So again, I wasn't sure if I would pass the verification.
It worked! It means the bank employees don’t have a reference for my voice. Whoever checks the recordings pays more attention to the video than the audio.
Status: verification passed
Reflections on the verification testing process.
I was lucky. I found testing conditions that allowed me to trigger verification requests and even fail or pass without affecting further tests directly. These conditions allow you to arrange trial-and-error tests – exactly what I needed.
Based on different timeouts of each verification, I came to the conclusion that humans did the final proof. Busy hours and off-work hours took longer than off-peak time for verifications. If checks are made only by humans, there's always a bias factor. The same video sent again and again eventually could be accepted.
When you create a deepfake, the facial match between the origin and the destination videos is important. As well as light conditions, quality of videos and even more minor details: what glasses do you wear, what fringe do you have? In my tests, I allowed myself some flexibility that criminals would not have.
The verification process is still a blackbox – I don’t know if all my tests cumulatively affected the outcome or not. And ff any previous recordings are available to the staff.
Overall, if you have enough time to produce something like that: https://www.youtube.com/watch?v=h1Rr9X5QuIk, ultimately, any verification done by humans, could be bypassed.
Recommendations for banks.
And pretty much to everyone who relies on photo/video/audio verifications:
Control your environment! I don't know how to stress this enough, but this is the key! If your customer's iPhone is jailbroken, it is possible to modify every piece of information that goes from the phone to APIs, and there's no trust in this data.
2. Analyse content from every possible aspect. You should begin with an ML detection toolkits for deepfakes - that will give you an advantage. There're obvious pieces of evidence of modified videos, such as metatags and strings in the input. Some of them are less obvious: uneven gradient, blur, etc.
3. Collect your previous data and learn based on that data. Why does my recording suddenly change the voice? Why did I submit dozens of verification requests? Why my Device ID changes each time subsequently? Why does someone try to send the same video again and again, hoping to be accepted eventually?
4. With deepfakes becoming a commodity, you need to consider making your verification steps more complex. Some KYC providers require video calls facilitated by staff instead of simple recordings. They would ask you to do some unusual things – tilt your document, turn left, right. You can balance the technological advantage of your adversaries by deterring them with more complex checks.
These days it's fairly simple to create deepfake content not only for a proof of concept or a funny TikTok video. Using open source tools or commercial mass products, criminals with enough patience and even a shallow understanding of technology can bypass banks' restrictions.