CaraComp
CaraComp
Forensic-Grade AI Face Recognition for:
Get Started7-day refund guarantee**
biometrics

That "99% Face Match" Unlocking Your Bank? Fraudsters Just Found the Skip Button.

That "99% Face Match" Unlocking Your Bank? Fraudsters Just Found the Skip Button.

Here's something that should make you stop scrolling: a facial recognition system can be 99.5% accurate and still confirm the wrong person's identity — with total confidence. Not because it's broken. Because it's working exactly as designed, on a face that was never real to begin with.

TL;DR

A face that "looks right" — even one a computer is 99% sure about — is no longer proof of identity. Real verification now requires three separate checks: was the person live, were they the right person, and can you trust how that image was captured?

We've spent years getting comfortable with facial recognition. Your phone unlocks when it sees your face. Airport gates wave you through. Banks verify your selfie. It all feels reliable — almost magical. And the accuracy numbers really have gotten remarkable. So it's completely understandable to think: if the face matches, the person is verified.

That assumption made sense five years ago. It doesn't anymore. And the gap between what people believe and what's actually happening is where a staggering amount of fraud is now living.


The Number That Should Worry You

1,151%
increase in "injection attacks" on biometric systems in a single year
Source: iProov, as reported by Biometric Update

An injection attack — let's translate that immediately — is when someone doesn't sit in front of a camera and get their face scanned. Instead, they intercept the data stream between the camera and the verification system, and inject a fake video or image directly into that pipeline. The system never sees a real face. It sees a perfectly constructed digital file, fed in at exactly the right moment.

Think about that. The camera never captures a fraudster's face, because the fraudster's face never appears in front of the camera. The deepfake skips the camera entirely.

According to Biometric Update, this technique is now so accessible that a digitally literate teenager can work out how to stage a basic injection attack to bypass biometric verification. We're not talking about nation-state hackers in a basement. We're talking about someone with a laptop and a free afternoon.

And the scale of what's at stake? Deloitte predicts generative AI fraud losses of up to $40 billion in the U.S. alone by 2027. That's not a rounding error. That's a crisis hiding behind a confidence score.


Why the Matching Score Feels Like Proof (And Why It Isn't)

Here's why smart people get this wrong — and it's not because they're careless. Facial recognition matching really is impressive. Modern systems map dozens of points across a face: the distance between your eyes, the geometry of your jaw, the exact curve of your nose bridge. They crunch all of that into a single comparison score. A 98% match feels definitive. It sounds like proof.

The problem is that the matching algorithm only answers one question: do these two face-maps look alike? It has no idea — none — whether the image it just analyzed came from a real human being sitting in front of a camera five seconds ago, or from an AI that generated a photorealistic face at 2am for someone committing fraud.

"Systems still assume that seeing or hearing someone provides assurance." Biometric Update, reporting on deepfake threats inside corporate systems

That sentence deserves a slow read. The systems — the same ones issuing those reassuring confidence scores — were built on an assumption that no longer holds. Seeing a face used to mean a human was there. Now it means a file was there. Those are very different things.

Here's an analogy that makes this click: imagine you ordered a package and it arrives with a perfect shipping label — right name, right address, correct tracking number. You'd probably assume the contents are legitimate. But the label and the contents are two separate things. A fraudster can fake the label without touching the contents. A facial match is the label. It tells you the face-map compares correctly. It tells you nothing about whether the face was real, alive, or captured through a process you can trust.


Trusted by Investigators Worldwide
Run Forensic-Grade Comparisons in Seconds
Court-ready facial comparison reports. Results in seconds.
Get Started
7-day refund guarantee**
🎆 July 4th Sale: 50% OFF your first month — use code JULY426 at checkout · ends July 11

The Three Questions That Actually Verify Identity

Real identity assurance — the kind that holds up — doesn't ask one question. It asks three. And all three have to check out.

Question 1: Was the person live?

