By Ricardo Amper, Founder & CEO, Incode

Deepfakes are evolving and are no longer confined to misinformation campaigns or viral media manipulation. Most security teams already understand the deepfake problem; however, the more urgent shift is how synthetic media is being operationalized.

This fraud vector is being leveraged inside the identity moments that power the internet and economy – such as customer onboarding at a bank, driver onboarding for gig and delivery platforms, marketplace seller verification, account recovery, remote hiring, partner access, and privileged access workflows.

As more work and business is done remotely, identity has become a primary control point – and a primary target. Bad actors don’t only want to fool a selfie check; they want to impersonate a real person, establish durable access, and reuse that foothold across consumer and enterprise environments.

Cybersecurity and fraud teams are now dealing with a convergence of tactics that all aim at the same decision – the moment a system concludes “this is a real person”:

• High-fidelity synthetic faces and voices that can pass quick checks
• Replayed real footage from stolen or harvested sessions
• Automation that probes verification flows at scale
• Injection attacks that compromise the capture pipeline and substitute the input stream upstream

This is why “deepfake detection” alone is no longer enough. Enterprises need full-session validation: including perception, device integrity, and behavioral signals… all in a single, real-time control.

That is the model behind Incode Deepsight: an approach built to validate identity sessions end-to-end, not just evaluate the media in isolation.

The right question is not only “Does this face look real?” It is “Can we trust this entire session end-to-end?”

Deepfakes and injection are enterprise security issues

In enterprise systems, a successful bypass is not a reputation event; it’s an access event. When verification accepts a manipulated or compromised session as real, attackers can:

• Create fraudulent accounts using synthetic identities
• Take over existing user accounts
• Bypass HR verification in remote hiring
• Gain unauthorized access to sensitive internal systems

Unlike social media deception, these attacks can enable persistent access inside trusted environments. The downstream impact is durable: account persistence, privilege-escalation pathways, and lateral movement opportunities that start with a single false verification decision.

Where identity checks fail: assuming the sensor is trustworthy

Most identity checks are built around two signals: facial similarity and “liveness.” Both are useful,  and both can be undermined if the system assumes the input stream is authentic.

Attackers break that assumption in two complementary ways.

First, they mimic real media. Deepfakes and voice clones are improving under real operating conditions – short clips, mobile capture, compression, and imperfect lighting. A workflow that depends on a narrow visual surface area is increasingly exposed to false acceptance.

Second, they bypass the sensor entirely. Injection attacks substitute the input stream before it reaches analysis. Instead of presenting a face to a camera, attackers can:

• Use virtual camera software to feed synthetic or pre-recorded video
• Run verification sessions inside emulators designed to mimic legitimate mobile devices
• Operate from rooted or jailbroken devices that bypass integrity checks
• Substitute live capture with manipulated streams upstream

In these scenarios, the media can look perfect because it never had to survive a real capture path. That is why perception-only defenses (even strong ones) are necessary but not sufficient.

What the Purdue Political Deepfakes Incident Database benchmark shows

One practical problem for deepfake defense is generalization: detectors that test well in controlled settings often degrade in “in-the-wild” conditions.

Researchers at Purdue University evaluated deepfake detection systems using their real-world benchmark based on the Political Deepfakes Incident Database (PDID).

PDID contains real incident media distributed on platforms such as X, YouTube, TikTok, and Instagram, meaning the inputs are compressed, re-encoded, and post-processed in the same ways defenders often see in production.

Key factors include:

• Heavy compression and re-encoding
• Sub-720p resolution
• Short, mobile-first clips
• Heterogeneous generation pipelines

Detectors were evaluated end-to-end using metrics such as accuracy, AUC, and false-acceptance rate (FAR). In identity workflows, FAR is often the more consequential metric, because even a small false-acceptance rate can allow persistent unauthorized access.

Purdue’s results also highlight a practical reality for defenders: performance varies dramatically across detectors once inputs look like production.

