Keyless Announces Multi-Layered Biometric Attack Prevention to Combat Rising Deepfake Threats

Keyless, the leader in privacy-preserving biometrics, has today announced the launch of its Biometric Attack Prevention technology: a multi-layered defense system that virtually eliminates the risk of deepfake attacks on authentication systems.

The Age of Deepfakes

As deepfakes rise, biometric spoofing is now a major threat. According to Accenture, there was a 223% increase in deepfake-enabling tools on dark web forums between 2023 and 2024. And in January 2025, the World Economic Forum reported that 42% of organizations have now experienced deepfake-driven social engineering attacks.

“Traditional biometric systems were never designed to combat the deepfake threats we face today,” said Paolo Gasti, CTO and Co-Founder of Keyless. “While detection technologies have evolved, deepfakes will continue to grow more sophisticated. The future of biometric security lies in prevention. By eliminating the tools fraudsters rely on, we can make these attacks unworkable.”

Multi-Factor by Design: Making Deepfakes Unworkable

Keyless authentication is multi-factor by design, meaning that both the user’s face and the device used for enrollment are needed for a successful authentication. For login, payment, and step-up authentication use cases, without the original device used to sign up to the app – or one securely bound later – even the most realistic deepfake would fail.

Multi-Layered Deepfake Defense

The exception is the Account Recovery step, as organizations allow users to recover their accounts without their phone. This creates an opportunity for remote attackers to spoof the system. In these cases, Keyless’ technology blocks deepfakes attempts using a multi-layered defense system:

• Presentation Attacks: Keyless prevents these attacks, where a screen with a deepfake is shown to a device’s camera, by looking for subtle signs indicative of a screen, like light reflection and screen texture.

• Injection Attacks: To inject a deepfake into an authentication system, an attacker first needs to compromise the device. Keyless looks for and proactively blocks tools commonly used to compromise devices, such as the use of emulators, rooted devices, and hooking techniques.

• Continuous Monitoring: As an additional layer, Keyless also monitors device movement and behavior. These signals help detect unnatural usage patterns not consistent with real users.

This is a marked shift in how biometric authentication can be used to stop AI-driven fraud. Rather than simply detecting spoof attempts shown to a camera, Keyless actively prevents them by shutting down the channels used to create them.