Learn more about Photolok | Click Here

Learn more about Photolok | Click Here

Kasey Cromer, Netlok | November 21, 2025

Executive Summary

Global cybercrime is now a $10.5 trillion industry — larger than the GDP of every country except the US and China. AI-powered fraud has reached a critical tipping point, with enterprise banks reporting a 70% increase in fraud over the past year and deepfake incidents surging by 700% [1][2][3]. As fraudsters weaponize generative AI to create hyper-realistic deepfakes and sophisticated phishing campaigns, traditional authentication methods are failing catastrophically. This analysis examines how Netlok’s Photolok – using patented photo-based steganography with AI/ML defense capabilities – provides the most effective defense against AI-driven login identity fraud.

The AI Fraud Explosion: A $40 Billion Problem by 2027

The transformation of fraud through artificial intelligence represents one of the most significant security challenges facing enterprises today. According to Deloitte’s latest analysis, GenAI-driven fraud losses in the United States alone could exceed $40 billion by 2027, up from $12 billion in 2023 [4]. This 233% increase demonstrates the exponential threat posed by AI-enabled attacks.

The numbers tell a devastating story:

• 93% of financial institutions express serious concern about AI-driven fraud acceleration [5]
• 83% of phishing emails are now AI-generated, up from virtually zero two years ago [6]
• 400% increase in corporate fraud driven by deepfake audio and video scams [7]
• $25.6 million lost in a single deepfake video call scam targeting a Hong Kong company [8]

The Operational Nightmare: When AI Outpaces Human Detection

The surge in AI-powered attacks isn’t just a financial problem—it’s overwhelming fraud prevention teams across industries. A recent Sift report reveals that AI-driven scams rose by 456% between May 2024 and April 2025, with fraudsters crafting convincing scams up to 40% faster using AI tools [9]. This acceleration has overwhelmed traditional fraud prevention systems.

Real-World Devastation: The Deepfake Authentication Crisis

$25 Million Video Call Scam: A company’s finance team member paid out $25 million after participating in a video call where every participant except the victim was a deepfake, including the CFO who gave authorization for the transfer.[13]

Voice Cloning: 3,000% Surge: Banking institutions report deepfake voice attacks on customer service centers increased 3,000% year-over-year, with criminals needing just three seconds of audio to master someone’s voice.[14]

Synthetic Identity: $23B by 2030: AI creates fictitious identities by blending real and fake information, with projected losses of $23 billion by 2030.[15]

Why Traditional Authentication Is Obsolete

Current authentication methods were designed for a pre-AI world and are catastrophically failing against modern threats:

The Photolok Advantage: Authentication Built for the AI Era

Photolok is a passwordless authentication solution using patented methods using steganographic photos. Rather than relying on passwords or biometrics, Photolok has users authenticate by selecting personal selected coded photos during login.

Key advantages of Photolok include:

• AI/ML Defense: Randomized photos prevent pattern recognition—bots cannot identify which photographs to attack
• Patented Steganography: Encrypted codes embedded in photos are highly resistant to external observation and AI analysis
• Duress Photo: Visual silent alarm notifies IT security and other key departments real-time during compromised access attempts
• 1 Time Use Photo: Prevents shoulder surfing in public areas by removing photo after single use

The Window Is Closing

With AI fraud tools now accessible to anyone with an internet connection, the question isn’t whether your organization will be targeted—it’s when. The World Economic Forum warns that traditional verification methods are “no longer sufficient” against AI-enabled fraudsters [16].

The choice is stark: evolve authentication now or become another statistic in the $10.5 trillion cybercrime industry. Photolok’s patented steganography technology offers a proven path forward, combining AI/ML defense with operational efficiency and user satisfaction.

Take Action Against AI Fraud

Don’t wait for AI-powered fraudsters to target your organization. Discover how Photolok’s patented steganography and AI-resistant authentication can protect your enterprise while improving user experience.

Request Your Personalized Demo

Author: Kasey Cromer is Director of Customer Experience at Netlok.

Sources

1. AI-driven cybercrime is growing, here’s how to stop it – World Economic Forum (January 2025)
2. How AI is Redefining Fraud Prevention in 2025 – ThreatMark (October 2025)
3. Alloy’s 2025 State of Fraud Report – Alloy (September 2025)
4. How AI is Redefining Fraud Prevention in 2025 – ThreatMark (October 2025)
5. Top Fraud Trends and Predictions for 2025 – DataVisor
6. AI Scams and Fraud: 5 Trends to Look Out for as 2025 Ends – LowTouch (October 2025)
7. 200+ Cybersecurity Statistics 2025 – CyVent
8. AI arms race: Who’s winning in enterprise cybersecurity? – Mastercard (2025)
9. Q2 2025 Digital Trust Index: AI Fraud Data and Insights – Sift (August 2025)
10. Q2 2025 Digital Trust Index: AI Fraud Data and Insights – Sift (August 2025)
11. Q2 2025 Digital Trust Index: AI Fraud Data and Insights – Sift (August 2025)
12. Q2 2025 Digital Trust Index: AI Fraud Data and Insights – Sift (August 2025)
13. AI arms race: Who’s winning in enterprise cybersecurity? – Mastercard (2025)
14. 10 statistics for better fraud prevention in 2025 – Alloy (September 2025)
15. How AI is Redefining Fraud Prevention in 2025 – ThreatMark (October 2025)
16. AI-driven cybercrime is growing, here’s how to stop it – World Economic Forum (January 2025)

Kasey Cromer, Netlok | November 14, 2025

Executive Summary

A single deepfake video call cost a multinational firm $25 million—and this is just the beginning. AI-driven deepfakes have exploded by over 1,000% since 2023, now fueling sophisticated attacks from executive impersonation to credential theft across every industry vertical.[1][4][22] With deepfake-as-a-service platforms offering custom attacks for under $100 and detection accuracy struggling at just 25%, enterprises face an unprecedented authentication crisis.[3][7] This guide demonstrates why Netlok’s Photolok – using patented steganography photos with AI/ML defense capabilities – offers the most robust defense against AI-powered login identity fraud.

