Liveness Detection Bypass
Techniques used to fool biometric identity verification systems into accepting a fraudulent submission — such as a photo, video, or mask — as a live person.
Also known as: anti-spoofing bypass, biometric fraud, deepfake KYC bypass
Last reviewed: 1 June 2026
Liveness detection is a component of biometric identity verification that attempts to confirm that a submission (typically a selfie or video) comes from a live, physically present individual rather than a photograph, pre-recorded video, or digital injection. Liveness detection bypass refers to attacks that defeat these checks.
Common bypass techniques include presenting high-resolution photographs or printed masks to cameras, playing a video on a screen, digitally injecting a synthetic or deepfake video stream at the software level (bypassing the camera entirely), and using 3D-printed or silicone face masks. More sophisticated attacks use generative AI to produce synthetic faces that pass automated liveness checks.
Liveness detection bypass is particularly relevant to KYC (Know Your Customer) onboarding flows used by banks, cryptocurrency exchanges, and other regulated services. A successful bypass enables account-opening fraud under a fabricated or stolen identity. Robust liveness systems use passive and active challenges, texture and depth analysis, and inject randomness (unpredictable movement requests) to distinguish genuine users from replay or injection attacks.
Examples
- A fraudster uses a deepfake video stream injected at the driver level to pass a financial institution's selfie-based KYC check, enabling them to open accounts under a stolen identity.