How to secure digital trust amid deepfakes and AI

By Jason Oeltjen, Vice President of Product Management, Ping Identity

A recent phishing scam involving an AI-generated video of YouTube’s CEO serves as a stark reminder of the increasing dangers posed by this technology. In this attack, cybercriminals used generative AI to create a convincing fake video,  falsely announcing changes to YouTube’s monetization policies and deceiving users into revealing sensitive information.

This incident underscores a troubling reality: seeing is no longer believing. Deepfakes and other sophisticated cybercrimes are chipping away at trust among both consumers and organizations – and concern is rising fast. Ping Identity’s 2024 Consumer Survey found that 87% of consumers are highly concerned about identity theft and fraud, a significant 24% rise from the previous year.

As threats become more sophisticated, enterprises must respond with equally advanced strategies – combining the power of AI with proven security tools to protect people, data, and trust in the digital age.

The dual role of AI in cybersecurity

AI in cybersecurity is a double-edged sword. On one hand, malicious actors are weaponizing AI and creating deepfakes with remarkable ease, leading to an erosion of trust in what we see online. This puts both individuals and enterprises at greater risk of identity-based fraud and manipulation.

Traditional security measures are no match for these evolving threats. In fact, research reveals that 41% of organizations expect cybercriminals’ use of AI to significantly increase identity threats over the next year. But while AI is powering these threats, it also holds the key to defending against them.

When used responsibly, AI can also help security professionals develop advanced detection mechanisms, automate identity verification, and respond faster to emerging threats. That’s why organizations must weave AI into their identity management strategies to combat the new era of cyber threats – not just as a safeguard, but as a strategic advantage.

Strategies for cyber resilience

To ensure resilience in the shifting cybersecurity landscape, organizations should proactively adopt a hybrid fraud-prevention approach, strategically integrating AI solutions with traditional security measures to build robust, layered defenses. Ultimately, a comprehensive, adaptive, and collaborative security framework is essential for enterprises to effectively safeguard against increasingly sophisticated cyberattacks – and there are several preemptive strategies organizations must leverage to counteract threats and strengthen their security posture.

Adopting a hybrid approach

AI alone isn’t sufficient to defend against the complex tactics used by fraudsters. Many attacks exploit human vulnerabilities rather than technological weaknesses. Therefore, the most effective approach combines AI with traditional tools and context-aware strategies to create a hybrid defense system.

Fraudsters are adaptive, usually leveraging both advanced methods (deepfakes and synthetic identities) and simpler techniques (password spraying and phishing) to exploit vulnerabilities. By combining AI with tools like strong and continuous authentication, behavioral analytics, and ongoing user education, organizations can build a more resilient defense system. This hybrid approach ensures that no single point of failure exposes the entire system, and that both human and machine vulnerabilities are addressed.

Implementing advanced authentication

Recent threats rely on social engineering to obtain credentials, bypass authentication, and steal sensitive data, and it is evolving along with AI.  Utilizing real-time verification techniques, such as liveness detection, can reliably distinguish between legitimate users and deepfake impersonators. Liveness detection is a security method that ensures that the person presenting a biometric, like a face or fingerprint, is an actual, live human being instead of a fake image or recording.

Beyond liveness detection, there are several other preventative strategies organizations can take to help bolster defenses. These include voice verification to prevent voice cloning deepfakes, phishing-resistant multi-factor authentication (MFA) compliant with FIDO2 standards to minimize MFA bombing, and requiring identity verification before password resets to help prevent social engineering attempts.

Prioritizing continuous, real-time monitoring

To stay ahead of fraud threats, companies should implement continuous authentication and monitor biometric, behavioral, and context-based data in real time to identify anomalies. In practice, it means trust is earned dynamically.

For example, if a user suddenly logs in from an unexpected location, types differently, or interacts with the system in an unusual way, the system will flag it and re-verify identities. This approach empowers businesses to proactively address potential vulnerabilities before they are exploited by cybercriminals.

Encouraging collaboration

Effective cybersecurity requires seamless integration between identity management and fraud prevention teams within an organization. They are two sides of the same coin. In fact, emerging technologies have made it impossible and risky to separate the two. If identity verification processes align and are a part of the broader cybersecurity strategy, companies will see better visibility into potential threats and quicker response times when anomalies are detected.

For example, if identity teams work with fraud teams to incorporate bot detection and stolen credential monitoring into identity workflows, it significantly enhances the ability to identify and mitigate threats at the earliest stages. Siloed security efforts are no longer sufficient — only cohesive and collaborative approaches will ensure secure protection.

As the threat landscape evolves with AI deepfake technology, sensitive data, reputation, and customer trust are all at stake. Organizations must embrace advanced identity management and proactive security measures, combining both AI and traditional cybersecurity methods, to get ahead of today’s threats.  Remaining vigilant, adaptive, and collaborative is no longer optional – it’s essential. Only by continuously adapting cybersecurity strategies can we secure our digital future and maintain trust.

About the author

Jason Oeltjen is Vice President of Product Management at Ping Identity.

Article Topics

AI fraud  |  biometrics  |  continuous authentication  |  cybersecurity  |  deepfake detection  |  deepfakes  |  digital trust  |  fraud prevention  |  identity management  |  Ping Identity