The Deepfake Explosion: Enterprise Impact by the Numbers

The statistics paint a devastating picture of the current threat landscape:

Real-World Deepfake Devastation

$25 Million Teams Deepfake: A European energy conglomerate lost $25M when attackers used a real-time deepfake video during a Teams call, perfectly mimicking the CFO to authorize wire transfers.[1][2]

State-Sponsored Infiltration: North Korean hackers used deepfake IDs and video interviews to infiltrate 67 tech companies as remote employees, establishing listening posts for espionage and IP theft.[1][3]

Banking Voice Attacks: 500% Surge: Major banks report AI-generated voices bypassing biometric systems in 31% of tests, with deepfake-enabled account takeovers increasing 500%.[4][20]

Deepfake sophistication has reached a critical threshold. These aren’t grainy videos anymore—they’re real-time, interactive deepfakes that fool seasoned security professionals. Traditional authentication is becoming obsolete as deepfake technology advances. [2][8]

Why Detection Fails: The Technology Arms Race

Modern deepfakes exploit psychological trust factors—familiar faces, expected contexts, and urgent scenarios—making technical detection secondary to social engineering success.[7][8] With deepfake-as-a-service platforms offering custom attacks for under $100, every employee becomes a potential target, overwhelming traditional security teams.[1][3]

Enterprise Defense Framework

Comprehensive Deepfake Defense Stack

Examples of Deepfake Detection Training:
Note: These platforms are listed for informational purposes only and do not constitute an endorsement.

• Breacher.ai Enterprise Suite: Customized C-suite impersonation scenarios with consent-based voice cloning.[10][11]
• Reality Defender Challenge: Real-world deepfake samples updated weekly.[8]
• Doppel Voice Authentication: Audio-specific training for call center security.[12]

Why Passwords Failed—How Photolok Succeeds

Authentication Methods and Known Vulnerabilities:

Photolok’s Revolutionary Approach:

• Image-Based Authentication: Users select assigned photos during login, each containing an embedded encrypted code
• AI/ML Defense: Randomized photos prevent pattern recognition— because there is no pattern, bots cannot identify which photographs to attack
• Duress Photo: Visual silent alarm notifies IT security and other important departments in real-time when an account is compromised
• 1 Time Use Photo: Prevents shoulder surfing by removing the photo after a single use

The Path Forward

Deepfakes represent a fundamental shift in the threat landscape—rendering traditional authentication obsolete while democratizing sophisticated attacks.[1][3][4] Unfortunately, many organizations still rely on password-based authentication — an approach increasingly outmatched by AI-driven, deepfake-enabled attacks.[7][22] But those embracing photo-based authentication with patented steganography, continuous training, and proactive detection build resilience against even nation-state actors.[1][8] The choice is clear: evolve authentication now or become tomorrow’s breach headline.[4][25]

Ready to Protect Your Enterprise?

See how Photolok can defend your organization against deepfake attacks and AI-powered fraud. Our team will demonstrate how patented steganography and AI-resistant authentication can secure your most critical assets.

Schedule Your Photolok Demo Today

Author: Kasey Cromer is Director of Customer Experience at Netlok.

Resources

1. Huntress – Craftiest Trends, Scams & Tradecraft 2025
2. Right-Hand.ai – Deep Fake Vishing Attacks 2025
3. Elliptic – The Two Faces of AI
4. SQ Magazine – Deepfake Statistics
5. Reuters – UN Report Urges Stronger Measures to Detect AI-Driven Deepfakes
6. AP News – Creating Realistic Deepfakes Is Getting Easier Than Ever
7. SocRadar – Top 10 AI Deepfake Detection Tools 2025
8. Reality Defender – The Reality Test
9. TruthScan – AI Image Detector
10. Breacher.ai – Resources
11. Breacher.ai – Deepfake Awareness Training for HR
12. Doppel – Deepfake Defense: Voice Clone Quiz
13. Hoxhunt – Deepfake Attacks
14. Adaptive Security – Deepfake Awareness Training Platforms
15. Adaptive Security – Deepfake Video Call Security Guide
16. Sensity AI
17. Reality Defender – Enterprise Solutions
18. iProov – Spot Deepfake Quiz
19. Guidepoint Security – Are You Protecting Yourself from Deepfakes Quiz
20. HyperVerge – Examples of Deepfakes
21. Brightside AI – Top 10 AI Security Awareness Training Platforms 2025
22. Keepnet Labs – Deepfake Statistics and Trends
23. F-Secure – F-Alert Cyber Threats Bulletin November 2025
24. Agility PR – AI Deepfakes in 2025: Global Legal Actions
25. eWeek – AI Deepfakes Create Death Threats
26. Meegle – Deepfake Detection Workshops
27. Hook Security – Deepfake Awareness Training
28. CTO Magazine – Train Employees to Detect Deepfakes
29. MyTalents.ai – AI and Corporate Safety: Deepfake Image Detection
30. Breacher.ai – Best AI Social Engineering Simulation Platform
31. Meegle – Deepfake Detection in AI Training
32. Breacher.ai – Deepfake Phishing Tactics
33. Spot Deepfakes – Quiz
34. Kaggle – Deepfake Detection Challenge

Kasey Cromer, Netlok | October 6, 2025

Executive Summary

2025 is setting new records for cyberattacks, with over 16 billion passwords exposed and more than half of data breaches involving personally identifiable information (PII). Given increased regulatory scrutiny, increasing penalties, customer-facing risks, combined with new methods to protect yourself, every digital service user should take proactive steps to protect themselves.[1][2][3]

1. Data Breach by the Numbers

Defining Personally identifiable information (PII): PII is any type of data that can be used to distinguish or trace an individual’s identity by itself or when combined with other information. This includes direct identifiers—like full names, Social Security numbers, passport information, or biometric data (e.g., fingerprints, facial scans), and indirect ones—such as date of birth, race, gender, or place of birth that when combined with other data, can reveal the identity of a person.[4][5][6]  Sensitive PII includes information like financial details, medical records, driver license numbers, phone numbers and email addresses, making this data highly valuable to cybercriminals. Protecting PII is crucial to prevent identity theft and unauthorized use.

