Industry

AI vs. AI: Why fighting GenAI fraud requires a multi-layered approach

If The Terminator, The Matrix, and every other cyberpunk series taught us anything, it’s that you can’t fight the machines with machines alone.

illustration of a silver bullet
Last updated:
11/4/2024
Read time:
Share this post
Copied
Table of contents
⚡ Key takeaways

This blog post is an excerpt from our newsletter, Verified with Persona. In each email, subscribers get a short topical deep-dive from one of our experts, along with links to other stories we find interesting. You can submit your email address in the sidebar (on the left side of the page) to get the newsletter in your inbox every other month.

50x growth sounds impressive … until you realize it's related to fraud growth! 

Based on internal audits, we’ve found that fraudsters’ use of sophisticated AI-powered selfies has surged 50x within the past couple of years. In 2024 alone, we've automatically detected tens of millions of fraud attempts that used AI selfies. 

And we know this is industry-wide. Frank McKenna noted that mentions of AI on fraud-related Telegram channels surged by 10x in 2024 alone.

Still, if The Terminator, The Matrix, and every other cyberpunk series taught us anything, it’s that you can’t fight the machines with machines alone. 

Here’s how we believe organizations should approach the fight. 🤜🤖

You can’t rely on AI (alone) to fight deepfakes

Relying solely on visual AI models to combat GenAI-powered fraud is a critical mistake. While vision-based fraud detection models can outperform human capabilities, the rapid evolution of AI models is unprecedented and presents many challenges.

To stay ahead, visual fraud models must be robust enough to detect an expanding variety of model types and versions, as advancements that once took years are now happening almost monthly. This accelerating pace highlights the importance of adopting comprehensive, holistic fraud prevention strategies to effectively address emerging threats.

Examples of dramatic improvements across popular tools

So while you should still use a variety of AI models to visually inspect selfies and detect deepfakes, it’s increasingly difficult to stay ahead of fraudsters without adopting more comprehensive, holistic fraud prevention strategies.

AI visual inspections don’t “see” everything

AI-driven inspection models can still help detect visual artifacts in deepfakes and combat large-scale attacks. However, these days fraudsters can easily purchase tools to create AI-generated selfies and deepfake videos — many of which can already fool the naked eye of well-trained fraud fighters. And these tools are only getting better.

It takes time to train a new model, so existing visual inspection models can miss novel and isolated attacks. To truly future-proof your fraud strategy, adopt a multi-layered approach that responsibly collects diverse visual and non-visual signals, and extracts unique insights.

Gartner predicts that 30% of enterprises won’t trust face biometric identity verification and authentication results in isolation by 2026 because of GenAI deepfakes.

See how Persona’s approach compares to industry recommendations →

Every signal tells a part of the story

In addition to visual signals, non-visual signals are instrumental in detecting deepfakes. For example, fraudsters use virtual cameras, emulators, and rooted devices to inject deepfakes. Using an SDK that can detect these methods can help you know when to block a user or step up verification.

Additionally, consider the following types of signals and checks to complement visual inspection models:

  1. Passive and behavioral signals: Collect and analyze multiple signals, such as network and device information, location details, IP address, camera type, screen detection, email risk reports, phone risk reports, timing, movement detection, and eye movement.
  2. Database verifications: Run database verifications to check user-supplied information against third-party databases, like AAMVA, credit bureaus, and IRS records.
  3. Account comparisons: Check whether a user’s inputted data matches what you know about them and their usual behavior. 
  4. Analysis at scale: Look for similarities at scale, such as repeated backgrounds or selfies.

Using more data to catch fraud is like fishing with a net instead of a single line — it increases your chances of success.

Stopping 100% of fraud isn’t a realistic goal, but you can set yourself up for success by adjusting verification configurations and segmenting users based on risk, and monitoring signals in real-time. This multi-layered approach can help you block or increase friction for potential bad actors, and reduce friction for legitimate users.

Keep fraud from scaling

Fraudsters tend to attempt different exploits, and quickly scale when they find something that works. 

To tackle fraud at scale, you can use tools like Persona’s Graph to expose connections that are difficult for fraudsters to hide. Additionally, using models to spot unusual patterns, like unexpected devices or locations, creates a strong defense since threat actors don’t know what counts as suspicious behavior for your customers.

When silver bullets are actually shiny distractions

I want to end with a point that I think many fraud fighters have learned over the years, but it’s still worth repeating. 

The latest fraud-fighting tool is rarely a silver bullet that completely stops the current fraud trend. 

Bad actors are experimenting with different ways to use GenAI, and the rapid evolution of deepfakes will raise many eyebrows 🤨. AI-powered visual inspection models can help you detect some deepfakes, but a multi-layered approach is best. 

Plus, you need to use your human judgment to determine how, where, and when to implement different tools effectively. Similarly, use your experience to understand what fraudsters hope to gain, and adjust levers to make fraud less rewarding and discourage attacks from the start.

Take the recent money “glitches” — aka check fraud. Could you develop new AI models to identify fake or altered checks? Sure. But changing your limits and hold times for mobile deposits might be the fastest and most effective response to disincentivize fraudsters from performing fraud in the first place. There is such a thing as good friction —  never discount the power of deterrence. 

Remember, AI is a tool, not a complete solution. While I do think that we have the most adaptable, performant, and capable deepfake detection suite, tackling a complex and ever-evolving problem like fraud requires a constantly adapting toolset — and mindset. Don’t simply rely on detecting deepfakes; also consider how you can shift incentives to deter fraudsters from attempting fraud in the first place, and investigate patterns to deny scaled fraud

ebook
Learn how to take a holistic, multi-layered approach to fighting GenAI fraud
Get the guide

Published on:
11/4/2024

Frequently asked questions

No items found.

Continue reading

Continue reading

Identity proofing: what it is and why it matters
Identity proofing: what it is and why it matters
Industry

Identity proofing: what it is and why it matters

Learn what identity proofing entails and how to incorporate it into your business to prevent fraud.

Employment identity verification: what it is and why it matters
Employment identity verification: what it is and why it matters
Industry

Employment identity verification: what it is and why it matters

Find out why you need to verify prospective employees’ identities — and how to actually do it.

How to check if a company is legitimate: a step-by-step guide
How to check if a company is legitimate: a step-by-step guide
Industry

How to check if a company is legitimate: a step-by-step guide

Find out which verification methods to use — and how a KYB tool can streamline the process.

Embrace a holistic fraud strategy to fight GenAI fraud
Industry

Embrace a holistic fraud strategy to fight GenAI fraud

Generative AI is making it easier for fraudsters to carry out larger attacks. Learn how a holistic strategy can help you fight back.

How to fight ID fraud in a world of generative AI
Industry

How to fight ID fraud in a world of generative AI

Learn how generative AI is changing the game when it comes to fake IDs and what you should be mindful of when enhancing your fraud strategy.

How to protect your business against generative AI fraud
Industry

How to protect your business against generative AI fraud

Even ChatGPT’s founder is concerned about generative AI fraud. See why and learn how to fight deepfakes.

Ready to get started?

Get in touch or start exploring Persona today.