Unveils 30 Groundbreaking Deep Fake Detection Plugins to Strengthen ATO Protection inside Android & iOS Apps
Appdome, the leader in protecting mobile businesses, announced it is extending its Account Takeover Protection suite with 30 new dynamic defense plugins for Deep Fake Detection in Android & iOS apps. The new plugins are designed to guarantee the integrity of Apple Face ID, Google Face Recognition and 3rd party face and voice recognition services against AI-generated and other deepfake attacks. Like all Appdome defenses, each of the 30 new dynamic defense plugins for Deep Fake Detection is available by choice using the Appdome platform without the need to integrate code, perform manual coding, implement SDKs, or deploy servers.
“The mobile economy depends on the integrity of facial recognition, FaceID and other biometric authentication methods as they are more and more used to reduce friction,” said Eric Newcomer, CTO and Principal Analyst, Intellyx. “However, attackers are constantly finding new ways to bypass biometric authentication. Appdome is taking on the challenge of AI-Generated Deepfake Attacks head-on and providing mobile businesses the granular detection and control defenses to stop these attacks inside the mobile app, preventing them from passing attack data to other systems. This is a great way to combat ATOs and ODF quickly and efficiently.”
The mobile economy trusts Face ID and facial recognition for authentication, Know Your Customer (KYC) compliance, and to combat on-device fraud (ODF). Mobile brands rely on facial recognition, including liveness checks, to streamline authentication while also building and maintaining trust with their users. Brands tell users that facial recognition will ensure that only the authorized account holder can access their apps, accounts, and services. However, the number and sophistication of attacks targeting every aspect of facial recognition and biometric authentication have exploded in the last nine months, driven by the rise of AI-generated deepfakes, virtual cameras, image substitution, buffer attacks, voice cloning and other methods. Deepfake attacks easily generate hyper-realistic and adversarial replications or manipulations that can fool facial and voice verification systems. Sometimes attackers use virtual cameras to inject pre-recorded or live video streams into the facial recognition process. Other times, image buffer attacks manipulate face data processing in real time to bypass liveness detection processes. The speed of evolution, ease of use, and ubiquity of deepfake attacks make deepfake detection one of the top anti-fraud and anti-ATO objectives for brands and enterprises in 2025.
“Everyone, from mobile app developers to enterprises to Face ID and Facial Recognition vendors, is struggling with the technical challenges of detecting AI-generated Deepfakes and Face ID Bypass techniques,” said Tom Tovar, CEO of Appdome. “While no one can stop the creation of deepfakes, we’ve succeeded in stopping their use inside mobile applications and we’re making our innovations available to mobile app developers and face recognition vendors alike.”
Despite the growing sophistication of Face ID and facial recognition services for mobile applications, Face ID bypass techniques, which manipulate biometric authentication processes, use virtual cameras and use AI-generated synthetic images or streams to mimic legitimate users, have started to outpace biometric authentication methods. Additionally, malicious actors are developing tools and techniques to exploit vulnerabilities in device hardware, face recognition software and face recognition APIs to compromise the integrity of biometric authentication. These challenges highlight the need for enhanced security measures around the biometric authentication workflows, to safeguard Face ID and facial recognition against deepfake attacks.
Also Read: NSFOCUS Praised by Frost & Sullivan for Tackling Cybersecurity
Appdome’s Deep Fake Detection plugins sit on top of OS-native or third-party Face ID, facial recognition and voice recognition methods, including face verification SDKs. This approach ensures that any facial recognition process is secure from deepfake attacks and provides enhanced integrity and security for authentication workflows, regardless of the provider. Specific attack vectors that Appdome’s Deep Fake Detection protects against include:
- Face ID Bypass: Detects attempts to bypass Native Android and iOS biometric, facial recognition authentication systems on mobile devices, including FaceID and Biometric API calls, hardware abstraction layers and more.
- Deep Fake Apps: Detects deepfake and face swap apps that can be used to spoof facial recognition services used by Android and iOS applications, including in combination with virtual camera and video injection tools.
- Deepfake Video Detection: Detects synthetic identity attacks, video injection, frame and image buffer attacks, Direct Memory Access (DMA) attacks, monitors face embeddings and more.
- Appdome Liveness Detection: Applies primary or secondary liveness check to ensure a real face is used during the facial recognition process, applying AI models to verify 3D depth, skin texture, lighting, eye reflectiveness, the strength of liveness image, and more.
- Voice Cloning: Detects synthetic voice spoofing and voice cloning apps when in use with the protected application, perfect for applications that rely on “my voice is my password” authentication workflows.
Brands and businesses can expect each Appdome defense to detect a Deep Fake attack as well as its variants. Appdome dynamic defense plugins use real-time behavioral analysis to detect the behaviors and methods that the multitude of FaceID bypass and AI-based Deep Fake and Voice Cloning Tools use to exploit authentication checks in Android & iOS apps. As a learning system, it constantly evolves to ensure continuous defense against Deep Fakes and related threats.
“It’s amazing how fast facial recognition, FaceID and other biometric authentication methods were undermined by AI-generated deepfakes in the mobile economy,” said Chris Roeckl, Chief Product Officer at Appdome. “Appdome is the only solution on the market that places sentries and defenses deep in the execution framework of the mobile application to prevent the deepfake delivery model and well as the use of deepfakes in the applications themselves.”
Source: PRNewswire