A cybersecurity report from Cato Networks highlights the emergence of a sophisticated AI-powered tool, ProKYC, designed to circumvent Know Your Customer (KYC) protocols on crypto exchanges.
This new development represents a significant shift in the tactics employed by cybercriminals, moving away from traditional methods like purchasing forged identification documents on the dark web.
This allows users to successfully navigate facial recognition systems that match webcam images to government-issued IDs, such as passports or driver’s licenses.
In a demonstration, the tool was shown to create an AI-generated face, which was then integrated into a template of an Australian passport. The accompanying deepfake video was used to pass KYC checks on Bybit, a major crypto exchange based in Dubai.
Cato Networks noted that such capabilities enhance the potential for New Account Fraud (NAF), allowing malicious actors to open accounts on crypto platforms more easily.
The ProKYC service is available for an annual subscription fee of $629, which includes tools for facial animation, fingerprint generation, and verification photo creation. Beyond crypto exchanges, the tool claims to bypass KYC measures for payment platforms like Stripe and Revolut.
Detecting this new breed of fraud presents challenges for financial institutions. Striking a balance between stringent security measures and the risk of false positives is critical. Some detection methods may involve human oversight to identify inconsistencies in video quality and facial movements.
The consequences of identity fraud can be severe, with penalties in the United States reaching up to 15 years in prison along with substantial fines.