Incode Says Account Recovery Deepfake Fraud Soft Spot in Expanded Attack Surface
March 4, 2026
March 4, 2026
In this article, Biometric Update reports on a webinar co-presented by Incode and hosted by Maxine Most, founder of the Prism Project and Acuity Market Intelligence, focusing on the growing threat of AI-driven impersonation fraud, including deepfakes and synthetic identities, which Deloitte estimates has caused nearly $40 billion in losses.
Incode's Fernanda Sottil, Senior Director of Strategy, highlights how attack surfaces have expanded across authentication flows, with account recovery emerging as a particularly vulnerable entry point. The panel recommends a multimodal, adaptive approach to fraud prevention, one that leverages behavioral signals, dynamic rule-setting, and a network of shared trust intelligence, rather than relying on any single detection system.
Read the transcription of this article, published by Biometric Update on March 4, 2026.
Deepfakes take center stage in a webinar presented by Incode and hosted by Maxine Most, founder of the Prism Project and Acuity Market Intelligence. Most uses the term “impersonation fraud” to encompass fraud attacks that leverage deepfakes, synthetic identities and other generative AI tools. Deloitte estimates AI-driven fraud of this kind to have resulted in losses that total close to $40 billion.
It’s a threat, says Most, that has to be addressed, and fast.
“One of the things organizations are finding when they start investigating synthetic identity is, they will go through their existing databases and discover they already have synthetic identities living in those databases and developing expanded identity information, including credit reports and credentials.”
“We now have to worry about a world where there are completely made up people and large enterprises are allocating credit and mortgages and all sorts of benefits and privileges to these non-existent human beings.”
Production of synthetic identities at industrial scale is not just possible; it’s happening. And that makes it impossible for organizations to detect or repel cascading attacks without specialized technology.
Incode provides just such technology. Fernanda Sottil, the company’s senior director of strategy, says the sophistication of attacks has improved, but the attack surface has also grown across authentication flows, enabling a greater volume of attacks.
Sottil says account recovery is a touchpoint that sees a lot of synthetic activity as a potential back door to infiltration. And like a parasite, once it’s gotten in, “it incubates in the organization.”
Webinar panelist Greg Smith of Financial Technology Partners says the technology investment won’t have to be astronomical, since organizations can leverage the investment going into the big large language models (LLMs). So while more spending is needed to combat the AI threat, “it’s not quite the massive quantity you might think.”
The solution, says Sottil, lies in a multimodal approach. With a multitude of signals at their disposal, fraud prevention teams can base their decisions on a much broader frame of reference, which includes factors like behavioral patterns. “Is there irregularity in the timing? Are there latency anomalies? Are there natural retry sequences in the way that fraudsters are interacting with a device?”
She notes the differences between static approach and something more fluid. “Adversarial threats are constantly being iterated on, and static rules cannot keep up. So we need some type of behavior that’s automatically learning from the different attacks, so that it can adapt in real time and create more dynamic rules.” A system that draws on an established network of trust is a system in which everyone knows what any one entity knows when it comes to fraud signals.
The lesson can be simplified into a bit of common folk wisdom: don’t put all your eggs in one basket. “I wouldn’t put everything into one deepfake detection system today,” Smith says. “ I would make sure I have a fraud-fighting continuum.”
“At the end of the day, work with a vendor that is visionary, innovative, and proven they’ve been able to stay ahead of the curve.”
Biometric Update is a leading industry publication dedicated to covering the latest news, research and developments in biometric technology and digital identity. Trusted by security professionals, technology executives and policy makers worldwide, the outlet provides in-depth reporting on topics ranging from facial recognition and liveness detection to identity verification and fraud prevention, making it a go-to resource for those shaping the future of secure authentication.
Read the full article here and learn more about Incode solution on deepfake detection here.
%20(1).avif)
