Keyless’ High-level biometric IAD test by CLR Labs first in deepfake protection

Keyless is laying claim to the strongest confirmed deepfake fraud protection available, having passed an independent assessment for preventing biometrics injection attacks. The company has successfully completed an evaluation to Europe’s biometric injection attack detection (IAD) standard, CEN/TS 18099, by Cabinet Louis Reynaud (CLR Labs), and says it is the first to receive certification to the High level of sophistication.

High-level IAD certification is important, because along with passing an equivalent compliance assessment for biometric presentation attack detection (PAD), it is required for Extended Level of Identity Proofing (LoIP). And Extended LoIP is required for fully functioning EU Digital Identity Wallets to qualify as Qualified Trust Service Providers (QTSPs) under eIDAS 2.0, based on the ETSI 119 461 standard.

Injection attacks are used to bypass a device’s camera, allowing criminals to inject synthetic media, including deepfakes, as input. Such fraud attacks are growing and the 2025 Deepfake Detection Market Report & Buyer’s Guide from Biometric Update and Goode Intelligence forecasts there will be 9.9 billion deepfake detection checks carried out by 2027, representing over $4.9 billion in revenue. Keyless is profiled prominently in the report. The company outlines its approach to Biometric Attack Prevention with multi-factor authentication, PAD, IAD and continuous monitoring in an announcement noting its inclusion.

The CEN/TS 18099: 2025 standard provides guidance on detecting injection attack instruments (IAIs) and mitigating their risk, and outlines how to build a test plan for evaluating IAD technology.

CLR Labs backs Keyless’ claim to be the only biometrics provider in the world to have confirmed High-level compliance with the standard so far, with its Keyless Anti-Inject Android mobile SDK.

“The Cabinet Louis Reynaud congratulates Keyless as the first injection attack detection product in the world to have achieved the High-level compliance against the CLR Cert IAD certification program using the CEN TS 18099 standard methodology,” says Stéfane Mouille, general director of Cabinet Louis Reynaud. “This achievement is not to be taken lightly. Keyless stood up to all injection attack attempts we tested for.”

Testing to the High level of IAD by an accredited testing lab is required by the end of 2026 for Extended LoIP identity proofing.

Keyless raised $2 million earlier this year, and revealed plans to expand in the North American market.

As IAD is still an emerging field, and the ISO standard is still in development, few biometrics providers have passed independent assessments of the technology. CLR Labs introduced its IAD testing based on CEN/TS 18099 in late-2024 amid an overall expansion of its biometrics and digital identity testing portfolio.

Article Topics

biometric liveness detection  |  biometrics  |  CEN/TS 18099  |  certification  |  CLR Labs  |  deepfake detection  |  IAD certification  |  injection attacks  |  Keyless