2. Who Gets Hurt—and How?

Victims of recent breaches recount losing retirement savings, having mortgage applications denied, and enduring relentless phishing and fraud attacks. A Connecticut bank customer saw their information used to open credit cards. Another family faced insurance fraud after health data was leaked. The takeaway, even when attackers don’t steal money immediately, is that exposed personal information often causes financial, emotional, and reputational turmoil for years.[9][10]

“The shift we’re seeing in 2025 is from passive acceptance of breaches to active customer empowerment. New regulations, better insurance options, and innovative authentication technologies are giving consumers real tools to protect themselves—but only if they use them.”
— Industry perspective from leading cybersecurity analysts[2][3]

3. Salesforce as Case Study—But Risks Are Everywhere

The high-profile Salesforce breach, in 2025, impacted thousands of organizations, exposing credentials and customer data through a third-party integration. Yet these methods—phishing, stolen PII, exploiting software integrations—also enable attacks on hospitals, insurers, banks, universities, and government offices across the globe. Every digital user is potentially a target.[11][12][13]

4. Regulation & Insurance: What Changed in 2025

• State Law Updates: States like Oklahoma and New York now mandate breach notices within 48 hours and cover more types of PII and sensitive data.[14]
• Healthcare: Enhanced HIPAA protections mean mandatory encryption/MFA for medical providers, with bigger penalties for mishandling PII. [15] Fines, class actions, and settlements continue to rise; 32% of breached organizations paid fines above $100,000. [8]
• Cyber Insurance: Most modern policies cover breach cleanup, incident costs, and notification, but new exclusions (e.g., for AI-driven fraud) require careful annual review. [16][17] At a minimum, the individual must comply with all policy requirements. Failure to do so will result in claim denial.

Regulatory Breach Notice Deadlines—At a Glance

5. Emotional & Financial Toll: Human Stories Matter

Exposed PII allows cybercriminals to send customized scam emails, create socially engineered support lines, and commit medical or financial fraud in victims’ names. Victims often spend months, sometimes years, repairing records, refuting fraudulent activity, and regaining lost access. For most simple cases, recovery is possible within weeks to a few months, but for a substantial minority, especially those involving government fraud or major financial harm, the process can extend for 1-2 years or longer. [18]  

6. What Every Customer Should Do

Within 24 hours of breach notice:

• Change all passwords for affected accounts. Enable multi-factor authentication for critical logins[3]

Within 48 hours:

• Monitor statements, freeze credit, and notify financial institutions of possible fraud[17]

Week 1:

• Stay alert for phishing, false “support” calls, or scam messages using your compromised PII[9]

First month:

• Review cyber insurance policy and consider legal support for substantial damage[16]
• Request updates and clear action plans from the affected company

Ongoing:

• Use unique passwords for every account. Limit what PII is shared publicly (e.g., on social media)[5]
• Demand honest, timely notifications and advocate for strong customer protections

7. Why Passwords Are the Problem—and Photolok Is the Solution

Traditional passwords remain the weakest link in cybersecurity, with 88% of web application attacks exploiting stolen credentials.[3] That’s why at Netlok, we’ve developed Photolok—a revolutionary visual authentication system that eliminates passwords entirely.

How Photolok Protects You:

Visual Authentication
Instead of typing passwords that can be stolen, you select encrypted photos from Photolok’s proprietary library and log in to your private account. Hackers can’t use what they can’t steal.

One-Time Use Photos
Each photo can be set for single use, expiring after login. Even if someone sees you authenticate, they can’t reuse that image.

Duress Protection
Select a special “duress photo” to silently alert authorities or trusted contacts if you’re forced to log in under threat—a feature no password can offer.

Easy Setup & Management

• Add or replace photos in seconds
• Organize with custom labels that can be changed with a click of a button.
• Works alongside existing MFA for layered security
• No complex passwords to remember or lose

Built for Everyone
From tech-savvy professionals to seniors who struggle with passwords, Photolok’s intuitive design makes strong security accessible to all users.

Real-World Impact:

When the recent Salesforce breaches exposed consumer passwords, Photolok users remained protected. You can’t phish a photo that changes with each login.   

Ready to move beyond passwords? Learn more about Photolok or Request a Demo to see how visual authentication can protect your accounts today.

8. The Path Forward

Data breaches aren’t slowing down—they’re accelerating. But customers don’t have to be victims. Through vigilance, advocacy, and adoption of advanced authentication solutions like Photolok, every user can take control of their digital security.

Author & Credentials

Kasey Cromer is Director of Customer Experience at Netlok, focused on authentication, incident response, and SaaS security for over a decade.

Resources

1. Cybernews: 16 Billion Passwords Exposed Through Infostealers
2. IBM Cost of a Data Breach Report 2025
3. StrongDM: Data Breach Statistics 2025
4. Proofpoint: What Is PII?
5. Keeper Security: Examples of PII
6. SecurityScorecard: How to Protect PII
7. Baker Donelson: Key Insights from IBM’s 2025 Report
8. Kiteworks: IBM 2025 Data Breach Report AI Risks
9. Bright Defense: Recent Data Breaches
10. Bluefin: Data Breaches Soar Q1 2025
11. Google Cloud: Data Theft from Salesforce Instances
12. Cybersecurity Dive: Salesforce Data Theft
13. HIPAA Journal: Healthcare Data Breach Statistics
14. Inside Privacy: Oklahoma Data Breach Law Update
15. DeepStrike: Healthcare Data Breaches 2025
16. Munich Re: Cyber Insurance Trends 2025
17. Woodruff Sawyer: Cyber Looking Ahead Guide
18. How Long Does It Take to Recover From Identity Theft?

Published September 2025. Content reviewed quarterly for accuracy and compliance. Netlok’s Photolok solution is featured as an innovative approach to password-free authentication in the evolving cybersecurity landscape.

K. Cromer, Netlok 9/8/2025

This analysis builds on Netlok’s ongoing research into wrench attack vulnerabilities. For additional context, visit our blog resources.

The darkest prediction in cryptocurrency security has come true: As of August 2025, wrench attacks against crypto holders are averaging more than one incident per week worldwide, with 30+ documented cases in less than half a year¹. Bitcoin trades near $122,000—over 50% higher than a year ago—fueling a shift from sophisticated hacking to old-fashioned violence².

As crypto values hit historic highs and identities are exposed via massive data breaches, security experts warn of “a brutal convergence of the speed of cybercrime with the violence of street crime”³. Recent statistics confirm this threat has evolved from isolated events to systematic targeting, making distress resistant authentication more critical than ever.

The Numbers Tell a Chilling Story

Why Paris Became Ground Zero

France, particularly Paris, has emerged as the epicenter of crypto violence. In one prominent case, a crypto executive was kidnapped from his home, while others saw family members targeted in broad daylight⁷. Cases aren’t limited to continental Europe: the U.S., UK, Canada, and Asia have all reported wrench attacks in 2025⁴.

What began as isolated cases is now a global issue, with organized crime groups and opportunistic actors exploiting public profiles and personal data⁸.

Where Traditional Security Fails

“The brutal reality is that seemingly cryptographically perfect systems fail completely when someone puts a gun to your head”⁹.

Traditional multi-factor authentication, hardware wallets, and encryption offer no real protection against physical coercion.

