The Future Of Secure Digital Transactions In The Wake Of Deepfakes

With the advent of gen AI and deepfakes, how will we keep digital transactions secure? originally appeared on Quora: the place to gain and share knowledge, empowering people to learn from others and better understand the world.

Answer by Pat Kinsel, Founder/CEO Proof.com & former venture capitalist, on Quora:

Fraud has been plaguing public companies and investors, and regular consumers, well before deepfakes went on the rise – The average firm spends $5.2 million per year on account lockouts and password resets ALONE! So before deepfakes, we were already losing the battle. With the rapid advancements in generative AI and deepfake capabilities, traditional identity verification methods are becoming increasingly obsolete in securing digital transactions. It is trivial to construct a fake identity, generate a fake video or falsify income statements, bank records, you name it.

To really restore trust and protect against the growing threat of AI-powered impersonation, institutions are going to need to adopt a much more comprehensive and dynamic approach. Rather than relying solely on those static identity profiles we create when someone first opens an account, we should be shifting our focus to continuous verification across all customer touchpoints. This means reducing our over-reliance on easily compromised information like passwords and social security numbers, which can be obtained and misused by fraudsters with relative ease.

Instead, institutions need to start implementing a new playbook for more sophisticated identity-proofing tactics that go beyond surface-level checks. This includes things like in-depth credential analysis to validate documents, verifying information against authoritative sources, and performing liveness checks to ensure we're dealing with a real live person. And by leveraging those technologies that provide deeper insights into a transaction, like device location and phone number history, they can much better distinguish legitimate customers from impersonators.

At the same time, it's crucial that official documents and digital records only be issued, modified, and exchanged by verified sources, with encrypted metadata to prove their legitimacy and establish an auditable trail. Just imagine - when you get that credit card bill, you should be able to confirm it actually came straight from the issuer. And when the bank gets a withdrawal authorization, they should be able to verify it genuinely came from their customer. Establishing a secure identity authorization network would give individuals and businesses a secure way to use verified identity to authorize transactions, agreements, content creation, and other digital actions, in a way that we can instantly trust and execute.

However, relying solely on technology won't be enough. When those automated systems can’t provide enough confidence in a customer's identity or a transaction raises red flags, there needs to be human reviewers available 24/7 to step in and verify what's going on. This human oversight, combined with all those advanced verification techniques, is really the key to helping institutions maintain trust and security in this era of rapidly evolving fraud tactics.

At the end of the day, combating the threat of AI-powered impersonation will require a dynamic, multi-pronged approach. By continuously adapting their identity verification strategies, institutions can stay one step ahead and do a much better job of protecting digital transactions, preserving the integrity of our systems of trust in the process.

This question originally appeared on Quora - the place to gain and share knowledge, empowering people to learn from others and better understand the world.

Follow me on Twitter. Check out my website.