Socure releases inaugural Document and Biometric Identity Fraud Report

A press release from Socure announces the publication of its inaugural Document and Biometric Identity Fraud Report, which examines the rampant use of fake government-issued IDs and new tactics such as AI and deepfake tools being used to fool legacy identity verification. The report is based on assessment of document verification-related account openings across a variety of industries including online gaming, marketplaces, and credit systems.

Socure’s findings say the most prevalent fraud signal it detected is document image-of-image, or document presentation attack – “when the user takes a photograph or uses a screenshot image of the ID, rather than getting a live capture of the document.” This occurred in 63 of all rejected IDs, although not all were initiated with malicious intent.

The digital identity verification company “observed a high prevalence of forged IDs containing document headshot tampering, where the face on the document has been purposefully manipulated to be inauthentic.” Twenty percent of fraudulent verifications involved selfie spoofing, “when a user takes a picture of another image rather than simply taking a live selfie of themselves.” Selfie spoofing, which public social media profile photos make easy to achieve, is almost always malicious.

Fraud surrounding IDs accounted for 70 percent of all fraudulent verifications evaluated by Socure’s document verification tool.

“A perfect storm exists today in which the digital economy and social media have provided exponentially more opportunity for fraudsters to carry out identification document fraud,” says Eric Levine, SVP and head of document verification at Socure. “From car rentals, to liquor deliveries to accessing government benefits, verifying identities has become an integral part of our economy and it’s crucial that we prevent deep fakes, fake IDs, and stolen and fabricated identities from entering the digital ecosystem. This will require us to fight AI with AI using a multi-layered security approach that combines document verification, biometrics analysis and auxiliary signals to detect the most advanced ID fraud attempts of today and tomorrow.”

AI spoofs and deepfakes driving rise in biometric fraud

Meanwhile, biometric-related fraud “made up 30 percent of all fraudulent captures we saw, which was evenly split between selfie spoofing and impersonations, and a mismatch between the headshot on the ID and the selfie.” Socure expects the upward trend of selfie and biometric fraud to continue, as cheap and easy to find AI and deepfake tools lower the threshold of access for fraudsters.

In a sad but not surprising statistic, 49 percent of all selfie spoofing attacks were found to target users 50 and above. “As this age group makes up less than 13 percent of the document verification volume Socure evaluated,” it says, “we believe older demographics are likely targets for both identity and synthetic identity fraud schemes.” Not only do they tend to be less savvy about the latest technology, making their personal information vulnerable – they also tend to have relatively high net worth, making the risk-to-reward ratio appealing to fraudsters in search of an easy payday.

State-by-state, Idaho and New Hampshire rank as the top two states with the highest verification rejection rates, indicating high document fraud. Furthermore, when the location of a device used to create a new account and the state on their submitted ID documents don’t match, there is nearly twice the rate of fraud. Florida, Texas and Georgia were the top three state IDs with the highest volume of out-of-state verifications.

The full document is available for free download here.

Article Topics

biometrics  |  digital identity  |  document verification  |  fraud prevention  |  identity verification  |  presentation attack detection  |  selfie biometrics  |  Socure