Liveness vs deepfakes: the 2026 detection guide for KYC

The KYC fraud landscape changed in 2024 and is still changing. Generative models that can produce convincing photographs and videos of a fake person, or convincingly impersonate a real one, have become cheap enough that opportunistic attackers - not just nation-state-tier adversaries - can use them. For any fintech that relies on a selfie as part of identity verification, liveness detection is no longer optional. This is a practical guide to where liveness sits in the stack, what the attacks actually look like, and how to choose between the available approaches.

What liveness detects, and what it doesn't

Liveness detection is a layer that asks: is the face in front of the camera a real, live human present at this moment, or is it a representation of one?

Liveness detection is not face recognition. Face recognition asks: is this person the same as the person on the document? Liveness asks: is this thing in front of the camera even a person?

In a KYC flow the two run in sequence: liveness first (am I looking at a real human?), then face match (is that human the same one on the document?). Skipping liveness leaves face match wide open to presentation attacks.

The presentation-attack universe

Threat actors against KYC use a finite, well-understood set of presentation attacks. A useful taxonomy from ISO/IEC 30107:

Print attacks

A printed photograph held in front of the camera. Easy to detect with modern liveness because printed photos have no 3D structure, no skin texture micro-variation, and reflective behaviour that gives them away.

Screen replay

A photograph or video of a person played back on a phone or tablet held in front of the camera. Harder than print because a screen produces real moving signal, but still detectable through Moiré patterns, screen-edge artifacts, brightness inconsistencies, and the lack of natural micro-saccades.

Paper masks

Cutouts of eyes/mouth attached to a person's face. The blend of real-skin and paper-skin around the eyes is usually obvious to a trained liveness model. Hardest variant: cutouts of real photographs printed at correct skin tone with realistic shadowing.

Silicone or latex masks

Higher-fidelity 3D masks. These are expensive and rare. Anti-spoof at this tier requires either NIR (near-infrared) capture, which most consumer phones don't have, or sophisticated texture analysis.

Deepfake video, real-time

Using a generative model to synthesise the victim's face onto the attacker's live video, with lip-sync and pose matched to the attacker's actual motion. This is the threat that emerged in 2023–2024 and is now the dominant concern.

Injection attacks

Bypassing the camera entirely - injecting a pre-recorded video or a deepfake stream directly into the API as if it came from the device camera. Often achieved through malware on the user's device or a virtual camera. This is the attack vector that grew fastest in 2025.

Passive vs active liveness

Liveness implementations divide into two families.

Passive liveness

The user takes a normal selfie. The liveness model analyses the captured image (or short burst of frames) for signals of liveness: micro-textures, depth cues from stereo or motion, reflection patterns, frequency-domain artifacts.

Pros: zero user friction. The user does what they would do anyway. Cons: strictly harder problem, especially against good deepfakes. The model has no interactive challenge to pose.

Passive liveness is appropriate for retail tiers where friction matters and the value at risk per transaction is moderate.

Active liveness

The user is prompted to perform a small action - turn their head, blink, smile, follow a moving dot, or read out three random digits. The liveness model verifies that the action happened correctly.

Pros: dramatically harder for an attacker to mount in real time. A pre-recorded video can't follow a random instruction. Cons: user friction, accessibility considerations (some users can't blink on command), longer onboarding flow.

Active liveness is appropriate for higher-risk segments - enhanced due diligence, large transfers, account recoveries.

A good operational pattern: passive liveness as the default, with active liveness step-up when risk signals warrant it (new device, high-value first transfer, geographic anomaly).

The deepfake arms race

In 2024 a wave of "deepfake KYC" toolkits surfaced - packages that combine a face-swap generator with a virtual camera driver, designed specifically to bypass selfie-based KYC. Detection of these has become the central battleground of liveness in 2025–2026.

Three current detection approaches:

Frequency-domain analysis

Generative models leave subtle artifacts in the frequency domain - patterns in the high-frequency components that real cameras don't produce. Detection models trained to spot these artifacts are effective against today's deepfakes but require continuous retraining as generators improve.

