Incode Says Account Recovery Deepfake Fraud Soft Spot in Expanded Attack Surface

Account recovery is now one of the highest-risk moments in the identity verification lifecycle, according to Incode CEO Ricardo Amper, who spoke with Biometric Update about the evolving threat landscape in digital identity.

"Account recovery is a soft spot in an expanded attack surface," Amper said. "Deepfake fraud is making it significantly harder to verify that the person requesting account recovery is actually the legitimate account owner."

The comment reflects a growing concern in the identity industry: while initial onboarding verification has become more robust, account recovery flows often rely on weaker signals, creating an exploitable gap for bad actors equipped with generative AI tools.

Amper outlined how attackers are now using real-time deepfake video and voice cloning to impersonate account holders during live verification checks. The concern is not just with fully synthetic identities, but with hybrid attacks that combine leaked PII from data breaches with AI-generated biometric spoofs.

He also pointed to the challenge of scaling human review. As the volume of identity events grows, organizations increasingly rely on automated systems, which can be more systematically targeted than human reviewers.

Incode’s response has been to build multi-signal detection into its platform, combining liveness detection, document authenticity checks, and behavioral analysis to create layered verification that is harder to defeat with any single technique.

"The threat is not static," Amper said. "Every time defenses improve, the tools used to bypass them also improve. That’s why we think about identity verification as an ongoing process rather than a one-time check."

The full interview with Biometric Update covers Incode’s broader approach to AI-enabled fraud prevention and the company’s view on what enterprise identity programs need to prioritize in 2026.

Read the full article on Biometric Update.