Victims report beatings, electric shocks, and even prolonged captivity until attackers achieved transfers under force¹⁰. Research now shows that even highly security-conscious holders are not immune—meaning the threat transcends technical skill or digital hygiene¹¹.

This widening gap between digital protections and physical coercion is precisely where an alternative approach is needed.

The Photolok Advantage

Unlike traditional MFA methods that collapse under physical threats, Photolok introduces adaptive, attack response visual authentication designed to transform wrench attacks from complete vulnerability into opportunities for silent resistance¹².

Duress Signaling in Action

Consider a scenario: a user pre-selects a specific photo as a “duress” photo. If forced to authenticate, selecting this photo triggers a silent alarm to security contacts and law enforcement, while granting access to the attacker. This ensures that, even during a threat, victims can discreetly signal for help without escalating the situation¹³.

One-Time Use

Each photo is cryptographically unique. By selecting a one-time use photo, you avoid photo disclosure as a one-time photo expires after it is used one time. Even if attackers gain access, this specific photo cannot be reused—significantly limiting the attacker’s ability to login in the future¹³.

Cognitive Confusion

Photolok’s visual, point-and-click system is unfamiliar to most criminals who expect passwords or PINs. Attackers may struggle to articulate demands (“click on your photos” is less intuitive than “enter your password”), creating crucial delays and confusion¹².

Risk Reduction Tools

There are a number of actions that can be taken to reduce the risk of attack and minimize harmful outcomes.

1. Eliminate Wealth Signaling
   Remove physical addresses from public records and make social media private. Avoid conference photos or portfolio screenshots².
2. Implement Geographic Distribution
   Multi-signature security ensures transactions require multiple approvals from trusted parties in different locations—making coercion far more difficult¹¹.
3. Deploy Duress-Resistant Authentication
   Traditional MFA fails under physical threat. Duress-resistant systems like Photolok allow apparent compliance while secretly signaling for help¹³.
4. Create Decoy Holdings
   Set up smaller crypto “sacrifice wallets” with modest amounts for attackers, while larger holdings are secured in hardened, separate storage.
5. Establish Emergency Protocols
   Create silent alert systems with trusted contacts. Integrate tools (including Photolok) that notify authorities or partners during high-risk logins¹³.

From Vulnerability to Empowerment

2025’s weekly attack frequency marks a turning point in crypto security. For the first time, tools exist that change the outcomes of physical coercion, enabling individuals to silently signal for help and limit attackers’ ability to access their personal information under duress. With Photolok’s duress photo login, if someone forces a user to unlock crypto, selecting a special “duress photo” quietly alerts help without tipping off the attacker. Instead of feeling powerless, users get a way to protect their assets and ask for help, even in dangerous situations. The $5 wrench and threat of physical harm will always defeat pure encryption, but it doesn’t have to defeat human ingenuity.

Ready to enhance your security? Learn more about how Photolok can protect your assets at Netlok.com and explore our blog resources for deeper insights into duress-resistant authentication and the future of crypto security.

Sources

1. LiveBitcoinNews – Wrench attacks: at least one bitcoiner kidnapped every week
2. FintechNews – Crypto crime surges in 2025 set to break records
3. Chainalysis – 2025 Crypto Crime Mid-Year Update
4. QAZInform – Global wave of crypto-related kidnappings
5. TRM Labs – The rise of wrench attacks and crypto-related violent crime
6. Fortune – Lloyd’s of London offering crypto attack insurance
7. The Week – ‘Wrench attacks’ are targeting wealthy crypto moguls
8. Sherwood News – The alarming surge of “wrench attacks” in crypto
9. NPR – New York kidnapping underscores rise in crypto ‘wrench attacks’
10. CBS News – Crypto kidnappings on the rise as criminals resort to “wrench attacks”
11. Cambridge Repository – Investigating Wrench Attacks: Physical Attacks Targeting Cryptocurrency Users
12. Netlok – How Photolok works
13. Netlok – Photos Not Passwords for Secure Login Authentication

A.R. Perez, Netlok. 7/8/2025

Multi-factor authentication (MFA) was once hailed as a near-perfect shield, yet recent headline breaches prove attackers are not only slipping past it—they are doing so at an accelerating pace. This report ranks today’s most common MFA combinations from weakest to strongest and quantifies the sharp rise in MFA-related attacks between 2023 and 2025. It should be noted that Photolok^Ò (a passwordless MFA factor that uses proprietary-coded photos) is not included in this analysis.

Why MFA Strength Varies

Every MFA scheme marries at least two factors—knowledge (password/PIN), possession (token/phone), or inherence (biometric). Security depends on:

• Transport security (Is any secret sent over a channel that can be intercepted?)
• Phishing resistance (Can the user’s factor be replayed to a fake site?)
• Device binding (Is the factor cryptographically locked to a specific device?)
• User behavior (Can social engineering or “MFA fatigue” trick users into approving?)

Ranking MFA Combinations

Key Takeaways

• SMS and voice codes are now the attacker’s easiest door. SIM-swapping and SS7 attacks routinely hijack these one-time codes 12, 13.
• Push bombing moved classic push to “low trust.” Repeated prompts trick users into approvals; number-matching mitigates but doesn’t eliminate risk 10, 9.
• TOTP is safer than SMS but still phishable. Transparent reverse-proxy kits like EvilProxy harvest codes in real time 9.
• Phishing-resistant authentication begins with FIDO2/WebAuthn. Hardware-backed keys or passkeys neutralize man-in-the-middle attacks by binding credentials to the correct origin 12.

The Surge in MFA-Focused Attacks (2023-2025)

Visualizing the Climb

*Rates come from different datasets (CIAM traffic, IR engagements, BEC breaches). While scopes vary, all show the same climbing trajectory.

Why the Rate Keeps Rising

Commodity Phishing-as-a-Service (PhaaS)

• Kits like Tycoon 2FA and EvilProxy package adversary-in-the-middle techniques for <$300 20, 21.
• No elite skills required; proxy auto-captures TOTP, push, and even session cookies.

Token Theft & Session Hijacking

• Malware or browser extensions steal stored cookies, rendering second factors moot 9, 19.
• Stolen session tokens sell in criminal markets for as little as $10 per corporate user 20.

MFA Fatigue & Social Engineering

• Push-bombing remains effective: Uber, Microsoft, and EA all fell to approval spamming 11, 9.
• Help-desk impersonation convinces IT staff to reset credentials or enroll attacker devices 16.

