distance between the eyes or face shape, and comparing them with a stored facial template.

Facial recognition vs facial verification

There is, however, a distinction between facial recognition and facial verification. Facial recognition typically scans faces in public or private databases to identify individuals. 

In contrast, facial verification confirms a person’s identity by matching a real-time image against a specific record, such as the face on an ID document.

Is biometric face recognition safe?

Face biometrics help protect both businesses and the general public from deception, but without robust anti-fraud mechanisms like liveness detection, some systems can be fooled by spoofed images, pre-recorded videos, or AI-generated synthetic faces. This is why strong systems do not rely on face matching alone. They also check whether the person is physically present, whether the image or video has been manipulated, whether the device looks suspicious, and whether the identity data matches other risk signals.

The goal is not only to check that two faces look alike, but to confirm that the person is real, present, and not using manipulated media or a compromised device. This, as well as privacy obligations, makes it critical for businesses to understand how their biometric facial recognition systems work and what their vulnerabilities are. 

Where face recognition is used today

Facial verification is widely used in onboarding, account access, AML/KYC checks, and fraud prevention across industries such as banking, fintech, crypto, and iGaming. 

As adoption has grown, so has the incentive for criminals to find ways around these controls. Rather than attacking the underlying biometric algorithms, many fraudsters focus on deceiving the verification process itself—using fake faces, manipulated media, or compromised devices to appear legitimate.

Broadly speaking, these attacks fall into two categories: 

1. Presentation attacks, which attempt to fool the camera with fraudulent visual inputs
2. System-level attacks, which target the way biometric data is captured or transmitted

Method 1: Presentation attacks (spoofing facial biometrics)

Presentation attacks, also known as face spoofing, happen when fraudsters present fraudulent facial evidence to bypass biometric authentication. Instead of attacking the back-end infrastructure, they try to fool the verification technology with something that looks like a real person’s face.

This is where anti-spoofing measures become essential. Strong biometric systems need to detect not only whether a face matches an identity document or account record, but also whether the face belongs to a real person and has not been copied, artificially generated, or physically disguised.

Here’s how fraudsters try to cheat facial recognition systems.

Using stolen pictures and photos

In the era of social media, fraudsters can obtain almost anyone’s picture and use it to try to fool facial verification. If facial biometric technology does not analyze certain characteristics of an image like depth, movement, texture, or other signs of liveness, fraudsters can sometimes get away with using social media images to bypass very basic verification systems.

Fraudsters can also use a similar method to gain access to people’s bank accounts. For example, back in 2023, a 34-year-old thief in Brazil even managed to get access to several accounts and apply for loans by placing customer photos over a dummy. 

Using a pre-recorded video

Some systems ask users to blink, smile, turn their head, or follow on-screen instructions. This can make attacks harder for bad actors to carry out, but it does not automatically stop fraud. Fraudsters may use pre-recorded videos of a real person or manipulate existing footage to imitate the required actions to complete verification.

A deepfake video can be used to copy someone’s face, reproduce expressions, or make it appear as if the person is completing a live verification check. If the system cannot tell whether the video is being captured live through a trusted camera, it may mistake replayed or manipulated footage for a genuine user.

Using silicone masks

Fraudsters may also use hyperrealistic masks to impersonate another person, hide their own identity, or confuse a basic facial recognition system.

From 2015 to 2017, fraudsters used a custom silicone mask and a staged office to impersonate the then French Defense Minister Jean-Yves Le Drian over Skype, defrauding heads of state, wealthy individuals, and charities under the pretext of needing funds to pay ransoms for French hostages held by Islamist groups in the Middle East. Court filings and major reporting place victims' losses at approximately €55-80 million.

In China, the criminal use of lifelike silicone masks has long raised concerns about identity theft. Hyper-realistic masks, readily available on local e-marketplaces, are being marketed with claims they can fool facial recognition systems, enabling users to impersonate others in high-security or workplace environments.

