ROC Debuts Liveness Technology for Camera Injection Attack Detection, Exposing Deepfakes, Virtual Cams, and Other Synthetic Sources with +95% Precision
ROC, a leader in American-made identity verification and liveness solutions, today announced the launch of its next-generation Camera Injection Attack Detection, a cutting-edge capability that uses advanced camera forensics to tackle a new era of digital identity threats.
In recent years, deepfakes have become a serious threat to financial institutions, FinTech firms, and their customers, eroding trust and undermining the integrity of identity verification systems. As fraud evolves at an unprecedented pace, bad actors are leaning on increasingly sophisticated AI-driven models to exploit vulnerabilities in image, video, and audio processing. These so-called “injection attacks” can bypass traditional liveness and biometric authentication checks, putting both organizations and consumers at risk.
“Powered by advances in generative AI, cybercriminals are constantly upping their game to circumvent ID verification systems, and traditional defenses can’t keep up. Injection attacks are among the most serious threats facing digital identity today. Our camera forensics technology is a powerful response to this growing challenge, offering unmatched resilience against the emerging wave of AI-driven identity fraud.”
– Blake Moore, COO of ROC
ROC’s new anti-spoofing capability draws from proprietary algorithms to detect the unique signatures of deepfakes, virtual cameras, emulated face swaps, and other synthetic inputs. By monitoring device integrity and user activity in real time, the system flags fraud signals and other anomalies with remarkable accuracy.
Types of Identity Fraud Attacks
Presentation Attacks: These occur when an attacker presents falsified evidence directly to the capture device’s camera, such as printed photos, screenshots, masks, or plays audio from a speaker to deceive the biometric verification system.
Injection attacks: In this case, the attacker bypasses the device’s camera by injecting false data directly into the system. This can include uploading stolen or synthetic formats, such as images, audio, or video. These assets are easy to obtain—often a selfie or video pulled from social media is enough to launch an attack.
Advanced Injection Attacks: These are an evolution of traditional injection attacks and pose a higher level of threat. Here, attackers not only manipulate data but also compromise the integrity of the device used for verification. Using emulators, hardware tampering, or bots, they alter the data source, making falsified inputs appear trustworthy.
Understanding Camera Injection Attacks
01 Injection attacks involve inserting false biometric data—such as internet-sourced imagery or deepfake video—directly into a biometric system, rather than presenting it live at the sensor level.
02 In bypassing the physical sensor, these attacks exploit vulnerabilities in PAD algorithms by injecting fraudulent data at the software level, deceiving biometric systems into accepting fraudulent users.
03 Unlike presentation attacks, injection attacks are more successful because they readily pass standard liveness checks in PAD algorithms, allowing stolen or synthetic imagery to be directly inserted into the identity verification process.
“Due to their complexity, injection attacks are less common than presentation attacks. But this worldview is changing fast. Because they can use stolen imagery while bypassing the presentation attack process, they pose a more insidious and systemic risk of undermining the entire identity verification process. ROC’s Camera Injection Attack Detection is purpose built to combat today’s most creative and advanced identity fraud techniques. Think of it as a tripwire for stolen or synthetic inputs.”
– Dr. Brendan Klare, Chief Scientist and Co-Founder, ROC
Deepfakes: The New Face of Fraud
2023 was the first year that deepfakes became a widespread attack vector, posing a significant threat to consumers and businesses worldwide. In 2024, injection attacks surged 9x—fueled by a 28x spike in virtual camera exploits1. Our Camera Injection Attack Detection pairs seamlessly with the ROC Identity Toolkit—featuring face recognition, single-frame passive liveness, age estimation, and face analytics—to deliver a complete biometric verification platform. The result: reduced attack surface, smarter safeguards, and trusted access for verified users only.
Beyond NIST: Liveness and the New Identity Threatscape
While NIST evaluations remain the gold standard for measuring biometric performance, they do not assess resilience against deepfakes or camera injection attacks. To ensure full-spectrum Presentation Attack Detection (PAD), identity leaders should prioritize providers who hold iBeta Level 2 PAD certification, an ISO 30107-3 standard. This is the industry’s leading third-party validation for systems that can withstand advanced presentation attacks, including high-quality video, 3D masks, prosthetics, makeup, and impersonation. However, iBeta testing currently offers limited coverage for camera injection attacks, which involve bypassing the camera input entirely and feeding fake data directly into the system.
To learn more about ROC liveness and PAD capabilities, complete the survey form below.
1iProov Threat Intelligence Report 2025