An Injection attack, in the identity verification context, is a sophisticated fraud technique where fraudsters feed pre-recorded images or video content into digital verification systems in an attempt to spoof or bypass liveness detection and biometric checks. These attacks are commonly linked to deepfakes or replay attacks. Liveness detection can catch these injection attacks by analyzing the video to determine if the content is truly live.
Use case/ examples of an injection attack
Video injection: Using pre-recorded video content, which could be a deepfake or from another video source, during biometric verification to impersonate a legitimate user.
Replay attacks: Reusing previously captured selfies, ID images, or similar media in an onboarding process when live media is expected.