In December 2025, Chinese media reported that staff at a neighborhood committee in Wenzhou had been caught using printed paper masks of colleagues to bypass a facial-recognition clock-in system.

However, strong biometric systems do not rely on appearance alone. Advanced liveness and anti-spoofing checks can analyze whether the system is seeing real skin, natural facial movement, depth, blood-flow cues, and other signals that are practically impossible for a mask to reproduce. For this reason, fraudsters are turning to AI-driven tools for more sophisticated deception.

AI-enabled presentation attacks

AI has changed the scale, speed, and quality of biometric fraud. Fraudsters no longer need advanced technical skills, expensive equipment, or a real person’s cooperation to create convincing fake identity materials. With widely available AI tools, they can generate faces, alter videos, clone voices, and build more believable fake profiles.

How deepfakes are used to bypass biometrics

Deepfakes are now cheap, fast, and dangerously effective, allowing scammers to manipulate existing video using AI. One common attack is face swapping a victim’s photo onto a video that mimics liveness cues like blinking and nodding.

In May 2025, Vietnamese authorities dismantled a 14‑person criminal ring that allegedly laundered VND 1 trillion (about US $38.4 million) by deploying AI-generated face biometrics to bypass facial recognition systems at banks. 

Since just about anyone can create a deepfake at little to no cost with free generators, in theory, it’s easy to face-swap someone to gain access to their account. However, efficient deepfake detection technology can recognize deepfakes by analyzing artifacts in the provided image and help prevent fraud.

How AI-generated synthetic faces are used to bypass biometrics

Fraudsters can also use AI to create faces that do not belong to a real person. These synthetic faces may be paired with fake documents, stolen personal details, or fabricated account histories to create a convincing false identity.

This is closely linked to synthetic identity fraud, where criminals combine real and fake information to build an identity that can pass onboarding checks. For example, a fraudster may use a real national ID number with a fake name, a manipulated document, and an AI-generated face. If the system checks each element in isolation, the identity may appear plausible.

Synthetic faces can be hard to flag, especially if paired with fake documents. The danger is that these identities can look consistent at first glance. A synthetic face may not match any known victim because the person does not really exist. If the document, selfie, device, and account data are checked separately, the identity may appear plausible enough to pass weak onboarding controls.

Multimodal attacks

AI-driven fraud is becoming more multimodal, meaning criminals can combine several types of synthetic or manipulated content in one attack. A fraud attempt may include a fake face, a forged or altered document, a cloned voice, a manipulated video feed, and stolen personal data.

A fraudster may use an AI-generated face for onboarding, a deepfake video for liveness, a forged ID for KYC, and a cloned voice for customer support calls. Each element supports the others, making the overall identity appear more convincing.

Method 2: System-level attacks

Not all biometric attacks involve showing a fraudulent face to the camera. Some fraudsters try to bypass facial recognition by attacking the verification flow itself. These are system-level attacks, where criminals manipulate how biometric data is captured, transmitted, or submitted to the platform.

If attackers can interfere with the camera feed or redirect a biometric authentication session, they may be able to make a fake user look legitimate without physically presenting a spoof to the device.

Injection attacks explained

Injection attacks bypass liveness detection by feeding fake biometric data directly into a verification system, like an app or API, rather than using the camera. Fraudsters can hijack a camera stream with synthetic or pre-recorded footage, tamper with the app using emulators or rooted devices, or manipulate an API by sending generated or replayed biometric data. 

These attacks often succeed when systems lack strong endpoint security or client integrity checks. To defend against them, advanced liveness solutions implement secure enclaves, anti-tampering SDKs, and encrypted pipelines that help verify the integrity of both the device and the data.

Relay attacks explained

Relay attacks occur when a real person performs the required liveness actions, but the interaction is relayed remotely from a different location to trick the biometric authentication system. For instance, a fraudster might socially engineer a victim into a video call and secretly route that video to the liveness check. 