Among the commercial systems evaluated in Purdue’s PDID benchmark, Incode’s Deepsight delivered the strongest results when the task is purely visual deepfake detection – evaluating video content itself under real incident conditions.

But that is only the first layer of the problem.

It’s important to be precise: PDID measures robustness of media detection on real incident content. It does not model injection, device compromise, or full-session attacks.

In real identity workflows, attackers do not choose one technique at a time; they stack them. A high-quality deepfake can be replayed. A replay can be injected. An injected stream can be automated at scale.

The best media detectors still can be bypassed if the capture path is untrusted. That’s why Deepsight goes even deeper than asking “Is this video a deepfake?”

Deepsight closes that gap by validating the full session across three layers: perception, integrity, and behavior, so that the system can stop attacks whether they arrive as a convincing deepfake, a replay, or an injected stream.

Manual review doesn’t close the gap

Human review can reduce some classes of fraud, but it is not a scalable security control against synthetic media.

Even trained reviewers struggle to determine real from fake as generative models improve.

Today’s injection attacks invalidate the premise and undermine human judgment entirely: a session can appear legitimate while the input stream is substituted upstream. Even consensus reviews among several experts cannot establish that the capture path was authentic.

The security model that holds up: trust the session, not just the pixels.

If attackers can win either by improving the media or by bypassing the sensor, defenses have to validate the session across multiple layers in real time:

• Perception: Is the media itself manipulated?
• Integrity: Is the device, camera, and session authentic?
• Behavior: Does the interaction reflect a real human and a normal verification flow?

This model creates resilience. If a high-quality deepfake evades perception, integrity and behavioral signals can still prevent a successful bypass. If media is injected, integrity checks can fail the session regardless of how realistic the pixels look.

How Incode Deepsight blocks deepfakes and injection attacks in real time

Attackers are scaling. They can iterate against verification flows quickly, probe edge cases, and operationalize what works. Deepfakes raise the baseline risk of false acceptance, injection removes the camera as a reliable sensor and automation increases the volume of attempts.

Enterprises that treat identity verification as a one-time check rather than a real-time security process will struggle to keep pace.

Incode Deepsight is designed around a simple premise: if identity workflows are being attacked at both the media layer and session layer, defenses must validate the entire verification session end-to-end.

During live verification, Deepsight combines three layers in real time:

• Perception analysis: Multi-modal AI that evaluates video, motion, and depth signals across multiple frames to detect synthetic media and physical spoofs. Deepsight also protects ID capture by detecting AI-generated identity documents.
• Integrity validation: Camera and device authenticity checks to identify and block injected media sources, such as virtual cameras, emulators, and compromised environments.
• Behavioral risk signals: Detection of automation indicators and bot-like interaction patterns that frequently accompany scaled attacks.

This layered model is what makes Deepsight resilient in practice. If a high-quality deepfake evades perception, integrity and behavioral signals can still prevent a successful bypass. If media is injected, integrity checks can fail the session regardless of how realistic the pixels look.

The goal is straightforward: determine whether the entire verification session can be trusted – not only whether a face looks real, but whether a real human is present on a trusted device in a live, untampered interaction.

Closing the gap between detection and deployment

Defending identity workflows now requires controls that assume adversarial AI and untrusted capture environments.

Deepfake defense must evolve from spotting manipulated pixels to validating the authenticity of entire verification sessions. Layered defenses across media authenticity, device integrity, and behavioral signals are the most reliable way to reduce false acceptance without adding unnecessary friction for legitimate users.

Learn how Deepsight blocks deepfakes and injection attacks in real time. incode.com/deepsight

Sponsored and written by Incode.

To mark Holi 2026, OPPO India has introduced festive offers on its Reno Series and Find X9 models. Customers will be able to take advantage of interest-free EMI options, zero-down-payment options, and other cashback benefits. These offers will be available for a brief period of time from March 1st to March 8th.

