Identity Verification
Is No Longer “Simple”: The Real Challenge of eKYC in the Deepfake Era

In previous articles, we examined electronic Know Your Customer (eKYC) methods, common fraud patterns, and techniques used to detect suspicious activities. This article focuses on facial recognition technologies designed to identify deepfake-related fraud, a rapidly growing threat in the eKYC landscape.

The Most Common eKYC Method—and Its Limitations

Today, the most widely adopted eKYC approach relies on a combination of selfie images and identity document photos, in accordance with Article 6, Paragraph 1, Item 1 (“Ho”) of Japan’s Act on Prevention of Transfer of Criminal Proceeds Enforcement Regulations.

However, the primary weakness of this method lies in the relative ease of forgery, a risk that has intensified as deepfake technologies continue to advance.

Deepfake: A Rapidly Evolving Threat

In recent years, fraudulent applications using deepfake technology have increased significantly. Deepfakes leverage AI to generate fake images, videos, or audio that closely resemble real individuals, making identity verification far more challenging.

The potential threat of deepfakes could cost businesses dearly

Rather than attempting to detect deepfakes directly, modern eKYC systems increasingly focus on identifying injection attack conditions—scenarios in which manipulated or synthetic data is introduced into the verification process. These detections typically rely on three key categories of signals:

1. Accelerometer Data

When users capture selfies on smartphones, the device naturally exhibits subtle movements, resulting in fluctuating accelerometer values.
In contrast, virtual cameras running on PCs tend to produce static sensor readings. By monitoring device tilt and motion, systems can detect abnormal behavior.

2. Touchscreen Interaction Analysis

On smartphones, capturing an image usually involves finger contact, creating distinctive touch-area patterns. Virtual cameras cannot accurately replicate these characteristics, allowing systems to identify discrepancies in touch behavior and surface contact.

3. Camera and Image Signal Analysis

eKYC systems monitor camera input streams to detect anomalies such as image replacement, unnatural transitions, or inconsistencies through image hash analysis, all of which may indicate fraud.

Fraud via Screens and Virtual Cameras

Another common fraud tactic involves capturing facial images through a display screen, such as photographing a face shown on another device.
Images taken this way exhibit different light reflections compared to images of a real human face, enabling systems to detect screen-based spoofing.

In cases involving virtual cameras, image analysis alone is insufficient. As a result, systems collect device context information, flagging behaviors that deviate from normal usage patterns.

Image Quality Assessment: The Foundation of Accurate Verification

High-accuracy identity verification depends heavily on image quality. Modern eKYC platforms incorporate image quality assessment technologies to ensure reliable recognition by:

• Detecting handshake and prompting retakes

• Identifying overexposure or excessive light reflection

• Evaluating image resolution and size

Only images that pass all quality checks are accepted for identity verification.

Emerging Trend: My Number Card Authentication on Smartphones

One of the most notable recent developments is the rollout of My Number Card integration on smartphones, which began on June 24. Alongside this launch, regulatory updates introduced the new “Ru” authentication method, considered a major step forward.

Once users register their My Number Card on their smartphones, identity verification can be completed solely through biometric authentication, eliminating the need for passwords or document photography. This significantly improves user convenience.

The Japanese government also expects My Number Cards to be utilized across a broader range of services and industries.

New Risks and Preventive Measures

Despite its advantages, the “Ru” method introduces new risks. For example, attackers may deceive victims into registering their My Number Card on the attacker’s smartphone.

New trend: Verification using My Number Card on smartphones

To mitigate this risk, systems require facial capture during registration, comparing the live image against the photo stored in the company’s financial or wallet application to confirm that the legitimate user is operating.

The Future of IC Reading and Application Strategy

As IC chip reading becomes more prevalent, completing identity verification entirely within a browser environment will become increasingly difficult. Businesses must therefore consider:

• Whether to require users to install a dedicated application

• Or to leverage technologies that allow browsers to trigger background apps for IC chip reading

For users who cannot meet these requirements, companies must provide alternative guidance—such as app installation—or introduce services that enable online identity verification and electronic signatures without physical cards.

A key challenge lies in accurately assessing each user’s device environment and readiness, then offering appropriate instructions accordingly.

Can the Challenge Be Solved?

As fraud techniques grow more sophisticated—driven by deepfakes and injection attacks—eKYC can no longer be reduced to simple “photo capture and comparison.” Organizations now require multi-layered, adaptive identity verification solutions that address emerging risks while maintaining a seamless user experience.

This is the philosophy behind SupoⓈ eKYC: combining advanced facial recognition, device behavior analysis, real-time image quality assessment, and regulatory compliance to enable secure, flexible, and scalable digital onboarding.

In an era where identity verification underpins digital trust, selecting the right eKYC solution from the outset will determine not only security posture but also an organization’s long-term growth potential.

SupoⓈ Admin

• eKYC SDK
• eKYC Server
• eKYC Solutions in Japan