These attacks are particularly effective against systems that don’t validate the origin of the camera input or track geolocation. Robust defenses against relay fraud include session validation, IP and device fingerprinting, geofencing, and behavioral or contextual analysis to assess with confidence whether the user is both live and in the expected location.

Liveness systems are not equally vulnerable, nor are they equally strong. Liveness systems are only as reliable as their weakest link: typically, the user’s device, the transmission layer, or the backend server. Each layer must be secured to prevent spoofing, relay attacks, or tampering.

Real-world examples of AI-driven identity fraud

Recent cases show how fraudsters are using AI to exploit trust in faces, voices, and facial recognition technology. In Singapore, police released footage of a deepfake Zoom scam in which criminals impersonated Prime Minister Lawrence Wong and other senior officials during a fabricated video conference. One victim was persuaded to transfer at least SGD 4.9 million (approx. USD 3.8 million) after believing he was providing urgent government funding assistance.

Deepfakes of public figures are commonly used in scams. In Indonesia, scammers used deepfake videos of President Prabowo Subianto to promote fake aid schemes, with victims asked to pay “administrative fees” for support that never arrived.

According to a US State Department cable first reported by The Washington Post in July 2025, an unknown actor used AI-generated voice and text messages to impersonate US Secretary of State Marco Rubio, contacting three foreign ministers, a US governor and a US member of Congress via Signal, in what the cable described as an attempt to gain access to information or accounts.

Financial institutions are also facing direct attacks on biometric verification. MIT Technology Review reported in April 2026 that illicit tools available on Telegram are being used to bypass KYC facial scans used by banks and crypto exchanges, including through virtual cameras.

Together, these cases show that biometric fraud is no longer limited to fake selfies. Fraudsters are combining deepfakes, altered documents, synthetic media, stolen data, and weak verification flows to make false identities appear real.

Compliance and biometric data security

Facial recognition strengthens identity checks, but by nature, it involves sensitive biometric information. This makes biometric data security essential for regulatory compliance.

In many jurisdictions, biometric data receives special protection when it is used to uniquely identify a person. Under the EU GDPR and UK GDPR, biometric data processed for the purpose of uniquely identifying a natural person is treated as special-category data under Article 9. Organizations must identify both an Article 6 lawful basis and an applicable Article 9(2) condition (for example, explicit consent or substantial public interest under domestic law), and apply appropriate technical and organizational safeguards before processing it.

Security and privacy controls should be built into the verification flow from the start. Key safeguards include:

• collecting only the data needed for the identity check
• clearly explaining how biometric data will be used
• protecting biometric templates and verification results with strong encryption
• limiting access to biometric records
• setting clear retention periods
• monitoring for unauthorized access, tampering, and misuse

Presentation attack detection should also be tested against recognized standards. ISO/IEC 30107-3:2023 is the international standard for testing and reporting the performance of biometric presentation attack detection mechanisms.

Strong biometric data security means protecting the user’s biometric information throughout its lifecycle, from capture and processing to storage, audit, deletion, and fraud monitoring.

How liveness detection prevents fraud

Liveness detection checks whether the face shown during verification belongs to a real person who is physically present, not a photo, mask, replayed video, deepfake, or manipulated camera feed. Face matching alone only confirms that two faces look similar; it does not prove the user is live.

Face liveness detection helps businesses spot spoofing attempts during onboarding, login, account recovery, and other high-risk actions. For a full breakdown of how it works, see our dedicated Liveness guide and Liveness product page.

Yet, liveness alone can't stop sophisticated fraud. Effective fraud prevention relies on a multi-layered approach that combines liveness detection with device and session integrity checks, document verification, behavioral and risk signals, and, where appropriate, human review. While liveness is only one layer of defense, it plays a critical role in determining whether a person is genuinely present during a verification session. To understand why, let's look at the signals modern liveness systems analyze.

