One identity security firm has some disturbing 2024 data, and their solution is: rapid preemptive defenses that can intercept novel attacks

Based on what is described as “live observations of criminal activity worldwide” at its security operations center and other firms’ surveys, a biometric identity verification firm has released some of its own data findings for 2024 recently.

First, the data analyzed was deemed to signal a trend that native virtual camera attacks had become the primary threat vector, increasing by 2,665% due partly to mainstream app store infiltration.

Second, face Swap attacks had surged 300% compared to data analyzed for 2023, with threat actors shifting focus to systems using liveness detection protocols.

Third, in the 2024 data, the online Crime-as-a-Service ecosystem had grown, with 23,698 users now selling attack technologies compared to 11,267 users not selling such tools.

Other findings

Fourth, image-to-video conversion (a technique that transforms static images into convincing video content that could pose very significant challenges for most remote identity verification systems). While synthetic identity attacks typically use Face Swaps, has emerged as a new synthetic identity attack vector with a simple, two-step process that could impact many liveness detection solutions already in the market. Also:

  • Fifth, what were previously simple, lone-wolf attacks have evolved into a complex, multi-actor long-term attacks involving threat actors embedding stolen, bought, and synthetically derived identities into the fabric of everyday online identity access points. Some of the most insidious attacks have used “sleeper tactics”: code that remains dormant for extended periods of time, quietly prepared to wreak havoc on networks.
  • Synthetic identity fraud (SIF) was the fastest-growing type of fraud in the data. It combines legitimate data with fabricated personal information to create convincing false identities. Fraudsters then methodically build credibility for these synthetic identities by establishing credit histories, opening multiple accounts across different institutions, and creating digital footprints that appear authentic. SIF creates entirely new identities that incorporate both real and fake elements. Without a real victim to raise the alarm, and with some components of the identity being legitimate, traditional detection methods often fail to recognize these synthetic fraud patterns.
  • On the whole, the data analyzed showed that criminals have been replicating attacks faster than ever, launching parallel operations across different sectors and expanding their reach into remote work systems and corporate communications.

According to Dr Andrew Newell, Chief Scientific Officer, iProov, the firm releasing its 2024 data analysis findings: “What was once the domain of high-skilled actors has been transformed by an accessible marketplace of tools and services that low-skilled actors can now use with minimal technical expertise for maximum results.”