From skillful manipulations to sophisticated counterfeits, these forged documents serve a dual purpose: accessing restricted realms offline and reaping monetary gains online.
Document fraud is one of the biggest dangers today regarding online fraud. What exactly is the threat – and how can it be prevented?
Document fraud is often the type of identity fraud that leaps to mind first - whether it is tampering with an existing identity document or an entirely fake identity document. Fraudulent documents often exist in the form of fake IDs for a specific real-world application - such as gaining access to something you’re underage for - but online, there is normally more skill that goes into their creation. They look to serve a monetary purpose, frequently offering some form of financial bonus for inviting more users to a site.
So, let’s look at both examples.
There are various methods of tampering, but the result always includes slight alterations made to a legitimate document in order to partially or entirely change the holder’s identity. Forgeries include but are not limited to:
While tampered documents are usually counterfeited original documents, fake documents include manipulations that try to imitate the appearance of a legitimate-looking document but, in reality, are reproductions of the original. Such forgeries might come in the form of:
According to the Veriff Identity Fraud Report 2024, there was a 20% rise in overall fraud year-on-year from 2022 to 2023. A significant chunk of fraud in 2023 – 13.7% - was specifically document fraud, almost double the proportion in 2022, when it sat at 7.65%.
Within the broader category of identity fraud – the biggest challenge facing our customers – document fraud ranked second to impersonation, comprising 1.04% of all verifications in 2023. In sectors like gaming, where identity fraud reigns supreme, the prevalence of AI-generated document fakes exacerbates the challenge.
What impact does this have in the real world? Let’s take the gaming sector as an example. Our identity fraud report found that identity fraud was the most prevalent fraud type in this vertical in 2023, with more than 10% of all verification attempts stemming from this danger, including altered or counterfeit document submission attempts. It’s clear that fraud detection is a vital priority.
Unfortunately, the rapid advancements in generative AI technology have opened up new avenues for fraudsters to exploit. We are now seeing a concerning surge in AI-generated identity fraud, where bad actors use these powerful technologies to create highly convincing fake documents and entirely new identities out of thin air.
In our recent blog post on “How generative AI is driving an increase in online fraud,” we highlighted the alarming scale of this problem. A MwAre study found that 66% of cyberattacks involved deepfakes in 2023, and SlashNext reported a 1,265% increase in phishing emails since the launch of ChatGPT, as scammers use generative AI to generate highly personalized and believable messages. Criminals are leveraging generative AI to generate synthetic identities, fake IDs, and even deepfake videos to bypass identity verification measures.
Our CEO, Kaarel Kotkas, has recently shared in his LinkedIn post about how fraudsters are capitalizing on these new AI technologies. He mentioned one such service that allows users to generate fake documents in just a few clicks using generative AI:
"Today, getting a fake ID on the internet requires a few minutes or impersonating someone else using deepfakes. Those tools have been around for some time, but now being more accessible than ever.”
The rise of generative AI is a double-edged sword - it has the potential to drive incredible innovation but also enables new and more complex forms of fraud that pose a major challenge for both individuals and organizations.
For more information on the dangers of generative AI and online fraud, check out our previous post “Identity fraud: the growing AI threat”.
Document fraud prevention has always been, and always will be, one of Veriff's top priorities. Veriff employs a layered approach to detecting document fraud; these features complement each other, increasing our defense, particularly against generated fake documents.
Customers like Easygo / Stake.us are under constant attack from fraudsters who were also bombarding the website with fake ID documents, slowing down Stake.us’ entire verification system and seriously impacting the customer experience of bone fide customers. However, partnering with Veriff put a cap on the document fraud issue. It immediately cleared its backlog and offered near-real-time validation from that point forward.
Our proprietary specimen database plays a key role in ensuring the accuracy of document fraud prevention. It contains more than 11,500 identity and government document specimens from over 230 countries and territories. With our comprehensive document database, we possess a clear understanding of the standard appearance of documents. By meticulously cataloging their attributes, we streamline the process of identifying any deviations or suspicious elements, enabling efficient detection of anomalies. The database is updated daily as we carry out extensive document-related research (i.e., we find official specimens, information related to the issuing terms, etc) and cooperate with government authorities across the world.
In addition to our specimen database, we employ a variety of checks to validate the legitimacy of documents. This includes leveraging machine learning algorithms to analyze document features and detect anomalies or signs of manipulation in:
Learn more about our core AI-powered checks as part of our Fraud Protect fraud mitigation package.
Additionally, Veriff’s fraud prevention engine plays a crucial role in document fraud detection and prevention. The key elements to stopping repeat offenders are device and network fingerprinting that is used in CrossLinks. CrossLinks enables Veriff to group sessions that share similar data points and analyze them together instead of viewing them as standalone attempts. For example, sessions submitted by the same person, on the same network, with the same device, and/or using the same document. All the insight and intelligence that gets generated through the existing features is shared via API as part of our Fraud Intelligence fraud mitigation package. We also use both manual and machine learning-driven processes to continuously monitor incoming traffic for anomalies. This way, we can identify clusters of traffic that are indicative of organized fraud attempts.
Observing that technology continuously evolves and becomes more widespread, some of the tools previously considered science fiction tools, such as deepfake generators, audio modulators, or document generators, today have become common for enthusiasts and fraudsters. We at Veriff understand that fraud, by nature, is never static. Neither can the techniques and innovation that go toward detecting it, which prompts us to do continuous research on emerging fraud trends, working along with our internal teams as well as our customers to track, identify, and stop various known fraud vectors as well as focusing on problems that we might be facing in the future.