Weak Factor Mix

• SMS remains the default in consumer apps—96% of Coinbase account-takeover victims relied on SMS OTP 13.
• Many enterprises lack Conditional Access or token-binding, letting hijacked sessions roam free 22.

Hardening the Human-Machine Perimeter

1. Phase Out Legacy Factors

• Block SMS/voice codes for privileged accounts; require authenticator apps or keys instead12, 2.

2. Enforce Phishing-Resistant MFA

• Deploy FIDO2/WebAuthn passkeys or security keys for all admins and high-risk roles 12.
• Use token-binding or Microsoft Entra ID’s token protection to neutralize session-theft attacks 22.

3. Strengthen Push Workflows

• Mandate number-matching or challenge-response for any push-based approvals 9.
• Limit consecutive push requests and alert security operations on excessive prompts 11.

4. Layer Conditional Access & Risk-Based Controls

• Require device compliance, geolocation heuristics, and continuous session monitoring to catch hijacked tokens in flight 22.

5. Educate to Eradicate MFA Fatigue

• Simulate AiTM phishing and push-bomb drills so users recognize and report anomalies 23, 16.
• Reinforce “never approve unexpected prompts” in monthly training cycles.

Conclusion

Attackers’ ability to sidestep MFA has grown from isolated exploits in 2023 to industrial-scale commodity services in 2025. Organizations that cling to password-plus-SMS or push-only MFA now occupy the bottom rung of the strength ladder and face a sharply rising threat curve. Yet the solution is within reach: broad adoption of phishing-resistant, device-bound authentication—coupled with risk-aware access controls—flips the cost curve back onto the attacker. Upgrade the factors, shrink the attack surface, and keep users from approving the next rogue prompt. One novel method of upgrading factors is to use Photolok – a passwordless factor that uses steganographic coded photos that also protects against AI/ML attacks as well as provides lateral movement penetrations due to its unique architecture.

1. https://fidoalliance.org/fido2/
2. https://www.cisa.gov/sites/default/files/publications/fact-sheet-implementing-phishing-resistant-mfa-508c.pdf
3. https://www.trout.software/resources/tech-blog/fido2-and-passkeys-the-future-of-mfa-for-critical-infrastructure
4. https://www.security.com/blogs/expert-perspectives/secret-phishing-resistant-authentication
5. https://hideez.com/blogs/news/fido2-explained
6. https://tjdeed.com/combating-phishing-attacks-with-passwordless-fido2-authentication/
7. https://stytch.com/blog/totp-vs-sms/
8. https://rublon.com/blog/sms-vs-totp/
9. https://www.menlosecurity.com/blog/the-art-of-mfa-bypass-how-attackers-regularly-beat-two-factor-authentication
10. https://www.cybersecuritydive.com/news/mfa-multi-factor-authentication-cisco-talos-cyber/719254/
11. https://www.sapphire.net/blogs-press-releases/the-rise-of-mfa-fatigue-attacks/
12. https://cyberhoot.com/blog/top-five-risks-from-sms-based-mfa/
13. https://www.authsignal.com/blog/articles/why-sms-based-authentication-is-no-longer-enough-for-secure-account-protection
14. https://community.ring.com/en_GB/conversations/general-topics/multifactor-authentication-using-sms-is-the-least-secure/6580381451f6e6fe78d31ec5
15. https://www.okta.com/newsroom/articles/key-findings-from-our-2023-state-of-secure-identity-report/
16. https://www.kroll.com/en/insights/publications/cyber/mfa-bypass-leads-to-account-compromise
17. https://www.descope.com/learn/post/mfa-bypass
18. https://www.infosecurity-magazine.com/news/orgs-inected-ransomware-2023/
19. https://frsecure.com/blog/token-theft-attacks-mfa-defeat/
20. https://www.theregister.com/2025/07/07/phishing_platforms_infostealers_blamed_for/
21. https://blog.talosintelligence.com/state-of-the-art-phishing-mfa-bypass/
22. https://www.egroup-us.com/news/microsoft-entra-id-security-2025/
23. https://www.waterisac.org/portal/ransomware-resilience-%E2%80%93-mfa-bypass-seen-largest-attack-vector-ransomware-attacks
24. https://www.rsa.com/wp-content/uploads/rsa-top-trends-in-identity-2025.pdf
25. https://jumpcloud.com/blog/multi-factor-authentication-statistics
26. https://www.enzoic.com/blog/microsoft-digital-defense-report-mfa-vulnerabilities/
27. https://netrixglobal.com/blog/cybersecurity/navigating-the-new-wave-of-mfa-bypass-attacks-in-2025/?category=office+365%2Co365%2Coffice+365+pnp
28. https://expertinsights.com/user-auth/multi-factor-authentication-statistics
29. https://www.oasis.security/resources/blog/oasis-security-research-team-discovers-microsoft-azure-mfa-bypass
30. https://emudhra.com/en-us/blog/mfa-solutions-trends-to-watch-out-for-in-2025
31. https://www.microsoft.com/en-us/security/security-insider/microsoft-digital-defense-report-2023
32. https://www.greystoneprograms.org/post/cyber-security-trends-in-2025
33. https://www.rapid7.com/blog/post/2025/04/10/password-spray-attacks-taking-advantage-of-lax-mfa/
34. https://www.forbes.com/sites/daveywinder/2024/12/25/google-and-microsoft-users-warned-as-new-2fa-bypass-attacks-reported/
35. https://www.rsa.com/resources/blog/multi-factor-authentication/the-future-of-mfa-adaptive-authentication-and-other-trends/
36. https://keepnetlabs.com/blog/understanding-mfa-phishing-protection-measures-and-key-statistics
37. https://www.cisa.gov/resources-tools/resources/phishing-resistant-multi-factor-authentication-mfa-success-story-usdas-fast-identity-online-fido
38. https://www.creative-n.com/blog/mfa-fatigue-attacks-what-are-they-and-how-can-your-business-combat-them/
39. https://vanishid.com/2023/09/07/kroll-august-2023-sim-swap-attack/
40. https://explodingtopics.com/blog/multi-factor-authentication-stats
41. https://www.f5.com/labs/articles/threat-intelligence/2023-identity-threat-report-the-unpatchables
42. https://www.kroll.com/en/reports/cyber/threat-intelligence-reports/q2-2023-threat-landscape-report-supply-chain-infiltrations
43. https://www.statista.com/statistics/1458607/mfa-account-takeover-global/
44. https://www.reddit.com/r/cybersecurity/comments/13pu8ds/the_problem_with_smsbased_mfa_in_2023_and/
45. https://www.kroll.com/-/media/kroll/pdfs/publications/q2-2023-threat-landscape-report-supply-chain-infiltrations.pdf
46. https://cyberwyoming.org/insights-from-the-itrc-2024-data-breach-report-mfa/
47. https://www.army.mil/article/280598/secure_our_world_cecom_recommends_enabling_multifactor_authentication_to_enhance_cybersecurity
48. https://www.prove.com/blog/prove-identity-2023-state-of-mfa-report-consumer-attitudes-multi-factor-authentication
49. https://www.swidch.com/resources/blogs/2fa-mfa-the-good-the-bad-the-ugly
50. https://www.menlosecurity.com/press-releases/browser-based-phishing-attacks-increased-198-in-2023-as-threat-actors-grow-more-evasive-menlo-security-research-finds
51. https://hub.wpi.edu/spread/148/secure-it-october-2023
52. https://www.kroll.com/en/reports/cyber/threat-intelligence-reports/q4-2023-threat-landscape-report-threat-actors-breach-outer-limits
53. https://www.infosecurity-magazine.com/news/majority-compromises-stolen/
54. https://www.ibm.com/thought-leadership/institute-business-value/en-us/report/2025-threat-intelligence-index
55. https://www.reddit.com/r/msp/comments/1jr46aw/365_account_comprise_bypassing_mfa_and_sending/
56. https://hoxhunt.com/blog/business-email-compromise-statistics
57. https://www.isaca.org/resources/news-and-trends/industry-news/2025/will-mfa-redefine-cyberdefense-in-the-21st-century
58. https://www.indusface.com/blog/key-cybersecurity-statistics/
59. https://blog.lastpass.com/posts/business-email-compromise
60. https://blueprint.asd.gov.au/configuration/entra-id/protection/risky-activities/multifactor-authentication/account-lockout/
61. https://www.scworld.com/feature/how-attackers-outsmart-mfa-in-2025
62. https://hoxhunt.com/guide/phishing-trends-report
63. https://learn.microsoft.com/en-us/partner-center/security/security-at-your-organization
64. https://arcticwolf.com/resources/blog/defending-against-business-email-compromise/
65. https://www.cobalt.io/blog/top-cybersecurity-statistics-2025
66. https://www.huntress.com/blog/cybersecurity-statistics
67. https://www.linkedin.com/pulse/business-email-compromise-bec-most-expensive-youll-xutwc
68. https://www.intrust-it.com/understanding-mfa-bypass-attacks/
69. https://www.reddit.com/r/privacy/comments/rf0xno/is_2fa_with_authenticator_apps_really_more_secure/
70. https://rokibulroni.com/blog/fido2-passkeys-modern-authentication-2025/
71. https://www.corbado.com/blog/best-fido2-hardware-security-keys
72. https://help.okta.com/oie/en-us/content/topics/identity-engine/authenticators/phishing-resistant-auth.htm
73. https://www.cyberseclabs.org/best-fido2-hardware-security-token/
74. https://www.pcmag.com/picks/best-hardware-security-keys
75. https://www.idmanagement.gov/playbooks/altauthn/
76. https://jumpcloud.com/blog/totp-mfa
77. https://www.nytimes.com/wirecutter/reviews/best-security-keys/
78. https://cybersecurityventures.com/multi-factor-authentication-is-not-99-percent-effective/
79. https://nordlayer.com/blog/cybersecurity-statistics-of-2024/