Temporal consistency

A real face exhibits subtle continuous physical effects: micro-pulsations from heartbeat, micro-saccades, blink dynamics, skin response to ambient light changes. Deepfakes often fail to reproduce these consistently across a short video. Liveness systems that capture 2–4 seconds of video, not just a still, can detect inconsistencies that a single frame would never reveal.

Active challenge-response

The strongest defence: a randomly-chosen action the user must perform during capture (e.g. "turn your head to the left, then look up"). A deepfake pipeline cannot easily synthesise an arbitrary action in real time without significant latency and quality degradation. Combined with measurement of the timing and smoothness of the action, this raises the cost of attack substantially.

Injection attack defence

Even the best liveness model is defeated if the attacker can bypass the camera. Defence here is platform-level, not algorithmic:

Device attestation

The mobile app cryptographically attests to the platform that it's running on a real device, with the real camera, not in an emulator or with a hooked camera driver. Apple's App Attest and Android's Play Integrity API are the production primitives. They aren't perfect - both can be defeated with sufficient effort - but they raise the cost of attack from "trivial" to "non-trivial."

Image provenance

Capture the image with metadata that proves it came from the camera (timestamps, sensor IDs, capture parameters) and sign it on-device. The backend rejects images that lack the signature or whose metadata is inconsistent.

Server-side capture

For high-stakes flows, do the capture server-side: the user is presented a one-time URL that streams from their device to your backend via WebRTC. You control the pipeline end-to-end. This is heavier infrastructure but eliminates whole classes of injection attacks.

Choosing your stack

A pragmatic stack for an East African fintech in 2026:

Tier 1 (retail, low value)

• Passive liveness on the selfie.
• Device attestation if you have a native app.
• Face match against document portrait.
• Quality gates at capture time - reject low-light or blurred submissions before they hit your model.

Tier 2 (enhanced due diligence, larger amounts)

• Active liveness with a randomised challenge (3 actions, randomised order).
• 2–4 second video capture, not a single still.
• Frequency-domain deepfake check on the captured video.
• Face match.

Tier 3 (account recovery, high-value)

• Active liveness plus a video call with a human agent who confirms the person matches the document portrait.
• Out-of-band verification - call the registered phone number, confirm a code.

These tiers should be invoked based on transaction risk, not applied uniformly. Most onboardings should run through Tier 1. The escalation path is what catches the actual fraud cases.

Operating liveness in production

Three patterns that matter once you're live:

Track the spoof rate, not just the pass rate

Look at the distribution of liveness scores over time, not just the binary accept/reject. A shift in the distribution - more borderline scores, more retries needed - is an early signal that attackers are probing your threshold.

Tune for false-reject, retry-friendly UX

A 1% false-reject rate sounds small but means 1 in 100 legitimate customers gets sent back to the start. Build a retry that explains what to do (better light, hold the camera at eye level) without revealing what the liveness check is actually looking for.

Log everything for forensics

When a fraud case comes back to you weeks later, you need to reconstruct exactly what was captured, what the liveness scores were, and what the system decided. Store the captured video for the retention period, store the model scores, and store the device-attestation evidence. Without this, fraud reconciliation is impossible.

Where the field is going

The 2026–2027 trajectory is clear: generative attacks will get better, defensive techniques will keep up, and the security boundary will increasingly shift from the algorithm to the platform - device attestation, image provenance, end-to-end captures controlled by the verifier rather than the user's device. Algorithm-only defences will be insufficient by 2027 for high-value flows. Plan now.

For the broader KYC context, see KYC in Somalia: A 2026 guide for fintechs. The face-match step that follows liveness has its own demographic considerations covered in Face match accuracy across skin tones.

Closing

Liveness is the layer that decides whether your face-match is meaningful or theatre. Get it wrong and you have a verified-looking selfie that turns out to be a deepfake video of a real person whose identity has been stolen. Get it right and the rest of the KYC stack becomes load-bearing again. The technology is available, the operating patterns are known, and the cost of doing this seriously is small compared to the alternative.

If you want to compare your liveness operating point against ours, send a sample through the playground or [get in touch](mailto:olow304@gmail.com?subject=Ogowkey%20 - %20liveness).