Injection Attack & Deepfake Detection
Updated on 25.06.26
5 minutes to read
Copy link
Overview
Injection Attack Detection (IAD) and Deepfake Detection (DFD) protect your verification flows against fraud that bypasses or fools the camera. Together, they add a layer of protection beyond traditional liveness and anti-spoofing by detecting attacks where a fraudster injects a fake media stream directly into the capture pipeline, or submits an AI-generated or face-swapped image.
What injection attack and deepfake detection protects against
Standard liveness and anti-spoofing checks analyze image content to catch presentation attacks where a fraudster holds a printed photo, replays a video on a screen or wears a mask in front of a real camera.
A growing class of fraud sidesteps the camera entirely. Instead of presenting something to the camera, the attacker injects a pre-recorded or AI-generated stream directly into the capture pipeline using virtual camera software, browser-level stream hooks or network manipulation. Content evaluation checks aren't designed for this scenario because they analyze what an image looks like, not how it arrived.
SEON addresses these two attack surfaces as distinct, complementary capabilities:
- Injection Attack Detection authenticates the capture environment to confirm the image genuinely originated from the user's live camera through the SEON SDK, and was not injected or tampered in transit.
- Deepfake Detection analyzes the content of selfie frames for AI-generated, face-swapped, morphed or otherwise synthetic faces to defend against synthetic media delivered through any channel.
How it works
- The end user captures their document or selfie using the SEON SDK with their live camera.
- Alongside the captured image, the SDK produces a secure, encrypted bundle that cryptographically ties the capture to the user's device and runtime environment.
- SEON uses Injection Attack Detection to validate this bundle to confirm the capture environment is trusted and the image was not injected.
- For selfies, SEON uses Deepfake Detection to analyze the captured frames for signs of synthetic or manipulated faces.
- The results are returned as individual sub-checks in the parent verification result and delivered to your backend via webhook, where they can be used to approve, reject or route a session for review.
In the standard sessions, both checks run in the background and the capture experience is unchanged.
What each check defends against
| Check | Applies to | Attack type |
|---|---|---|
| Injection Attack Detection | Document verification, selfie & liveness Detection | Injected media streams: virtual cameras, browser-level stream hooks, network manipulation on capture |
| Deepfake Detection | Selfie & liveness detection | AI-generated faces, face swaps, morphed images, and other synthetic selfie content |
These complement SEON's existing liveness, anti-spoofing and document authenticity checks. Each addresses a different attack vector, and together they form a layered defence.
Capture requirements
Injection Attack Detection relies on the secure bundle that the SEON SDK generates during live camera capture. A few flow-level points to know before implementation:
- IAD requires the SEON SDK and live capture. File uploads and image-only flows do not produce a capture bundle, so the check is inapplicable in those cases. The IAD sub-check returns NOT_PERFORMED, indicating the check is out of scope for that flow, not that the session raised a concern..
- If your document flow allows file upload, pair it with an SDK-based selfie step so that Selfie Injection Attack Detection and Deepfake Detection still run on the session.
- Deepfake Detection works on the selfie frames already captured during standard selfie verification; it does not add any capture requirement beyond a normal SDK selfie.
Results
Each check is returned as a sub-check on its parent verification result, using these values:
| Value | Meaning |
|---|---|
| PASS | No injection attack / no deepfake detected. |
| FAIL | An injection attack or deepfake was detected. |
| REVIEW | The outcome was inconclusive and the session should be reviewed. |
| NOT_PERFORMED | The check could not run — for example, on a file-upload flow where no secure capture bundle is available. |
When Injection Attack Detection returns FAIL, a rejection reason indicates why the capture environment was not trusted:
| Rejection reason | Meaning |
|---|---|
| UNTRUSTED_ENVIRONMENT | The capture environment could not be trusted. |
| UNTRUSTED_DEVICE | The device could not be trusted. |
| SUSPICIOUS_ACTIVITY | Attack activity was detected on the device during capture. |
| UNTRUSTED_CONTENT | Signs of an injected image were detected. |
| UNTRUSTED_CORRUPTED_PAYLOAD | The capture payload was modified or corrupted. |
| SDK_INTEGRITY_VIOLATION | The SDK or its capture components were tampered with. |
Webhook payload
The sub-check results are added to the existing document and selfie verification result objects in your IDV/Workflow webhooks. The fields are additive, so no existing fields change.
Document verification result (Injection Attack Detection):
{
"documentVerificationResult": {
"overallResult": "APPROVED",
"iadCheckResult": "PASS",
"iadRejectionReason": null
}
}Selfie verification result (Injection Attack Detection + Deepfake Detection):
{
"selfieVerificationResult": {
"overallResult": "REJECTED",
"iadCheckResult": "FAIL",
"iadRejectionReason": ["UNTRUSTED_ENVIRONMENT"],
"dfdCheckResult": "PASS"
}
}Reviewing the results
The Injection Attack Detection and Deepfake Detection sub-checks are delivered to your backend via webhook (see above) and are surfaced in the Workflow Runs detail view in the SEON Admin Panel, where reviewers can see each result and, for failures, the rejection reason.
Availability
Injection Attack Detection and Deepfake Detection are on by default for all accounts and run automatically on every document and selfie verification. There is nothing to enable, configure, or request — the checks run in the background and their results are returned alongside your existing verification results.