By Ricardo Amper, Founder & CEO, Incode
Deepfakes are evolving and are no longer confined to misinformation campaigns or viral media manipulation. Most security teams already understand the deepfake problem; however, the more urgent shift is how synthetic media is being operationalized.
This fraud vector is being leveraged inside the identity moments that power the internet and economy – such as customer onboarding at a bank, driver onboarding for gig and delivery platforms, marketplace seller verification, account recovery, remote hiring, partner access, and privileged access workflows.
As more work and business is done remotely, identity has become a primary control point – and a primary target. Bad actors don’t only want to fool a selfie check; they want to impersonate a real person, establish durable access, and reuse that foothold across consumer and enterprise environments.
Cybersecurity and fraud teams are now dealing with a convergence of tactics that all aim at the same decision – the moment a system concludes “this is a real person”:
- High-fidelity synthetic faces and voices that can pass quick checks
- Replayed real footage from stolen or harvested sessions
- Automation that probes verification flows at scale
- Injection attacks that compromise the capture pipeline and substitute the input stream upstream
This is why “deepfake detection” alone is no longer enough. Enterprises need full-session validation: including perception, device integrity, and behavioral signals… all in a single, real-time control.
That is the model behind Incode Deepsight: an approach built to validate identity sessions end-to-end, not just evaluate the media in isolation.
The right question is not only “Does this face look real?” It is “Can we trust this entire session end-to-end?”
Deepfakes and injection are enterprise security issues
In enterprise systems, a successful bypass is not a reputation event; it’s an access event. When verification accepts a manipulated or compromised session as real, attackers can:
- Create fraudulent accounts using synthetic identities
- Take over existing user accounts
- Bypass HR verification in remote hiring
- Gain unauthorized access to sensitive internal systems
Unlike social media deception, these attacks can enable persistent access inside trusted environments. The downstream impact is durable: account persistence, privilege-escalation pathways, and lateral movement opportunities that start with a single false verification decision.
An independent study from Purdue University evaluated leading biometric vendors under advanced deepfake and presentation attack scenarios.
See how Incode’s DeepSight performance ranked across real-world attack simulations.
Read the Study
Where identity checks fail: assuming the sensor is trustworthy
Most identity checks are built around two signals: facial similarity and “liveness.” Both are useful, and both can be undermined if the system assumes the input stream is authentic.
Attackers break that assumption in two complementary ways.
First, they mimic real media. Deepfakes and voice clones are improving under real operating conditions – short clips, mobile capture, compression, and imperfect lighting. A workflow that depends on a narrow visual surface area is increasingly exposed to false acceptance.
Second, they bypass the sensor entirely. Injection attacks substitute the input stream before it reaches analysis. Instead of presenting a face to a camera, attackers can:
- Use virtual camera software to feed synthetic or pre-recorded video
- Run verification sessions inside emulators designed to mimic legitimate mobile devices
- Operate from rooted or jailbroken devices that bypass integrity checks
- Substitute live capture with manipulated streams upstream
In these scenarios, the media can look perfect because it never had to survive a real capture path. That is why perception-only defenses (even strong ones) are necessary but not sufficient.
What the Purdue Political Deepfakes Incident Database benchmark shows
One practical problem for deepfake defense is generalization: detectors that test well in controlled settings often degrade in “in-the-wild” conditions.
Researchers at Purdue University evaluated deepfake detection systems using their real-world benchmark based on the Political Deepfakes Incident Database (PDID).
PDID contains real incident media distributed on platforms such as X, YouTube, TikTok, and Instagram, meaning the inputs are compressed, re-encoded, and post-processed in the same ways defenders often see in production.
Key factors include:
- Heavy compression and re-encoding
- Sub-720p resolution
- Short, mobile-first clips
- Heterogeneous generation pipelines
Detectors were evaluated end-to-end using metrics such as accuracy, AUC, and false-acceptance rate (FAR). In identity workflows, FAR is often the more consequential metric, because even a small false-acceptance rate can allow persistent unauthorized access.
Purdue’s results also highlight a practical reality for defenders: performance varies dramatically across detectors once inputs look like production.
Among the commercial systems evaluated in Purdue’s PDID benchmark, Incode’s Deepsight delivered the strongest results when the task is purely visual deepfake detection – evaluating video content itself under real incident conditions.
But that is only the first layer of the problem.
It’s important to be precise: PDID measures robustness of media detection on real incident content. It does not model injection, device compromise, or full-session attacks.
In real identity workflows, attackers do not choose one technique at a time; they stack them. A high-quality deepfake can be replayed. A replay can be injected. An injected stream can be automated at scale.
The best media detectors still can be bypassed if the capture path is untrusted. That’s why Deepsight goes even deeper than asking “Is this video a deepfake?”
Deepsight closes that gap by validating the full session across three layers: perception, integrity, and behavior, so that the system can stop attacks whether they arrive as a convincing deepfake, a replay, or an injected stream.
Manual review doesn’t close the gap
Human review can reduce some classes of fraud, but it is not a scalable security control against synthetic media.
Even trained reviewers struggle to determine real from fake as generative models improve.
Today’s injection attacks invalidate the premise and undermine human judgment entirely: a session can appear legitimate while the input stream is substituted upstream. Even consensus reviews among several experts cannot establish that the capture path was authentic.
The security model that holds up: trust the session, not just the pixels.
If attackers can win either by improving the media or by bypassing the sensor, defenses have to validate the session across multiple layers in real time:
- Perception: Is the media itself manipulated?
- Integrity: Is the device, camera, and session authentic?
- Behavior: Does the interaction reflect a real human and a normal verification flow?
This model creates resilience. If a high-quality deepfake evades perception, integrity and behavioral signals can still prevent a successful bypass. If media is injected, integrity checks can fail the session regardless of how realistic the pixels look.
How Incode Deepsight blocks deepfakes and injection attacks in real time
Attackers are scaling. They can iterate against verification flows quickly, probe edge cases, and operationalize what works. Deepfakes raise the baseline risk of false acceptance, injection removes the camera as a reliable sensor and automation increases the volume of attempts.
Enterprises that treat identity verification as a one-time check rather than a real-time security process will struggle to keep pace.
Incode Deepsight is designed around a simple premise: if identity workflows are being attacked at both the media layer and session layer, defenses must validate the entire verification session end-to-end.
During live verification, Deepsight combines three layers in real time:
- Perception analysis: Multi-modal AI that evaluates video, motion, and depth signals across multiple frames to detect synthetic media and physical spoofs. Deepsight also protects ID capture by detecting AI-generated identity documents.
- Integrity validation: Camera and device authenticity checks to identify and block injected media sources, such as virtual cameras, emulators, and compromised environments.
- Behavioral risk signals: Detection of automation indicators and bot-like interaction patterns that frequently accompany scaled attacks.
This layered model is what makes Deepsight resilient in practice. If a high-quality deepfake evades perception, integrity and behavioral signals can still prevent a successful bypass. If media is injected, integrity checks can fail the session regardless of how realistic the pixels look.
The goal is straightforward: determine whether the entire verification session can be trusted – not only whether a face looks real, but whether a real human is present on a trusted device in a live, untampered interaction.
Closing the gap between detection and deployment
Defending identity workflows now requires controls that assume adversarial AI and untrusted capture environments.
Deepfake defense must evolve from spotting manipulated pixels to validating the authenticity of entire verification sessions. Layered defenses across media authenticity, device integrity, and behavioral signals are the most reliable way to reduce false acceptance without adding unnecessary friction for legitimate users.
Learn how Deepsight blocks deepfakes and injection attacks in real time. incode.com/deepsight
Sponsored and written by Incode.
