Biometric Attack Prevention

Keyless combines detection and prevention techniques to make biometric spoofing unfeasible.

Biometric Attacks in the Age of Deepfakes

With the advent of deepfakes the number of biometric spoofing attacks has risen rapidly.
Between 2023 and 2024, there was a 223% rise in deepfake-related tools on dark web forums - and in 2024, 42% of organizations experienced phishing, vishing, deepfakes, or other social engineering attacks.
Identity verification and authentication technologies serve as gatekeepers - if they fail to stop biometric spoofing, the system is compromised.

A Shift From Detection to Prevention

Historically, biometric systems relied solely on active liveness detection to stop spoofing – prompting users to blink, turn their head, or move naturally to prove they were real.
While still valuable, liveness checks alone are no longer enough. As biometric attacks grow more advanced, the focus must shift to prevention. Spoofing is typically carried out using specialized tools that inject software directly into a camera.
By blocking these tools outright, biometric attacks can be prevented before they even begin.

What are Biometric Attacks?

Biometric Attacks can be grouped into two categories: 

Presentation Attacks

Masks, paper printouts, and screens - whether real or deepfaked - are shown to the camera. If the system accepts them, the fraudster gains access. These can be prevented by using passive checks such as textures, patterns, or light reflection that are harder to fake.

Injection Attacks

Photos or videos - whether real or deepfaked - are digitally injected into the camera software. More advanced than presentation attacks, injection attacks rely on software tools like emulators that wouldn’t normally be used by legitimate users. The best way to prevent these is by blocking the use of these tools in the first place.

Keyless Biometric Attack Prevention: A Multi-Step Approach

Keyless combines a multi-factor by design approach with passive liveness, injection attack prevention, and behavioral analysis to detect and prevent biometric spoof attempts.

Multi-Factor by Design

Before any face check, Keyless first confirms if the device being used matches the one used at signup. If not, authentication fails.

Presentation Attack Detection

Keyless detects presentation attacks using passive checks, looking at textures, patterns, and light indicators - harder to fake than blinking or smiling.

Injection Attack Prevention

Keyless blocks injection by detecting spoofing tools and unusual signals that suggest the device or environment has been tampered with.

Behavioral Signals

Using deep learning, Keyless combines camera input and sensor data to detect if a device is being held naturally or manipulated with fake images or videos.

Webinar: The Deepfake Dilemma

Listen to our Co-Founder and CTO Paolo Gasti explain deepfakes—their origins, the risks they pose, and the technologies designed to stop them.

Passwordless is Just the Beginning.
The Future is Keyless.