Research on a Deepfake based spoofing attack for e-KYC and its countermeasures.

Abstract

e-KYC: electric-Know Your Costumer is a system in which user authentification is performed via images/videos over the Internet for opening an account at a bank. Also, its procedures are performed non-face-to-face. In this paper, we experimented to see if it is possible to spoof a user authentification such as e-KYC by using Deepfake. In this paper's experiment, we first made an original e-KYC application based on OSSs and applied Deepfake attack for this system. More precisely, our e-KYC application requests random actions, such as ‘tilting your face’, to the user and verifies it with the stored image. As a result of the experiment, the spoofing attack was successful; that means our Deepfake attack is turned out to be a practical thread for e-KYC. Also, we summarize some countermeasure technologies against this attack.