Synthetic identity fraud is emerging as one of the more difficult threats for digital onboarding teams to detect, precisely because it does not resemble traditional identity theft. Rather than stealing a person’s full identity, fraudsters blend genuine data, such as a real national ID number, with fabricated details like a false name, date of birth, or AI-generated facial imagery.
According to Identomat, the result is a new, seemingly legitimate identity that can pass basic verification checks and slowly build a credible transaction history before being exploited through credit abuse, loan defaults, or account takeovers.
This slow-burn approach is what makes synthetic identities so hard to flag. There is rarely a direct victim to report the fraud, and the identity sits in a grey area between real and fake that standard checks are not built to catch. Generative AI has intensified the problem further, enabling fraudsters to produce convincing face images, deepfake videos, and synthetic biometric data at scale.
Document verification, long treated as a cornerstone of onboarding, is not sufficient on its own. It confirms whether a document is authentic, not whether the individual presenting it is the genuine holder or even physically present. Weak biometric setups can also be bypassed using deepfake selfies or pre-recorded footage, while static, one-off checks struggle to keep pace with fraudsters actively probing onboarding flows for weaknesses.
Liveness detection addresses this gap by shifting verification from a static, one-time check to real-time proof of human presence. Active liveness detection asks users to perform actions such as turning their head or blinking, creating a challenge-response barrier against replay attacks.
Passive liveness detection works in the background, using machine learning to analyse micro-expressions, skin texture, and depth to spot manipulated or synthetic faces without requiring user input. Many providers now combine both into adaptive liveness checks that adjust based on risk level and user context.
A solution is generally considered “proven” against synthetic identity fraud when it holds up under independent, third-party testing, such as iBeta Level 2 certification, and demonstrates resilience across false acceptance and rejection rates, deepfake resistance, anti-replay protection, and injection attack defences.
Crucially, liveness detection works best as one layer within a broader fraud prevention stack, combined with document verification, face matching, AML screening, risk scoring, and ongoing monitoring.
This layered correlation of signals is what ultimately exposes synthetic identities designed to slip past isolated checks, while risk-based orchestration helps platforms balance fraud prevention against onboarding friction and conversion rates.
Read the full Identomat post here.
Read the daily RegTech news here.
Copyright © 2026 RegTech Analyst
Copyright © 2018 RegTech Analyst





