Remote identity verification: certify the capture of document and selfie
For a fintech or a bank, the first contact with a new client almost never happens in a branch. It happens through a phone, a webcam, a few taps. Remote identity verification has become the front door of every regulated business, and that door is now being tested by attackers who no longer need a forger or a printer. They need a generative model. An AI-altered passport, a synthetic selfie, a face swapped into a live video stream: these pass the very automated checks that were supposed to stop them, and they do it at scale, for the price of a coffee round. The economics of fraud have inverted. What used to require craft now requires a prompt.
The instinctive reaction is to ask: how do we get better at spotting the fake? It is the right question for the detection layer, and we cover it in depth in the parent guide on synthetic identity fraud in AI-driven onboarding. But detection is a moving target by definition. Every model you train to catch yesterday's fake is already a step behind today's generator, and the gap only widens. There is a more durable move. Instead of trying to prove that a captured document is fake, prove that your own capture is authentic. Shift the burden from recognizing the fake to certifying the authenticity of the capture at the moment it happens. That is the governing idea of this piece, and it is where the defensive advantage stops eroding.
This insight is part of our guide: Synthetic identity fraud: defending onboarding from AI-driven attacks
Why AI-generated fake documents pass automated checks
Automated KYC checks pass AI-generated fakes because they were built to inspect images, and an AI fake document is a perfect image. OCR reads a clean MRZ. Face matching compares two faces that were engineered to match. Liveness scores a video that may never have come from a real camera. The pipeline does its job correctly on inputs designed to satisfy exactly that job. The failure is not a bug in the checks; it is a mismatch between what they measure and what the attacker now controls.
The operational limits of OCR, face matching and liveness
Each layer has a blind spot that generative tooling exploits. OCR and template checks validate that fields look right, not that the physical credential ever existed. Face matching confirms that two images are the same person, which is precisely what a face-swap pipeline guarantees by construction. Liveness detection is the hardest hit: it is designed to distinguish a presentation attack, where someone holds a photo or mask up to the camera, from a genuine live person. But it assumes the frames arrive from the device camera in the first place.
That assumption is where injection attacks live. Instead of presenting a fake to the lens, the attacker injects a pre-rendered deepfake directly into the device's video stream, bypassing the physical camera entirely. The liveness engine then scores a "live" face that no sensor ever saw. This is a different class of attack from holding up a printout, and most pipelines built for presentation attacks simply were not designed to notice it. The result is a check that returns "pass" with high confidence on input that originated entirely in software.
An AI fake ID can be produced for roughly $15 in about half an hour, because a fake document is no longer a physical forgery but an image file that can be regenerated infinitely with small variations, defeating duplicate-detection heuristics along the way. (Source: Sumsub, AI fake ID challenge for KYC.)
GenAI-driven document fraud detections rose 90% year-over-year and are now the fastest-growing vector in identity verification; in 2025, 2% of all detected fake documents were AI-generated, up from effectively 0% the year before. The percentage looks small, but the curve is steep and early, which is exactly how these vectors behave before they go mainstream. (Source: Sumsub.)
Face-swap attacks against the biometrics used in KYC have risen 300% since 2023, and injection tooling that feeds deepfakes straight into the video stream is now packaged and sold as a ready-made product. Productization is the tell: it means the attack no longer requires expertise, only a purchase. (Source: iProov, Identity Verification Threat Report.)
From detection to certification of capture: the paradigm shift
The shift is this: detection asks whether the artifact in front of you is genuine, while certification of capture proves how, when and under what conditions that artifact entered your system. Detection produces a probability score that decays as generators improve. Certification produces evidence about the acquisition event itself, and that evidence does not get weaker when the next model ships. One ages; the other is fixed.
The two are not rivals. Detection screens the obvious and keeps volume manageable; certification gives you something to stand on when the screen is fooled, which it eventually will be. The table below sets them side by side.
| Dimension | Detection of the fake | Certification of the capture |
|---|---|---|
| Core question | Is this document or selfie genuine? | Was this capture acquired authentically and intact? |
| Output | Probability / risk score | Forensic evidence of the acquisition event |
| Ages over time | Yes, as generators improve | No, the acquisition is fixed in time |
| Holds up in a dispute | Indicative | Opposable, tamper-evident record |
| Defeated by | Better AI fakes, injection attacks | Cannot be retro-altered after sealing |
| Question it answers | What was submitted? | How, when and in what context it was captured |
What makes a capture "at the source"
A capture earns the label "at the source" when the acquisition happens inside a controlled environment your system governs, not in a file the user hands over after the fact. Concretely, that means the session itself is signed, the device and network context is recorded, a qualified timestamp fixes the moment, an integrity hash freezes the bytes, and an unbroken chain of custody links every step. The object you end up certifying is the act of acquisition, captured live, rather than a document of unknown origin.
This is the line between accepting an upload and witnessing an event. An uploaded JPEG of a passport tells you nothing about where it came from or how many hands and tools touched it first. A capture performed and sealed at the source tells you the credential and the face were acquired together, in one controlled session, and have not changed since. That property is what survives a challenge two years later, when the AML team or a court asks what you actually saw on day one. It is also why this approach maps cleanly onto a defensible onboarding strategy against AI-driven fraud rather than a perpetual arms race against the latest generator.
How TrueScreen certifies the document and the holder's selfie at the source
TrueScreen, the Data Authenticity Platform, captures the ID document and the holder's selfie in a controlled environment and seals that acquisition with a qualified timestamp, an integrity hash and a documented chain of custody. The result is not a verdict on whether the document is real. It is tamper-proof, opposable evidence of exactly what was captured, when, and under what conditions, applying forensic methodology at the point of acquisition and certifying it with legal value.
The two halves matter together. Certified capture of documents and the holder's photo handles the acquisition inside the controlled session. Source-level certification with qualified timestamp and integrity hash turns that session into evidence that holds up under scrutiny. Capture without certification is just another upload; certification without controlled capture is sealing data of unknown origin. You need both, every time, or the chain breaks at the weakest link.
Consider a fintech opening a remote account. The applicant captures the front and back of the ID and a selfie inside the session; the platform seals each artifact and the session context together. Months later, when the AML unit reviews the file, they are not re-running a liveness model on stale frames and hoping for the best. They are reading a fixed, hashed record of what was acquired at onboarding, with a timestamp that no later AI fake can backdate.
Take a bank or an insurer running higher-value onboarding. The same certified capture produces a customer due diligence trail that is auditable end to end, which is the part supervisors actually care about: not just that you checked, but that you can prove what you checked and that the record has not moved since. It is the operational backbone of certified client onboarding for regulated entities, and it extends naturally to certified AML/KYC compliance across the customer lifecycle.
This lines up with where the regulatory frame is heading. eIDAS 2 (EU Regulation 2024/1183) introduces the European Digital Identity Wallet and raises the bar for trustworthy remote identification across the bloc. The probative value of digital evidence, meanwhile, has a recognized reference in ISO/IEC 27037, which governs the collection and preservation of digital evidence. FATF customer due diligence standards expect institutions to obtain and retain reliable identification records. A capture certified at the source speaks all three languages at once: collected under a defined methodology, preserved intact, retained as something you can actually produce on demand.
The pressure is not abstract. Global AML penalties reached $1.23 billion in the first half of 2025, a 417% year-over-year jump per industry analysis, and a meaningful share of those failures trace back to onboarding records that could not be defended after the fact. Certifying the capture is, in plain terms, the difference between having a file and having evidence you can put in front of a regulator.
