In the context of identity verification and fraud, an injection attack is when a fraudster bypasses a device's physical camera and injects a fake image or video directly into the verification data stream.
Rather than pointing a camera at a photo or screen (which is a presentation attack), the fraudster manipulates the digital capture process itself so the system believes it's receiving a live camera feed when it's actually receiving AI-generated or stolen content.
Fraudsters might steal, buy, or create images and videos that they inject into verification streams. For example, they might use GenAI tools to create synthetic faces. Or, set up fake websites that trick people into submitting selfies and ID photos.
A multi-layered approach aligns with CEN/TS 18099:2024, a European standard for detecting biometric data injection attacks in identity verification. This standard defines five defensive layers: capture integrity, media forensics, liveness detection, device/session signals, and backend pattern analysis.