Festive Holi Offers

1. Zero Down Payment & Interest-Free EMI

2. Bank Card Cashback Benefits

To make upgrades more attractive, OPPO is offering customers up to 10% cashback on bank card transactions. These offers will be available for EMI and non-EMI transactions. The cards issued by SBI, Axis Bank, Bank of Baroda, Federal Bank, DBS, IDFC First Bank, Kotak Mahindra Bank, and Yes Bank are eligible for these offers.

3. 10% Cashback on UPI Transactions

OPPO is offering up to 10% cashback on UPI transactions during the Holi sale. This benefit helps reduce the overall purchase cost. At the same time, it encourages customers to use digital payment methods.

OPPO Reno15 Series

The OPPO Reno15 Series is built for those who love capturing colourful moments. The Pro Mini model features a 200MP camera, while the Reno15 comes with a 50MP main camera.

Both devices offer 3.5x telephoto zoom, PureTone Technology, and 4K HDR video recording. The Pop-Out feature makes photos look more dynamic. The Reno15 starts at Rs 41,399, and the Reno15 Pro Mini starts at Rs 53,999.

OPPO Find X9

The OPPO Find X9 combines premium imaging with festive offers, starting at Rs 69,499. It includes a Hasselblad-tuned triple camera system led by a 50MP Sony LYT808 sensor with OIS, supported by a 50MP ultra-wide and a 50MP Sony LYT600 3X periscope telephoto lens.

The phone sports a 6.59-inch 120Hz AMOLED display protected by Gorilla Glass 7i and carries an IP69 rating. With the MediaTek Dimensity 9500 chipset, a 7025mAh battery, 80W wired and 50W wireless charging, plus AI tools like AI MindSpace, AI Editor, and O+ Connect, it delivers a complete flagship experience.

OPPO’s special Holi deals are valid between March 1 and March 8, 2026. Since the campaign runs for a short time, buyers should plan their purchase accordingly.

Apple on Monday unveiled the latest version of its budget-friendly iPhone line. The iPhone 17e retails for $599 and will be available on March 11.

The smartphone comes with the A19 chip that’s found in the base iPhone 17, and will support Apple Intelligence. The base model comes with 256 GB of storage, which Apple says is twice the entry storage from the previous generation.

One of the most notable changes from the previous budget iPhone is the addition of MagSafe and Qi2, which supports wireless charging up to 15W.

The smartphone is available in black, white, and a new soft pink color.

Additionally, the iPhone 17e comes with C1X, Apple’s latest-generation cellular modem, which, the company says, is up to twice as fast as the C1 modem in the iPhone 16e, and uses 30% less energy.

As for the camera, the iPhone 17e features that same 48-megapixel camera as the iPhone 16e.

The iPhone 17e is rated IP68 for dust and water resistance, and its 6.1-inch Super Retina XDR display is protected by Ceramic Shield 2, which is said to offer trice the scratch resistance than the previous generation.

The iPhone 17e supports Emergency SOS via satellite, Roadside Assistance, and Find My.

• Best Buy Canada leaked a listing page for the ‘Sonos Play’ speaker, but it has since been deleted
• It’s set to arrive March 31, and costs $399.99
• The new Bluetooth speaker could be Sonos’ mid-range option alongside the Roam 2 and Move 2

Apple isn’t the only one with new devices on the way, as leaks of a new Sonos portable Bluetooth speaker hint that the audio giant could be dropping the device imminently — and people already like what they see.

Dubbed ‘Sonos Play’, the speaker was leaked on Best Buy Canada’s site with a full gallery of images and a thorough list of specs, but has since been taken down. Luckily, a user on Reddit managed to snap some images before the listing was removed from Best Buy’s online store (see below).

sonos from r/sonos/comments/1ri2yqr/upcoming_sonos_portable_speaker

Tai Neilson, a senior lecturer at Macquarie University explores how data has become a ‘hot commodity’ for companies training AI systems.

When the World Wide Web went live in the early 1990s, its founders hoped it would be a space for anyone to share information and collaborate. But today, the free and open web is shrinking.

The Internet Archive has been recording the history of the internet and making it available to the public through its Wayback Machine since 1996. Now, some of the world’s biggest news outlets are blocking the archive’s access to their pages.