A.R. Perez, Netlok, July 1,2025

Understanding the Threat Landscape

The emergence of sophisticated deepfake technologies and synthetic identity creation tools represents one of the most significant challenges facing biometric authentication systems today. Deepfakes are highly realistic, artificially generated media that can convincingly replicate human faces, voices, and behaviors using advanced deep learning techniques 1, 2. These technologies have rapidly evolved from entertainment applications to become serious security threats, with attackers now capable of bypassing traditional biometric systems that once seemed unbreachable.

Recent data reveals the scale of this challenge: in 2024, 50% of surveyed businesses reported experiencing deepfake-related attacks, with 57% of cryptocurrency organizations facing audio deepfake fraud 3. The accessibility of AI tools has democratized deepfake creation, allowing even non-technical attackers to generate convincing synthetic media with minimal coding skills 4. Reports indicate a staggering 704% increase in face swap attacks across 2023, demonstrating the exponential growth of this threat vector 4.

Vulnerabilities in Current Biometric Systems

Traditional biometric authentication systems face significant vulnerabilities when confronted with sophisticated synthetic attacks. Research conducted at Penn State found that four of the most common facial liveness verification methods currently in use could be easily bypassed using deepfakes 5. The study developed a framework called “LiveBugger” which demonstrated that facial liveness verification features on various apps could be fooled by deepfake images and videos.

The fundamental challenge lies in the fact that conventional biometric systems were designed to distinguish between live humans and simple presentation attacks (like printed photos or basic recordings), but they struggle against AI-generated content that can mimic the subtle characteristics of live biometric samples 6, 7. Facial recognition systems, which rely on static features and patterns, are particularly vulnerable to sophisticated deepfake attacks that can replicate facial landmarks, expressions, and even micro-movements 8.

Voice biometric systems face similar challenges, with AI voice synthesis now capable of replicating vocal patterns, pitch, and tone with unsettling accuracy 8. Attackers can create voice clones using just a few seconds of recorded audio, enabling them to bypass voice-based authentication systems that were previously considered secure.

Impact on Authentication Confidence

The proliferation of deepfakes has begun to erode confidence in biometric authentication systems. Gartner analysts predict that by 2026, 30% of companies will lose confidence in facial biometric authentication due to the sophistication of AI deepfakes 1. This loss of confidence is not unfounded – traditional verification methods, including basic selfie comparisons and document-based biometric checks, are increasingly ineffective against realistic fake images, videos, and voices generated by accessible AI tools 3.

The problem extends beyond simple spoofing attacks. Fraudsters can now create entirely new synthetic identities that appear legitimate, utilizing generative AI models to produce hyper-realistic identification documents and deepfake videos capable of evading traditional liveness detection mechanisms 3. This capability allows attackers to circumvent Know Your Customer (KYC) checks employed by financial services, creating fraudulent accounts and executing unauthorized transactions.

