The influence of artificial intelligence (AI), particularly its branch termed Generative AI (GenAI), on cybersecurity represents a multifaceted and dynamic issue. AI technologies, GenAI included, have the capability to significantly improve cybersecurity. They achieve this by automating the detection of threats, sifting through large datasets, and enhancing the speed of response. However, these technologies also harbor the risk of being exploited for harmful intents. For instance, they can be used to craft fake digital identities that might impersonate actual individuals. This misuse poses a direct threat to security protocols, including electronic customer onboarding and identity verification procedures.

It is particularly intriguing to observe GenAI’s impact on authentication processes, to the extent that there are occasional scenarios where KYC processes may become obsolete. GenAI is particularly adept at producing content that is strikingly realistic and persuasive, including audio clips, videos, biometric images, texts, and even complete personalities, this raises concerns about its potential misuse for digital identity – bounded cyber-attacks, misinformation, and the creation of deceptive content, especially in electronic Know Your Customer (e-KYC) procedures.

According to Smile ID's 2024 Digital Identity Fraud in Africa Report, a quarterly analysis of biometric and document fraud data indicates a consistent increase in the overall rate of fraudulent attempts for document and biometric verification over the past six (6) quarters. This upward trend reached its all-time highest point at 17% in Q4 2023.

What are the main cyber insecurity areas associated with GenAI?

While GenAI has the potential to create digital challenges, it is also a field where ongoing research and development are focused on finding solutions to address these challenges and ensure the responsible use of AI technologies. Therefore, GenAI is a double-edged sword when it comes to cybersecurity. Like creation of new security algorithms that can detect and prevent AI-focused attacks or like training AI models that are able to identify fake content and prevent it from being spread online; there are hundreds of ways for AI utilization to improve cybersecurity, especially in e-KYC and AML (anti-money laundering) steps including multi-factor authentication and customer onboarding processes.

Towards Al-driven and – powered KYC verification

AI-driven data security and identity solutions can contribute to a proactive security stance through the identification of high-risk transactions, safeguarding them with minimal user interference, and more efficiently connecting suspicious behaviors. In other words, despite all these GenAI-focused concerns mentioned above, AI will continue simultaneously to transform the landscape of customer identity authentication, bringing forth a paradigm shift in efficiency, accuracy, and security, by implementing in each stage of the KYC process like digital form filling, ID capturing via Optical Character Recognition (OCR), liveness detection and face matching, document validations, profile verifications, and even transaction screening.

Nevertheless, AI-powered security solutions remain underutilized in the current landscape. According to the 2023 IBM Cost of a Data Breach Report,only 28% of organizations have extensively incorporated security AI and automation into their operations. This indicates a substantial untapped potential for many organizations to enhance their speed, accuracy, and overall efficiency.

The integration of AI into the KYC/AML process, when combined with reliable data from diverse sources, facilitates the efficient assessment and heightened transparency of behavioral risks. Complementing this, a verification chatbot is deployed for customer interactions and the acquisition of additional KYC documents. This AI-driven security automation not only enhances effectiveness but also proves to be a cost-efficient solution.

Present-day AI chatbots exhibit the capacity to significantly decrease false positives by up to 80%, via a remarkable 90% model accuracy [The Infosys Knowledge Institute]. With minimal margin for error, the incorporation of AI in KYC processes concurrently reduces the time required for case reviews by a third.

KOBIL Provides AI-Powered Active and Passive Liveness Detection

At this juncture, let’s deep dive into KOBIL’s AI implementation in its liveness detection as an example.

KOBIL offers cutting-edge AI-powered liveness detection for its e-KYC solution encompassing both active and passive strategies. Within its passive liveness detection framework, KOBIL utilizes a multimodal approach, harnessing both RGB (Red, Green, Blue) and depth map data for thorough analysis. The system employs a blend of meticulously handcrafted and deep learning-powered features to ensure bona-fide authentication and robust anti-spoofing measures. The incorporation of advanced technologies like self-supervised Visual Transformers (ViT) allows KOBIL's systems to effectively parse complex patterns within data, significantly improving the precision of passive detection.

Additionally, Central Difference Convolutional Neural Networks (CDCNs) are utilized to meticulously detail fine-grained visual information and textures, which are vital for comprehensive analysis.

In terms of active detection, KOBIL's technology includes an array of dynamic indicators such as eye blinking, facial expressions (for example, smiling), and head pose analysis. These real-time cues ensure the presence of a live person during authentication. This sophisticated amalgamation of technological solutions not only bolsters the system's defenses against fraudulent activities but also provides a strong and exhaustive authentication mechanism.

Dr. Fereidooni: “Ongoing Implementation of AI-driven Measures in face of GenAI-powered threats in e-KYC”

Transitioning to the insights of Hossein Fereidooni, AI Lead at KOBIL GmbH, the intense focus and escalating concern regarding AI-related security challenges, particularly in research, development, and penetration testing, are expected to maintain momentum. However, he raises a very important point about insecurity factors based on AI, shedding light on AI-enhanced security measures, especially in e-KYC verification.

Highlighting the potential risks posed by GenAI, Dr. Fereidooni articulates that while this technology may have the capacity to create counterfeit images and handwriting, the incorporation of advanced liveness check mechanisms into e-KYC systems serves as a powerful countermeasure. He cautions about the impending difficulties faced by social media and online platforms that do not utilize liveness check. The proliferation of fraudulent content that seemingly verifies a person's identity could lead to severe complications, jeopardizing an individual's safety and causing substantial issues for entities relying on KYC systems that lack robust liveness verification.

Dr. Fereidooni further asserts: "The most critical and ongoing measure we undertake at KOBIL is the diligent monitoring of AI-enhanced identity verification and authorization processes, coupled with the relentless pursuit of research and development aimed at safeguarding against malicious software and the risks of identity theft."