Fake IDs are easier than ever to create and online identity fraud is increasing – but instead of worrying about fraudsters bypassing KYC and other checks, businesses can take advantage of more advanced AI fraud detection and layered identity verification solutions to keep themselves and their customers protected.
An underground online service called OnlyFake that sells identity documents it claims are generated by AI and “neural networks” created a buzz of headlines in early February after 404 Media published an investigation and tests of the service. The article said OnlyFake claims to generate hundreds of documents at once from Excel sheets and up to 20,000 a day. Media reports followed with claims and concerns that OnlyFake documents had been used to bypass KYC and AML checks at prominent crypto and finance platforms.
The news understandably caused a flurry of concern from businesses about the impact of quickly and easily-accessible document deepfakes on KYC checks and identity verification. But Onfido fraud experts checked out the service themselves and had some reassuring advice for businesses:
1: Use a provider with robust mobile SDK capabilities; don’t allow the uploading of media files
For one, the director of our Fraud Lab noted that the OnlyFake service provides photos of identity documents. That may get through verification requests for a document upload, but it would be harder to fool an IDV provider that asks for the real document to be held up to a mobile device’s camera. “Our mobile identity verification SDKs are trained to detect photos of photos,” he said.
And, he added, “If someone prints these renderings, like onto a card, they could try to use that, but even then they're extremely likely to miss security features or specialist document printing features because the printout is usually low quality.”
Whatever the source of a synthetic identity document, advanced verification technology is ready for it. “For document checks, it's business as usual for us,” said Onfido’s Senior Fraud Specialist. “Whether a document is AI-generated or made with Photoshop, the detection points remain the same. The difference with AI is the volume that can be created in a short amount of time. We continually revise our models to ensure we are looking for all the signs of fraud, regardless of how it's generated."
Despite the news buzz, synthetic identities aren't a new type of attack: we've been seeing and stopping them for a over a decade. The news today is about the scale, speed and cheapness of the creation services, but our protection technology remains ready and constantly updated.
2: Layer multiple identity verification checks
If an automatically-generated image of a fake document gets through your business’s KYC checks, you probably have an opportunity to improve your identity verification game. A document check is only one piece of the protection puzzle.
Biometric verification and liveness checks can ensure that there’s a real person there with a genuine ID that belongs to them. “The combination of layers protects you, not just one signal,” our Fraud Lab director said. “That makes services harder and harder to defraud, because fraudsters have to spoof multiple defense lines, not just one.”
And, fraud detection signals captured passively through an SDK provide yet another layer of checks, including Device Intelligence such as geolocation, IP address, Known Faces, or Repeat Attempts to flag suspicious actors.
AI-powered identity verification is continuously evolving – incorporating the kind of technology used for nefarious purposes like OnlyFake, with the Fraud Lab at the cutting edge of research and training fraud detection models on new and emerging fraud factors.
And on the topic of training the machines…
3: Find a provider who actually trains their fraud detection on… fraud samples
As head of the Fraud Lab, our fraud expert emphasizes the need for any competent fraud detection technologies to be trained on a wide set of fraud samples – beyond only genuine documents. “Providers need to train our machine learning (ML) models to recognize fraud, and for that it’s important to have balanced training datasets” – that is, a balance of genuine documents, along with samples of fake documents or specific attacks that models can learn from. “In addition to balance, the training dataset performs better with a large volume of samples.”
“With fraud being very diverse and usually low volume, it was necessary to create the Fraud Lab to support the scaling of our ML and close the data gap by generating our own fraud samples in order to get that better balance in our datasets – ultimately driving better products for our customers,” our expert said.
At Onfido, we feel confident in meeting the threat of services like OnlyFake that claim to use generative AI to create fake identity documents, because we do exactly that in-house, to continually train our fraud detection models on those kinds of attacks.
“A machine learning model needs around 3,000 fraud samples for effective detection. It used to be almost impossible to get those kind of quantities for new attacks in a short space of time,” according to our fraud expert. “Now, the Fraud Lab enables data analysis for fraud specialists to identify fraud patterns and emerging trends, while allowing us to create as many as 10,000 synthetic fraud samples in as little as 30 minutes, so we can train and benchmark our algorithms quickly and cost-effectively, to provide best-in-class fraud prevention,” said our Fraud Lab director.
To put it simply, the best way to fight these AI-generated fake documents is with strong AI-powered fraud detection.
“It's become an AI vs AI battleground, where only defensive AI that’s trained on the latest attack vectors at scale can keep up with the evolving threat landscape,” our Senior Fraud Specialist said.
That’s why our team advises businesses shopping for an IDV provider to ask:
- how providers test their product against fraud and new attacks
- how providers manage the lifecycle of ML models
- how they measure fraud performance
- what type of fraud data they have access to
- If they do use oversampling for their dataset, how?
If identity verification providers don’t have wide datasets of fraud samples, they only train their AI on genuine document samples. And the main thing fraudsters are trying to do is to look genuine. To recognize fraud similar to documents from sites like OnlyFake, the AI has to be trained on these kinds of fraud attacks.
Professionalized fraud needs professional solutions
It’s never been easier and cheaper to be a fraudster. With sites like OnlyFake and the ease of buying personal data and stolen identity documents on the dark web, the frequency and sophistication of attacks is increasing. Our annual Identity Fraud Report dives into research and trends, and showed an 31x increase in deepfakes and 18% rise in digital forgeries.
As of this writing, the OnlyFake site has gone down, saying it is doing maintenance and that they are “against any illegal use of images generated from our site. We are against fraud and harming other people. All generated images on the site are intended for legal use only.” But scrolling the history of their related Telegram channels shows the prevalence and maturity of the fraud business.
It’s a clear warning and impetus for businesses to make sure they have the most advanced and up-to-date identity verification technology to protect themselves and their customers.
The Onfido Real Identity Platform
Find the partner you need to protect against evolving fraud and AI-generated fake IDs with Onfido and our end-to-end AI-powered identity verification technology. The Real Identity Platform combines a comprehensive Verification Suite, intuitive orchestration capabilities, and automation powered by our award-winning Atlas™ AI.
Our Verification Suite lets you choose from and layer checks from a library of global verifications and signals to verify identities with minimum friction, catch sophisticated fraud attacks, while addressing compliance needs like KYC and AML requirements at scale.
Document verification is powered by Atlas AI – built on data from tens of millions of global document verifications, Atlas is composed of 10,000+ micro-models that detect specific fraud attack vectors with precision. Combined with our SmartCapture SDK, which uses multiple signals through a device capture to check genuineness of a document, Onfido’s document verification provides an advanced and constantly evolving defense against fraud.
Biometric verification adds an even more secure layer to ensure that an identity document belongs to the person presenting it. Atlas generates a score based on the similarity of the face and the photo ID, and runs liveness checks to identify photos of screens, 2D and 3D masks, and image upload manipulation. Onfido Motion is our liveness solution specifically designed to address the threat of deepfakes and synthetic identities with a simple head turn – it’s fully automated, providing results in 15 seconds or less and protects against both camera and network injection attacks.