Signs of life, biometric systems analyze

Different liveness systems look for different signals, and the strongest ones combine several at once. Common categories include:

• Micro-movements: involuntary facial motions that are extremely difficult to fake, such as subtle eye saccades, pupil dilation in response to light changes, and the small asymmetries in natural blinking patterns.
• Skin and texture analysis: examining pore structure, sub-surface light scattering, and the way skin reflects light at different angles. Masks, screens, and printed photos reflect light in distinctly different ways from human skin.
• Depth and 3D structure: confirming that the face has genuine three-dimensional geometry rather than the flat profile of a photo or screen. Some systems use structured light or stereo cameras; others infer depth from how shadows and highlights shift during a session.
• Physiological signals: detecting blood-flow patterns through remote photoplethysmography (rPPG), which picks up the tiny color changes in skin caused by the heartbeat. Static images and most deepfakes don't reproduce this signal correctly.
• Camera and environmental consistency: checking whether the lighting, focus behavior, and image noise are consistent with a real camera capturing a real scene, rather than a video being played back to the camera or injected into the session.
• Frequency-domain artifacts: examining whether the image contains the compression patterns, sensor noise, and frequency signatures expected from a genuine camera feed, or whether it shows traces of generative AI synthesis or video re-encoding.

The strongest liveness systems don't rely on any single signal. Each technique has a known failure mode: depth checks can sometimes be fooled by high-quality 3D masks, rPPG can be approximated in advanced deepfakes, and texture analysis can struggle in poor lighting. Layering multiple signals significantly increases the cost of an attack, because the fraudster must defeat all of them simultaneously in a single session.

Suggested read: Liveness Detection: A Complete Guide for Fraud Prevention and Compliance

Tips on choosing hacker-resistant liveness

A comprehensive liveness check should detect common spoofing methods without making verification difficult for genuine users. Businesses should look for technology that can handle photos, video replays, masks, deepfakes, synthetic faces, and injection attacks.

Passive and active liveness detection are both useful for digital onboarding.

Active vs passive liveness detection

Active liveness detection asks users to perform an action, such as blinking, smiling, or turning their head. Passive liveness detection works in the background while the user takes a selfie or short video. Active checks may add friction, while passive checks may be more user-friendly.

How to test a liveness solution

A liveness solution should be tested against realistic attack types, including printed photos, replayed videos, masks, deepfakes, and camera injection. Presentation attack detection testing, including checks aligned with ISO/IEC 30107-3, can help businesses assess how well a system detects spoofing attempts.

Detect deepfakes instantly

Spot up to 99.95% of deepfakes on the first try with reliable Liveness & Deepfake Detection technology

Find out more

However, liveness alone doesn't prevent all fraud. Businesses should not rely on face matching or liveness detection in isolation. Effective fraud prevention relies on a multi-layered approach that combines liveness detection, deepfake detection, device and session integrity checks, document verification, behavioral and risk signals, and, where appropriate, human review.

FAQ on facial recognition fraud

• How does facial recognition work, step by step?

  Facial recognition captures a face image or video, detects the face, maps key facial features, creates a biometric template, and compares that template with a trusted image or record. In onboarding, this usually means comparing an image or video uploaded by the user with the photo on their identity document.

• Can deepfakes fool face recognition systems?

  Yes, deepfakes can fool weak face recognition systems, especially if they only compare facial similarity and do not check whether the media is real, live, and unaltered. Strong systems use deepfake detection, liveness detection, device checks, and other fraud signals to spot manipulated videos or synthetic faces.

• Is facial recognition safe for identity verification?

  Facial recognition can support identity verification more robustly when combined with liveness detection, document verification, encryption, secure data handling, and ongoing fraud monitoring.

• How does liveness detection work?

  Liveness detection verifies that the face in a selfie or video belongs to a real person physically present during the verification session. It may analyze signals such as movement, depth, skin texture, lighting, image consistency, and camera behavior to detect photos, masks, replayed videos, deepfakes, or injected media.

• What is biometric verification?

  Biometric verification is the process of confirming a person’s identity using a unique physical or behavioral trait, such as their face or fingerprint. In facial verification, the system compares a live selfie or video with a trusted image, such as the photo on an identity document.