Deepfakes are a threat to age assurance, and injection attack detection is the answer

Everyone knows deepfakes are a massive problem for financial services. The 2024 case of the deepfake video call that cost a company in Hong Kong 25 million dollars is approaching the status of legend. But does the deepfake era present the same kind of threat to age assurance systems?

In a joint presentation at the 2026 Global Age Assurance Standards Summit, Yoti CEO Robin Tombs and Chief Product Engineer Omari Rodney say no – if you know where to look. And, as generative AI makes deepfakes ever-harder to distinguish from reality, that means looking at the media source.

Liveness detection is now table stakes for competitive age assurance providers, but it is typically applied at authentication. That leaves organizations vulnerable to attacks that plug in after the initial authentication phase – in other words, injection attacks. Ensuring image capture is secure adds an additional layer of defense against deepfakes deployed in indirect attacks (versus direct presentation attacks attempted with masks or screens). Tombs says it’s now easier than ever for any digitally literate teenager to work out how to stage a simple injection attack to bypass biometric age assurance.

Detect the source, rather than the image

Yoti’s argument would seem to imply that robust deepfake detection for age assurance providers now necessitates injection attack detection. The ability to authenticate a capture device or feed is as critical as being able to spot an AI generated face. And, as deepfake generators continue to improve, blurring the line between GenAI and reality, it may soon be the only reliable way to tell if any given face belongs to a real person.

The discussion points toward a multi-layered approach that Yoti calls the “Tower of London” model. GenAI is a problem across the digital security and online safety spectrum, and, if forecasts are correct, it will increasingly infiltrate any transaction conducted on a screen. That means understanding not just what you’re looking at, but how the image came to be.

Article Topics

Age Assurance Standards Summit (2026)  |  age verification  |  AI fraud  |  biometric liveness detection  |  deepfake detection  |  deepfakes  |  generative AI  |  injection attack detection  |  Yoti