This is what the industry calls "liveness detection" (meaning: can the system tell the difference between a real human face and a photo, video, or 3D mask of a face?). Early liveness checks asked you to blink or turn your head. Smarter systems now look for micro-movements, the way light scatters off skin versus a screen, even subtle blood-flow signals detectable through subtle color changes in your cheeks. But here's the catch — liveness detection at the camera level can still be bypassed by injection attacks that skip the camera entirely. Liveness is necessary. It's not sufficient.

Question 2: Is it the right person?

This is the matching step — comparing the captured face against a stored record. This is the part everyone focuses on, and the part where accuracy scores live. It's genuinely important. But as we just established, it's only meaningful if the first question checked out and the third question checks out too.

Question 3: Can you trust how the image was captured?

This is the one most people have never thought about — and it's the one fraudsters are now exploiting most aggressively. "Capture integrity" means: did this image arrive through a verified, tamper-resistant process? Was the camera certified? Was the data pipeline between that camera and the verification system secure and monitored? Could someone have slipped a deepfaked video into that stream between point A and point B? Continue reading: That 99 Face Match Unlocking Your Bank Fraudsters Just Found.

According to Biometric Update's reporting on the industry's shift toward measurable assurance standards, liveness detection alone at the authentication point leaves systems wide open to injection attacks plugged in after that initial check. The industry is now moving toward independently certified end-to-end processes — not just certified algorithms, but certified capture pipelines.

NIST (the National Institute of Standards and Technology, basically the U.S. government body that sets the bar for tech reliability) is updating its digital identity guidelines specifically to address this gap. The UK is developing a deepfake detection evaluation framework. These aren't small tweaks. They're the standards community acknowledging that the old single-question model is broken.

What You Just Learned

  • 🧠 Injection attacks skip the camera entirely — they feed fake face data directly into the verification pipeline, making camera-level liveness checks irrelevant
  • 🔬 A 99.5% match score applied to a deepfaked face produces 99.5% confidence in a false identity — the matcher's accuracy is irrelevant if the input was synthetic
  • 🔐 Capture integrity is the missing third check — was the pipeline between the camera and the system secure, verified, and tamper-resistant?
  • 💡 Three weak signals that agree beat one strong signal every time — corroboration across liveness, matching, and capture integrity is harder to fake than any single high score

What This Means for You, Specifically

You might not be running an identity verification system. But you probably interact with one more often than you think — every time you verify your identity for a bank, pass through a government portal, or confirm your face for an app. And increasingly, decisions get made based on those verification results.

The practical takeaway isn't paranoia. It's a better question. When someone tells you an identity was "verified by facial recognition," the right response is no longer "great, what was the confidence score?" The right response is: what was the capture process, and is it certified?

At CaraComp, this is exactly the kind of distinction that shapes how facial recognition evidence should be interpreted — not just whether a face matched, but whether the entire chain from capture to comparison can be independently defended. A high confidence score from an uncertified pipeline is a starting point for investigation, not a conclusion.

This is also why the industry is shifting away from vendor-claimed accuracy numbers toward independent, third-party certified performance standards. A company saying "our system is 99.8% accurate" is not the same as that system being independently tested against injection attacks under realistic conditions. One is marketing. The other is assurance.

Key Takeaway

A face match is the label on the package, not the contents. Real identity assurance requires three things to all check out: the person was live, it was the right person, and the capture process itself was trusted and tamper-resistant. One strong confidence score, without the other two, is not proof — it's a starting point.

So here's the question worth sitting with — the one that reframes the whole thing: if you were reviewing identity photos for something that really mattered to you, would you rather have one 98% facial match with no information about how the image was captured? Or three separate checks — liveness confirmed, face matched, pipeline certified — each at 80%?

The three-part answer is harder to fake. Because to fool it, you'd have to fool three independent systems simultaneously, each checking something different. That's the whole point. A deepfake that beats a matching algorithm still has to get past liveness detection and survive capture integrity checks. Right now, most systems only make it run one of those three gauntlets. The con artists already know which one to skip.

Ready for forensic-grade facial comparison?

Full forensic reports with detailed similarity scoring. Results in seconds.

Run My First Search