Protect every layer of identity to thwart deepfake injection attacks: Entrust

Deepfakes and biometric injection attacks are the starring villains in Entrust’s seventh annual Identity Fraud Report. The 2026 edition reveals how generative AI and shared tactics are fueling sophistication and volume, as fraudsters target people, credentials and systems.

A release announcing the report says that deepfakes now account for one in five biometric fraud attempts. Instances of deepfaked selfies increased by 58 percent in 2025. And injection attacks surged 40 percent year-over-year. According to Entrust Senior Fraud Specialist Simon Horswell, “as detection improves, fraud rings evolve, becoming faster, more organized, and commercially driven.”

“Identity is now the front line, and protecting it with trusted, verified identity across the customer lifecycle is essential to staying ahead of adaptive threats.”

The numbers show the size and scope of the battlefield: sophisticated digital forgeries now account for 35 percent of document fraud, up from a 29 percent average in 2024. National ID cards account for nearly half of all fraudulent document submissions globally, with driver’s licenses making up another quarter. And modern fraud operations never sleep: with facilities located globally, fraudsters can run attacks around the clock. Fraud attempts peak between 2:00 am and 4:00 am UTC, when defenses in many regions are offline.

According to the report, “the data shows that fraud is becoming faster, more organized, and more commercially driven – a trend expected to continue through 2026.”

Onboarding and authentication are vulnerabilities; in payments, 82 percent of fraud attempts target the authentication process. The most easily compromised documents are those in older systems that still have paper versions in circulation. In 2025, Entrust says, “bad actors targeted Bangladesh national ID cards more than any other document from any country.”

“Fraudsters also tend to take a ‘rinse and repeat’ approach – recycling the same fake information across multiple fraudulent documents.”

Deepfake attacks tend to target high-risk financial services, with 60 percent aimed at crypto – an increasingly ripe fruit for fraudsters. Synthetic identities and face swaps are familiar tactics.  Newer is the animated selfie: taking a static photo and using AI to add movement. Selfie systems see a higher proportion of low-tech attempts, such as photos on screens or ID printouts, whereas with motion liveness, attempted fraud tends to be more advanced.

Entrust’s report underlines the importance of robust liveness detection to combat spoofs and deepfakes: “adding liveness – whether passive (detecting natural movement) or active (prompting specific actions) – provides temporal data that helps systems identify inconsistencies between genuine and fraudulent attempts.”

Likewise for defenses against injection attacks, which are being amplified through fraud-as-a-service (FaaS) networks. Effective countermeasures include using passive signals to check for suspicious activity or patterns linked to the source media or device, and real-time biometric capture with dynamic interactions or random cues.

“New standards are also emerging in the industry, such as CEN/TS 18099, that aim to provide assurance around a vendor’s ability to detect injection attacks,” the report says. “This reflects a growing recognition of how critical injection attacks are when it comes to verification, especially as they are the primary vector for introducing deepfakes into identity systems.”

As is so often the case, people remain a problem. “Fraud prevention systems are stronger than ever, but people remain the most vulnerable link in the chain,” says Entrust. “In 2025, indicators suggest that social engineering and coercion pose an increasing threat to identity verification during the onboarding process. Coercion attacks are uniquely difficult to detect because victims use their own genuine documents and biometrics – only under pressure or instruction from someone else.”

Entrust’s big takeaway is to cover your bases. There are vulnerabilities at every stage and level of the identity ecosystem. And with generative AI tools freely available, fraud rings growing in complexity and agentic AI looming as a threat-in-waiting, the only sure bet is to have a sentry at every post. “The future of fraud prevention lies in identity-centric, AI-driven defense. Organizations that protect every layer of identity – people documents, biometrics, and systems – will be best equipped to adapt as fraudsters adopt new tools and tactics.”

“With over 1 billion identity verifications conducted across 195 countries and more than 30 industries, Entrust offers unparalleled insights into how fraud operates and how to help mitigate it,” says Tony Ball, president of payments and identity and incoming CEO at Entrust. “Our global reach and deep fraud intelligence mean we’re uniquely placed to drive continuous innovation and share meaningful insights for customers.”

Article Topics

biometric liveness detection  |  biometrics  |  deepfake detection  |  deepfakes  |  Entrust  |  injection attack detection