Major publishers – including The Guardian, The New York Times, the Financial Times, and USA Today – have confirmed they’re ending the Internet Archive’s access to their content.

While publishers say they support the archive’s preservation mission, they argue unrestricted access creates unintended consequences, exposing journalism to AI crawlers and members of the public trying to skirt their paywalls.

Yet, publishers don’t simply want to lock out AI crawlers. Rather, they want to sell their content to data-hungry tech companies. Their back catalogues of news, books and other media have become a hot commodity as data to train AI systems.

Robot readers

Generative AI systems such as ChatGPT, Copilot and Gemini require access to large archives of content (such as media content, books, art and academic research) for training and to answer user prompts.

Publishers claim technology companies have accessed a lot of this content for free and without the consent of copyright owners. Some began taking tech companies to court, claiming they had stolen their intellectual property. High-profile examples include The New York Times’ case against ChatGPT’s parent company OpenAI and News Corp’s lawsuit against Perplexity AI.

Old news, new money

In response, some tech companies have struck deals to pay for access to publishers’ content. NewsCorp’s contract with OpenAI is reportedly worth more than $250m over five years.

Similar deals have been struck between academic publishers and tech companies. Publishing houses such as Taylor & Francis and Elsevier have come under scrutiny in the past for locking publicly funded research behind commercial paywalls.

Now, Taylor & Francis has signed a $10m nonexclusive deal with Microsoft granting the company access to over 3,000 journals.

Publishers are also using technology to stop unwanted AI bots accessing their content, including the crawlers used by the Internet Archive to record internet history. News publishers have referred to the Internet Archive as a “back door” to their catalogues, allowing unscrupulous tech companies to continue scraping their content.

The cost of making news free

The Wayback Machine has also been used by members of the public to avoid newspaper paywalls. Understandably, media outlets want readers to pay for news.

News is a business, and its advertising revenue model has come under increasing pressure from the same tech companies using news content for AI training and retrieval. But this comes at the expense of public access to credible information.

When newspapers first started moving their content online and making it free to the public in the late 1990s, they contributed to the ethos of sharing and collaboration on the early web.

In hindsight, however, one commentator called free access the “original sin” of online news. The public became accustomed to getting their digital editions for free, and as online business models shifted, many mid- and small-sized news companies struggled to fund their operations.

The opposite approach – placing all commercial news behind paywalls – has its own problems. As news publishers move to subscription-only models, people have to juggle multiple expensive subscriptions or limit their news appetite. Otherwise, they’re left with whatever news remains online for free or is served up by social media algorithms. The result is a more closed, commercial internet.

This isn’t the first time that the Internet Archive has been in the crosshairs of publishers, as the organisation was previously sued and found to be in breach of copyright through its Open Library project.

The past and future of the internet

The Wayback Machine has served as a public record of the web for more than three decades, used by researchers, educators, journalists and amateur internet historians.

Blocking its access to international newspapers of note will leave significant holes in the public record of the internet.

Today, you can use the Wayback Machine to see The New York Times’ front page from June 1997: the first time the Internet Archive crawled the newspaper’s website. In another 30 years, internet researchers and curious members of the public won’t have access to today’s front page, even if the Internet Archive is still around.

Today’s websites become tomorrow’s historical records. Without the preservation efforts of not-for-profit organisations like The Internet Archive, we risk losing vital records.

Despite the actions of commercial publishers and emerging challenges of AI, not-for-profit organisations such as the Internet Archive and Wikipedia aim to keep the dream of an open, collaborative and transparent internet alive.

By Tai Neilson

Tai Neilson is a senior lecturer in media at Macquarie University. His areas of expertise include the political economy of digital media and critical cultural theory. He is the author of Journalism and Digital Labor and a co-editor of the book Research Methods for the Digital Humanities.Tai has published work on journalism and digital media in Digital Journalism, Journalism, Media International Australia, Journalism and Media, Triple-C, Fast Capitalism, and the Global Media Journal.

Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.

Claude appears to be having a major outage right now, with elevated errors reported across all platforms.

The incident was flagged on March 2, 2026, and it’s impacting users broadly rather than being limited to one app or region.

According to the latest status update, the team is still investigating the issue.

The first “Investigating” notice went out at 11:49 UTC, and a follow-up update at 12:06 UTC said the investigation is ongoing.

For now, that likely means you may see failed requests, timeouts, or inconsistent responses when trying to use Claude on web, mobile, or API.

There’s no ETA mentioned yet, but the status suggests it’s actively being worked on

Malware is getting smarter. The Red Report 2026 reveals how new threats use math to detect sandboxes and hide in plain sight.

Download our analysis of 1.1 million malicious samples to uncover the top 10 techniques and see if your security stack is blinded.

Download The Report

One of my biggest gripes when navigating a new area is that I’m too busy following directions on my phone to really take in my surroundings. But after trying on Google’s Android XR glasses, I’ve seen a promising solution. 

At Mobile World Congress in Barcelona, I got a demo of Google’s wearable prototype frames and was more impressed than I expected to be. I’m not big on wearables; I’m good with plain-old glasses and jewelry that can’t ping me with notifications throughout the day. But I decided to give the Android XR glasses a try as I explored a strip of the MWC conference hall dubbed Android Avenue. 

With a thick black frame and clear lenses, the Android XR prototype glasses look rather unassuming — especially because the display in the right lens is barely perceptible. Once I put them on, I long-pressed the right side temple to trigger Gemini and ask questions about objects around me. Then my skepticism slowly began to dissolve.

The feature that sold me was the Google Maps demo. I looked at a photo of Barcelona stadium Camp Nou and asked Gemini to “navigate here.” White text appeared in the center of the lens, showing me how far I’d need to go before turning right. And when I looked down, I could see a visualization of the route, like you’ll find in the Maps app on a mobile device, so I could just follow the highlighted path. That would solve my dilemma of wanting to know where I’m going while also trying to take in the view. 

I also looked at a vinyl cover for Barcelona, the album by Freddie Mercury and Montserrat Caballé, and asked Gemini to play a song from it. The audio quality was impressively comparable to what I’d hear with headphones — but without the feeling of something in or on my ears, which I appreciated. 

And lastly, I got a demo of live translation through the glasses. The Google employee showing me the prototype spoke in Spanish and then Farsi, and an overlay of text appeared as I looked through the glasses at him and my surroundings. Perhaps the coolest part is I also heard the English translation spoken aloud in his (AI-generated) voice. 

Google has also tapped this AI tech for its Pixel 10 phones, so if you’re on a phone call with someone speaking a different language, you’ll get real-time translation with a simulation of their voice. Google Translate also got an AI update last year that surfaces audio and text translations in the app as two people chat. Glasses feel like a good fit for this use case, too, since you don’t have to pull out your phone and look down at a screen when talking to someone. If the other person doesn’t have Android XR glasses, though, they’ll need to glance at their phone to see a translation of what you’re saying. 

I walked away from the demo finding I’d softened to the idea of potentially owning smart glasses of my own someday. I’m not completely sold, as I’m not sure I need more tech in my life, but there are certainly instances in which it could come in handy to see a subtle overlay of answers from an AI assistant like Gemini. And because Android XR glasses look more like standard specs than the doomed Google Glass, I could probably pull them off without looking too pretentious. CNET’s Patrick Holland had a similar conversion moment when he tried the Android XR glasses at Google I/O last year.

As CNET’s Scott Stein has noted, smart glasses “aim to be what you want to wear, ideally every day and all day long. They could well become constant companions like your earbuds, smartwatch, fitness band and wellness ring, and as indispensable as your phone.”

I’ll probably have to wait a bit longer before making that call for myself. Google hasn’t shared any specifics on a launch date for glasses with Android XR, though it has said that Warby Parker and Gentle Monster will be the first eyeglass brands to carry the AI-powered glasses.