Emerging Countermeasures and Technologies

The biometric industry is responding to these challenges through several innovative approaches designed to detect and prevent deepfake attacks:

Advanced Liveness Detection

Modern liveness detection technologies have evolved far beyond simple movement or challenge-response mechanisms. Companies like Mitek have developed sophisticated systems that can detect deepfakes and synthetic attacks through consistency analysis between different biometric modalities  9. Their IDLive^® Face product has achieved recognition as a top performer in NIST facial presentation attack detection evaluations and demonstrates effectiveness against sophisticated fraud attempts 9.

Next-generation liveness detection systems incorporate passive analysis that can identify subtle artifacts and inconsistencies inherent in AI-generated content without requiring active user participation 10. These systems analyze factors such as texture inconsistencies, temporal anomalies, and physiological impossibilities that are difficult for current deepfake generation technologies to replicate perfectly.

Multimodal Biometric Fusion

One of the most promising defenses against deepfake attacks is the implementation of multimodal biometric systems that combine multiple authentication factors. Research shows that while attackers might successfully spoof one biometric modality, creating convincing fakes across multiple modalities simultaneously becomes exponentially more difficult 11, 12.

Companies are developing systems that integrate facial recognition, voice authentication, and behavioral biometrics into unified platforms. For example, Mitek’s MiPass^® solution combines advanced facial and voice biometrics with passive liveness detection specifically to safeguard against deepfakes, synthetic identities, and identity theft  9.

AI-Powered Detection Systems

The fight against AI-generated attacks increasingly requires AI-powered defense systems. Researchers have developed sophisticated detection frameworks that can identify deepfakes by analyzing high-level audio-visual biometric features and semantic patterns 13. These systems focus on detecting characteristics that current deepfake generation technologies struggle to replicate, such as individual mannerisms and unique biometric patterns that persist across different contexts.

Advanced detection systems employ ensemble learning approaches and transformer-based architectures to improve accuracy in identifying synthetic content 11. These systems can achieve authentication accuracy rates exceeding 99.5% while maintaining spoof detection rates above 99.3% 11.

Tokenization and Privacy-Preserving Solutions

A fundamental shift in biometric security involves moving away from storing raw biometric templates to using irreversibly transformed tokens. Companies like Trust Stamp have developed technologies that replace biometric templates with cryptographic hashes that can never be rebuilt into original data 14, 15. These Irreversibly Transformed Identity Tokens (IT2) maintain matching capability while eliminating the risk of biometric data theft and misuse.

This approach addresses both deepfake vulnerabilities and privacy concerns by ensuring that even if systems are compromised, the stolen data cannot be used to recreate biometric information or generate convincing synthetic reproductions 14, 15.

Behavioral and Continuous Authentication

The future of biometric security increasingly relies on behavioral analysis and continuous authentication rather than single-point verification. Systems are being developed that monitor keystroke dynamics, mouse movements, and other behavioral patterns to create unique user profiles that are extremely difficult to replicate through synthetic means 16, 17.

Zero-trust architectures that implement continuous authentication represent a significant advancement in combating deepfake threats 18, 19. These systems continuously verify user identity throughout a session, making it much more challenging for attackers to maintain unauthorized access even if they successfully bypass initial authentication.

Industry Response and Future Outlook

The biometric industry has recognized the severity of the deepfake threat and is investing heavily in countermeasures. Companies are developing specialized solutions for different attack vectors, including injection attack detection that protects against virtual cameras and software-based spoofing attempts 10. These systems can detect when fraudsters use emulators, cloning apps, or other software tools to inject synthetic content into authentication processes.

The integration of artificial intelligence into biometric systems is driving improvements in both accuracy and security. AI-driven algorithms are enhancing biometric processing speeds and fraud detection capabilities while continuously learning and adapting to new attack methods 20. Modern facial recognition systems now achieve accuracy levels exceeding 99.5% under optimal conditions while incorporating sophisticated anti-spoofing measures 20.

Recommendations for Organizations

Organizations implementing or upgrading biometric authentication systems should consider several key strategies:

Adopt Multimodal Approaches: Implement systems that combine multiple biometric factors rather than relying on single-modality authentication. This significantly increases the difficulty for attackers to create convincing synthetic reproductions across all required modalities 12.

Implement Advanced Liveness Detection: Deploy passive liveness detection systems that can identify synthetic content without requiring user interaction. These systems should be regularly updated to address new deepfake generation techniques 21.

Consider Tokenization Technologies: Evaluate privacy-preserving biometric solutions that use irreversible tokenization to eliminate the risk of biometric data theft and reduce the potential for synthetic identity creation 14, 15.

Plan for Continuous Authentication: Develop zero-trust architectures that continuously verify user identity throughout sessions rather than relying solely on initial authentication 18, 19.

Stay Current with Threat Intelligence: Maintain awareness of evolving deepfake technologies and attack methods to ensure defensive measures remain effective against emerging threats 4.

Investigate Photolok^Ò :  It is a passwordless IAM solution that uses photos – not passwords. Photolok can be used as a second factor behind a biometric to prevent access and authentication. Its unique architecture protects against AI attacks as well as lateral movements. To learn more, go to www.netlok.com .

The rise of deepfakes and synthetic IDs represents a paradigm shift in cybersecurity threats, but the biometric industry is actively developing sophisticated countermeasures. Success in this evolving landscape will require organizations to adopt comprehensive, multi-layered approaches that combine advanced detection technologies, continuous authentication, and privacy-preserving architectures. While the challenges are significant, the continued advancement of defensive technologies provides hope for maintaining the security and integrity of biometric authentication systems in the face of increasingly sophisticated synthetic attacks.

