GetReal Doubles Down on Continuous ID Verification

As generative AI continues to lower the barrier for creating convincing synthetic media, identity verification has emerged as one of the most critical battlegrounds in enterprise security. GetReal Security, a deepfake detection and digital content authenticity company, is doubling down on a strategy it calls continuous identity verification — a model designed to address the fact that a one-time identity check at login is no longer sufficient when an attacker can hijack or impersonate a session using AI-generated audio and video.

Why One-Shot Verification Is Failing

Traditional identity verification flows — KYC checks, MFA prompts, liveness selfies — were designed for a world where impersonating a person on a video call or phone line required significant resources. That world no longer exists. Off-the-shelf voice cloning tools can replicate a target's voice from just a few seconds of audio, and real-time face-swap frameworks like DeepFaceLive, along with newer diffusion-based avatars, can produce convincing video impersonations on consumer GPUs.

The result has been a surge in deepfake-enabled fraud: CFO impersonation scams on Zoom calls, synthetic job candidates passing remote interviews, and voice-cloned executives authorizing fraudulent wire transfers. The infamous Arup case, in which an employee was tricked into transferring roughly $25 million after a video call populated with deepfaked colleagues, has become the canonical example of why static identity controls collapse under modern AI threats.

GetReal's Continuous Verification Approach

GetReal's pitch is that identity assurance must be treated as a runtime signal, not a checkpoint. Rather than verifying a user once at the start of a session, the platform continuously analyzes media streams — video feeds, audio, screen shares, uploaded files — for indicators of synthesis, manipulation, or replay. This includes:

• Multi-modal deepfake detection across video, audio, and image content, scanning for generative artifacts at the pixel, frequency, and temporal levels.
• Provenance and authenticity checks that look for signs of injection attacks, virtual cameras, and tampered metadata.
• Liveness and behavioral signals that go beyond a single selfie capture, monitoring whether the human on the other side of a call remains genuinely present and unmediated by synthesis tooling.
• Incident response integration so that detections can be routed into SOC workflows alongside other security telemetry.

The continuous model is significant because deepfake attackers often pass an initial liveness or KYC check using a legitimate identity, then swap in synthetic media mid-session. Detecting that handoff requires persistent inspection rather than gating logic.

The Technical Arms Race

From a detection standpoint, the challenge is that generative models are improving faster than static classifiers can keep up. Models trained on yesterday's GAN artifacts may miss today's diffusion-based outputs. This is pushing detection vendors toward ensemble approaches that combine multiple specialized detectors, signal-level forensics (e.g., PRNU inconsistencies, compression fingerprints, codec-level anomalies), and behavioral analytics. GetReal has positioned itself in this ensemble camp, arguing that no single detector is robust enough on its own.

There's also a growing emphasis on injection attack detection — catching cases where attackers bypass the camera entirely and feed synthetic frames directly into a video conferencing client via a virtual webcam. This vector is invisible to traditional liveness checks and is becoming a primary technique in enterprise impersonation campaigns.

Strategic Implications

GetReal's continued investment in this space reflects a broader market shift. Competitors like Reality Defender, Pindrop, and Truepic are similarly expanding from point-in-time detection products into platform offerings spanning hiring fraud, executive communications, customer support, and incident response. Enterprises are starting to treat deepfake risk as a discrete budget line, distinct from generic phishing or endpoint security.

For security teams, the practical takeaway is that identity should be treated as an ongoing assertion that needs continuous evidence — not a credential issued once and trusted thereafter. As synthetic media tooling continues to commoditize, the companies that can fuse content authenticity signals with traditional identity and access management will likely define the next generation of enterprise trust infrastructure.

Stay informed on AI video and digital authenticity. Follow Skrew AI News.