eKYC Fraud Prevention
Introducing eKYC Fraud Prevention by Licel.
Security solutions for the entire mobile channel that safeguard the integrity of business-critical authentication measures.
You can’t verify identities if the mobile device itself is compromised.
Modern onboarding and verification relies on mobile cameras and sensors to capture real-world inputs. But what happens when that vital channel is hijacked or when sensors cannot be trusted anymore?
Deepfake technology, virtual camera apps, root and jailbreak exploits, and synthetic identities are being used to bypass eKYC processes. The upshot of this is bad actors being able to scale the number of fraudulent accounts they can open (and the amount of money they can illegally extract.)
eKYC fraud is already costing financial institutions a fortune in money, time, and resources.
The growing threat of virtual identity spoofing.
Attackers are blending various tools and techniques to bypass the eKYC verification process. These include:
- Virtual camera apps injecting pre-recorded or generated video into the verification process
- Synthetic ID attacks combining deepfakes with stolen or bogus personal data
- Rooted/jailbroken environments hiding, tampering with, or modifying the camera feed
- Virtualized devices and emulators manipulating behavior at runtime and creating fake, synthetic data
- Camera injection vulnerabilities on both Android and iOS, including rootless jailbreaks
- Accessibility abuse spoofing input or redirecting onboarding flows elsewhere
As a result of the advancements in AI technology - and how easily accessible AI tools are these days - the methods above are no longer niche. They are becoming the go-to forms of mobile banking fraud.
Licel solutions help you detect and stop eKYC fraud at the source.
We work at the very deepest level of the mobile application – with the final container to be precise – which helps us protect the integrity of the app and validate the integrity of the sensors from which data and insights are drawn.
This means we can verify the trustworthiness of the device (and the environment around it), and even the integrity of the whole mobile channel that flows from the application to the backend.
Our layered protection includes:
DexProtector
Blocks virtual camera applications and input spoofing
Stops attacks that use emulators and virtualized environments to simulate hardware sensors
DexProtector’s RASP engine prevents tampering, rooting, and jailbreaking, and can detect advanced methods to hide these attempts
Prevents dynamic instrumentation tools (like Frida) from interfering with the application
DexProtector is an EMVCo-certified no-code security solution for Android and iOS applications and libraries.
A post-build protection tool, DexProtector is deployed fully on-premises and offline, and is easily integrated into the mobile application build process. It has been EMVCo SBMP evaluated and approved for five consecutive years.
DexProtector comprehensively secures the app through obfuscation, encryption, and Runtime Application Self-Protection (RASP), automatically integrating a range of runtime components to prevent and mitigate reverse engineering, tampering, data theft, and fraud.
Alice Threat Intelligence
Captures telemetry signals from compromised devices and helps to determine which sensors can be trusted, resulting in more meaningful and trustworthy insights
Flags suspicious patterns and identifies threats linked to identity spoofing or the manipulation of an application’s environment
Highlights session-level threat data to inform real-time and forensic analysis
Alice Threat Intelligence is a monitoring and attestation solution that provides real-time reporting about the threat landscape.
Alice enables banks to increase observability over usage of their mobile apps, to identify malware, compromised devices, and suspicious activity, and to assess risk factors for each user session in real-time and retrospectively.
Its tamper-proofed User Identification and Anti-Malware modules help not only to secure your app today, but also help to fortify it against the threats to come
Licel vTEE (Virtual Trusted Execution Environment)
Creates a trusted enclave inside the application for sensitive operations like ID capture and liveness checks to take place
Keeps camera and biometric processes protected from outside interference
The Licel vTEE is a secure environment for trusted applications to perform sensitive transactions and operations.
It offers greater flexibility and faster time-to-market compared to hardware TEEs, as it removes dependencies on specific OEM hardware. The upshot of this is a high, uniform level of security that can be deployed across your entire user base (and a wide range of Android and iOS devices). This consistency is crucial for both security and for simplifying the compliance process.
eKYC Fraud Prevention in practice.
Licel solutions work together across runtime protection, device intelligence, and session telemetry to preserve the integrity of the entire eKYC onboarding process. Together, they allow you to detect spoofing attempts early, prevent fraud attempts before account creation, and collect the evidence needed for future investigations.
Increasing regulatory scrutiny.
Any eKYC fraud prevention solution should be guided by globally recognized standards and independent benchmarks to provide a safe way of identifying people in the modern digital world.
NIST’s Face Recognition Technology Evaluation (FRTE)
provides transparent, third-party validation of the accuracy and robustness of facial recognition algorithms. This is essential for liveness checks and identity verification.
NIST’s Digital Identity Guidelines (SP 800-63)
define the assurance levels required for secure digital onboarding, and emphasize the need for resistant authentication flows.
EMVCo’s Consumer Device Cardholder Verification Method (CDCVM)
outlines how mobile devices must handle sensitive payment authentication, reinforcing the need for secure execution environments and protection against tampering.
The EU’s eIDAS Regulation
has established standards for electronic ID and authentication across the EU’s member states. It exists to provide guidelines for protection against spoofing, tampering, and fraud.
These standards help to shape how we go about protecting threats like deepfakes, virtual camera apps, and AI-influenced spoofing. Our solutions build on these principles, helping our clients meet compliance requirements by defending real-world attacks.
Why this security matters.
Unchecked, eKYC fraud leads to:
Fake accounts and financial fraud impacting the bottom line
Money laundering vulnerabilities, including via money mules
Compliance failures
Significant operational and efficiency costs linked to fraud investigation and recovery
Licel helps banks, fintechs, and mobile ID providers to protect their mobile channel, strengthen onboarding defenses, and maintain confidence in the integrity of modern identity verification processes.
Stop eKYC fraud before it happens.
We’re already helping leading financial institutions to prevent virtual camera attacks, environment spoofing, and identity injection attacks.