1. https://www.bairesdev.com/blog/ai-deepfakes-biometric-authentication/
2. https://recordia.net/en/deepfakes-the-new-challenge-of-biometric-authentications/
3. https://nquiringminds.com/cybernews/aigenerated-synthetic-identities-challenge-biometric-security/
4. https://www.iproov.com/deepfake-protection-liveness
5. https://insights.globalspec.com/article/19166/study-deepfakes-can-trick-some-facial-recognition-systems
6. https://ieeexplore.ieee.org/document/10744460/
7. https://www.techtarget.com/searchsecurity/tip/How-deepfakes-threaten-biometric-security-controls
8. https://www.realitydefender.com/insights/traditional-biometrics-are-vulnerable-to-deepfakes
9. https://www.sec.gov/Archives/edgar/data/807863/000080786324000142/mitk-20240930.htm
10. https://www.idrnd.ai/idlive-face-plus-injection-attack-detection-deepfake-protection/
11. https://internationalpubls.com/index.php/cana/article/view/4547
12. https://www.jumio.com/biometrics-multimodal-approach/
13. https://www.biometricupdate.com/202204/researchers-claim-biometric-deepfake-detection-method-improves-state-of-the-art
14. https://www.sec.gov/Archives/edgar/data/1718939/000141057823001411/idai-20230331xs1.htm
15. https://www.sec.gov/Archives/edgar/data/1718939/000141057825000078/idai-20250930x424b4.htm
16. https://ieeexplore.ieee.org/document/10986481/
17. https://ieeexplore.ieee.org/document/10937066/
18. https://ijaem.net/issue_dcp/Zero%20Trust%20Architecture%20%20Beyond%20Perimeter%20Security%20Implementing%20Continuous%20Authentication%20and%20Least%20Privilege%20Access.pdf
19. https://www.swidch.com/resources/blogs/why-should-continuous-authentication-be-at-the-heart-of-your-zero-trust-architecture
20. https://www.identity.com/the-intersection-of-artificial-intelligence-ai-and-biometrics/
21. https://veridas.com/en/liveness-detection/
22. https://www.sec.gov/Archives/edgar/data/1534154/000121390023078358/ea185564-424b4_authidinc.htm
23. https://www.sec.gov/Archives/edgar/data/1718939/000110465925007699/idai-20250930xs1a.htm
24. https://www.sec.gov/Archives/edgar/data/1718939/000110465925006360/idai-20250930xs1.htm
25. https://www.sec.gov/Archives/edgar/data/894158/000141057822002238/syn-20220630x10q.htm
26. https://www.sec.gov/Archives/edgar/data/1824036/000119312522133568/d270117d20f.htm
27. https://www.sec.gov/Archives/edgar/data/1718939/000171893924000043/idai-20231231.htm
28. https://www.sec.gov/Archives/edgar/data/1718939/000141057823001949/idai-20230331x424b4.htm
29. https://www.sec.gov/Archives/edgar/data/1718939/000141057823002078/idai-20230630x424b4.htm
30. https://journal.ph-noe.ac.at/index.php/resource/article/view/1389
31. https://fcc08321-8158-469b-b54d-f591e0bd3df4.filesusr.com/ugd/185b0a_8b00f6cfb36d43258341f6fc7bc35beb.pdf
32. https://arxiv.org/abs/2410.07888
33. https://www.nature.com/articles/s41598-023-28162-6
34. https://www.tandfonline.com/doi/full/10.1080/19393555.2024.2347240
35. https://ieeexplore.ieee.org/document/9499970/
36. https://www.isaca.org/resources/white-papers/2024/examining-authentication-in-the-deepfake-era
37. https://www.fime.com/ko_KP/blog/beulrogeu-15/post/q-a-improving-biometric-systems-using-ai-based-spoofing-396
38. https://idtechwire.com/researchers-detail-synthetic-face-generation-via-arcface-embedding/
39. https://www.sec.gov/Archives/edgar/data/1477960/000147793225002922/cbbb_10k.htm
40. https://www.sec.gov/Archives/edgar/data/1477960/000147793225000414/cbbb_424b4.htm
41. https://www.sec.gov/Archives/edgar/data/1477960/000147793225000304/cbbb_s1a.htm
42. https://www.sec.gov/Archives/edgar/data/1477960/000147793225000119/cbbb_s1.htm
43. https://www.sec.gov/Archives/edgar/data/6951/000000695125000024/amat-20250427.htm
44. https://www.sec.gov/Archives/edgar/data/866273/000086627324000092/mtrx-20240630.htm
45. https://ieeexplore.ieee.org/document/10440513/
46. https://vfast.org/journals/index.php/VTSE/article/view/1842
47. https://www.semanticscholar.org/paper/fe2c53467f61889a0b499cc9ed274f91d19545b9
48. http://jurnal.polinema.ac.id/index.php/jip/article/view/3977
49. https://irojournals.com/iroiip/article/view/5/2/8
50. https://ieeexplore.ieee.org/document/10850831/
51. https://arxiv.org/abs/2404.15854
52. https://www.semanticscholar.org/paper/7b9475866b8f88898bfe2dde4912d99527d21087
53. https://ieeexplore.ieee.org/document/9953623/
54. https://www.jumio.com/deepfake-detection-guide/
55. https://arxiv.org/pdf/2202.10673.pdf
56. https://www.idrnd.ai/anti-spoofing-for-authentication/
57. https://pubmed.ncbi.nlm.nih.gov/40218678/
58. https://www.sec.gov/Archives/edgar/data/1015739/000095017025038714/awre-20241231.htm
59. https://www.sec.gov/Archives/edgar/data/1019034/000143774924019357/bkyi20231231_10k.htm
60. https://ieeexplore.ieee.org/document/10571244/
61. https://ieeexplore.ieee.org/document/10437443/
62. https://ieeexplore.ieee.org/document/9861234/
63. https://ieeexplore.ieee.org/document/10000958/
64. https://ieeexplore.ieee.org/document/10870196/
65. https://www.hindawi.com/journals/wcmc/2022/6367579/
66. https://ieeexplore.ieee.org/document/9860313/
67. https://www.entrust.com/blog/2023/09/user-authentication-zero-trust
68. https://www.beyondidentity.com/resource/zero-trust-and-continuous-authentication-a-partnership-for-network-security
69. https://www.servicenow.com/community/platform-privacy-security-blog/announcing-zero-trust-continuous-authentication/ba-p/3210909
70. https://www.portnox.com/blog/zero-trust/continuous-authentication-a-game-changer-for-zero-trust/
71. https://faceonlive.com/biometric-authentication-trends-and-predictions-for-2025/
72. http://www.enggjournals.com/ijcse/doc/IJCSE17-09-08-001.pdf
73. https://www.atera.com/blog/best-biometric-security-device/
74. https://journal.esrgroups.org/jes/article/download/6643/4609/12253
75. https://link.springer.com/10.1007/s12198-024-00272-w
76. https://www.iproov.com/blog/deepfakes-threaten-remote-identity-verification-systems
77. https://sumsub.com/liveness/
78. https://link.springer.com/10.1007/978-3-031-37120-2_22
79. https://www.crowdstrike.com/en-us/cybersecurity-101/zero-trust-security/

• Photolok Home
• How It Works
• About Us
• Blog
• Contact Support
• Contact Sales & Marketing

Member – Insider GovTech

FOLLOW US ON SOCIAL MEDIA

Linkedin-in Youtube Facebook-f

©2015-2026 Netlok. All rights reserved.

Privacy Policy

Terms of Service