Generative AI – a type of artificial intelligence technology through which content such as text, images, audio, and video can be produced via written prompts – has become a global sensation in just a matter of months. Even outside of the tech industry, you’d be hard-pressed to find someone who hasn’t heard of ChatGPT, DALL-E, MuseNet, or any of the other generative AI programs that have recently been released to the public at no cost (for now).
Leaders in sectors ranging from academia to film and television have spoken about the consequences this technology could have in the hands of bad actors. Concerns about plagiarism, copyright infringement, and disinformation have all leapt to the forefront since the beginning of the year.
Others have noted how generative AI has been a boon to marketers and businesses seeking to create high-quality content at scale, improve the user experience, and increase the efficiency of development workflows.
Fewer people, however, are talking about how generative artificial intelligence has completely disrupted the identity verification (IDV) and fraud detection landscape. In other words, what would ‘the ChatGPT of IDV’ look like?
The most advanced IDV solutions use generative AI and neural networks along with biometric data – such as a person’s face – to authenticate users seeking to perform a high-risk activity like opening a bank account or initiating a financial transaction. The requirement, therefore, is to create solutions that stay ahead of bad actors by using the technology better than they do.
Advanced fraudsters use what’s called synthetic media to steal identities. More commonly known as ‘deepfakes’, this technology uses generative AI to create convincing image, audio, and video hoaxes. Deepfakes often work by transforming existing content where one person is swapped for another, and they can be incredibly hard to detect with the unaided human eye.
The ease of creating a convincing deepfake can vary depending on various factors, such as the quality of the source material, the complexity of the algorithm used, and the creator’s level of technical expertise. Unfortunately, the availability of powerful, open-source machine learning software has had a proliferating effect on identity fraud – it is becoming far easier for individuals with only basic-level technical knowledge to create convincing deepfakes.
An additional contributing factor to the rise in identity fraud is the profusion of training data. Creating a convincing deepfake requires a large dataset of images or videos to train the algorithm. With virtually limitless content available for the taking on social media platforms, there is an abundance of material online.
Computing capacity is yet another variable in the fraud equation. The production of deepfakes requires a significant amount of processing power, which has become more accessible with the availability of cloud-based computing services and affordable graphics processing units (GPUs).
Faced with these mounting threats, a robust IDV solution is no longer a nice-to-have item, but rather an essential part of safely doing business. Manual techniques are no longer fit for purpose; companies need to invest in AI-driven IDV software to keep themselves and their users safe.
Happening concurrently with the upsurge in identity fraud is a growing trend of regulations focused on biometric data privacy. With fingerprints, iris scans, and facial recognition now commonly used as part of businesses’ authentication processes, concerns over privacy and misuse have led to increased regulatory attention.
A couple of the most significant examples of biometric data privacy regulations are the General Data Protection Regulation (GDPR) in the European Union and the California Consumer Privacy Act (CCPA) in the US. These policies set strict requirements for the collection, use, and storage of personal data and mandate that companies implement adequate security measures to protect it.
The Biometric Information Privacy Act (BIPA) in the state of Illinois, first enacted in 2008, has also been gaining renewed attention. Significantly, BIPA prohibits companies from using biometric data collected from users to train their machine-learning algorithms and provides a mechanism for users to pursue litigation for privacy rights violations.
With such regulations placing strict guardrails on how biometric data can be used, IDVerse has instead trained its technology on vast datasets of AI-generated synthetic faces. This technique allows our learning model to improve its accuracy in identifying – and locking out – bad actors attempting to gain access using deepfakes.
Here are five steps for incorporating generative AI into IDV systems development:
Gather a diverse dataset of synthetic media: generate a large dataset of unlabelled synthetic media produced by generative AI systems, including images, videos, and audio recordings.
Label the dataset: thoroughly annotate the synthetic media dataset to identify the type of deepfake, the system used to generate it, and any other relevant information.
Train the identity-proofing system: Use the labelled dataset to train the identity-proofing system on how to spot deepfakes created by generative AI systems.
Evaluate the performance of the system: test the trained system on a different dataset of synthetic media and evaluate its performance using a variety of advanced metrics.
Refine the training process: based on the outcomes of the evaluation, refine the training process to improve the accuracy of the identity-proofing system.
Another key element of the development process is encoding the ability to share learnings, which is becoming imperative in the fight against synthetic media deployed in high-volume flash attacks. Using advanced deep neural networks and shared fraud hubs, IDV systems can apply knowledge learned in one part of the network across the entire ecosystem of users.
It’s clear that the generative AI arms race between would-be fraudsters and businesses who collect and accumulate user data is only just beginning to heat up. The stakes have never been higher – and companies need to prepare by implementing effective, efficient IDV solutions.
This editorial was initially published in the Financial Crime and Fraud Report 2023 which dives into the captivating world of fraud management, digital onboarding, and financial crime in the financial services industry. You can download your free copy here.
Daniel is the Co-founder and CPO of IDVerse, an OCR Labs Company. Dan is a serial entrepreneur, and along with co-founder Matt Adams, launched his third startup. Dan has developed patent-pending machine learning technology that can read and understand languages used by 98% of the world’s population whilst achieving Zero Bias AI. He leads the product team at IDVerse to ensure that clients onboard customers smoothly and remotely, are compliant and stop identity fraud.
IDVerse, an OCR Labs Company helps you quickly scale your business globally. Our fully-automated solution verifies new users in seconds with just their face and smartphone – in over 220 countries and territories with any ID document – without the burden of human intervention. For more information, visit https://idverse.com/
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now