Synthetic identity fraud is a nuisance but not a novel one. Criminals combine fake and real information like social security numbers and names to create false identities. These are then used to defraud financial institutions, government agencies, and individuals via fake accounts, fraudulent purchases, and other means. Till recently, identity verification using photos and video was considered secure. However, the new menace of ‘deep fake is changing this. Here is a look.
Deep learning is a powerful machine learning (AI) technology with applications in a range of disciples, from gaming to advanced medicine. The term was first used in 2017 and combined the terms ‘deep learning’ and ‘fake.’ dThe term was first used in 2017 and combined the terms ‘deep learning’ and ‘fake.’ deepfakes are created using a deep learning technique called Generative Adversarial Networks (GANs). It uses two machine learning models to make counterfeits more believable. A deepfake model is trained using samples of a real person’s voice recordings and photos. Deep learning is a machine learning technique that teaches computers to do what humans naturally do. Deep learning algorithms mimic the experience-based learning capabilities of humans. With enough training (using example tasks), the algorithms replicate surprisingly human-like responses under specific conditions.
Making deepfake videos involves gathering thousands of video frames of the target individual. Videos constitute the input dataset. These are often cropped only to show the face. AI tools can somewhat automate the cropping process. However, the mechanism still requires substantial manual effort. Images from different angles and under other lighting conditions are included. This is so that the algorithms (neural networks) can learn to encode and transfer different nuances of the face and environment. The need for large input datasets (vids and pics) is why most deepfake videos target celebrities. It is impossible to create a convincing deepfake of someone without hours of video of them in different settings.
Deepfakes have been used for pranks and entertainment purposes. Deepfakes were used in an investigative film about the persecution of LGBTQ individuals in the Russian Republic. This became the first documentary to use deep fakes to protect its subjects’ identities.
Deepfakes and financial security
In the domain of international finance, deepfakes are considered a real threat. The global money transfer industry is worth $714 billion in annual remittances. Cross-border transfers are heavily reliant on identity verification. A profusion of deepfakes can be a real problem. Rulioo, a leading global identity verification service, explained why. The speed and volume of online and mobile commerce are staggering. There is a great demand for quicker onboarding and credit processing. This demand can only be met by taking human interaction out of the process.
Alvin Rodrigues is the Asia Pacific’s Senior Director and Security Strategist at Forcepoint. He says that criminals will use deepfakess to illegally impersonate high-level targets at organizations. They will be used to scam employees into transferring funds into fraudulent accounts. Another threat is using deep fakes of deceased persons to claim annuities/pensions. Insurance and benefits fraud can take a similar form. Fraudsters can use deep-faked identities to obtain credit/cards and perform all kinds of transactions. These can destroy the victims’ credit scores and create criminal liability.
Symantec Corporation said it had seen 3 cases of seemingly deep-faked audio of company CEOs. The fakes were used to trick senior financial controllers of the respective organizations into transferring cash. The Wall Street Journal reported that the head of an unnamed UK-based energy company thought he was talking on the phone with his boss, the CEO of the German parent company. UK executive took instructions from a scammer who had used AI-powered voice technology to impersonate the boss. The fraudster impersonating the CEO asked the victim to transfer GBP 220,000 to a Hungarian supplier. The fraudster impersonating the CEO asked the victim to share GBP 220,000 with a Hungarian supplier.
Detecting deepfake images can be challenging. Gartner Research analyst Avivah Litan estimates that 90% detection rates may be possible by analyzing the content, the profiles submitting it, the devices it originates from, and traffic patterns. This is how spam/bots and criminal operations are already being detected. Litan said that security analysts could combine deepfake detection algorithms, internet allow listing, and fraud detection techniques to fight socially engineered attacks.
According to McKinsey, fraud will continue to evolve to evade detection. According to McKinsey, fraud will continue to grow to avoid detection. In November 2019, the US government approved a bill ordering further research into deep fakes. The UK government also is looking for solutions by evaluating legislation to ban non-consensual deepfake videos. Banks can deepen their understanding of their customers by mining the growing number of third-party data sources available. These measures can help banks improve risk controls and stem losses from synthetic identity fraud.
Hemant G is a contributing writer at Sparkwebs LLC, a Digital and Content Marketing Agency. He loves to travel, scuba dive, and watch documentaries when he’s not writing.