Sumsub Launches Real-Time Deepfake Detection Engine

Identity verification provider Sumsub has launched a real-time deepfake detection capability designed to catch synthetic media attacks during live video sessions, rather than after the fact. The move reflects an industry-wide pivot from forensic, post-event analysis toward in-session defenses as generative video tools become fast enough and cheap enough to fool standard KYC and onboarding flows.

Why Real-Time Detection Matters Now

For most of the past five years, deepfake detection has been a largely asynchronous problem: investigators received a suspicious clip, ran it through a classifier, and produced a verdict hours or days later. That timeline collapses when attackers use real-time face-swap and voice-clone tooling — frameworks like DeepFaceLive, open-source diffusion-based avatars, and commercial “AI presenter” APIs — to impersonate customers during live onboarding calls or step-up authentication.

Sumsub’s own data, along with reports from competitors like Onfido, iProov, and Jumio, has shown a sharp rise in injection attacks where attackers feed synthetic video directly into a camera stream via virtual webcams or hooked drivers. Detection in this environment must operate at low latency on streaming frames, not on uploaded files.

What Sumsub Is Actually Shipping

The company describes the new system as a real-time layer integrated into its existing liveness and identity verification stack. Technically, this class of system typically combines several signals:

• Spatial artifact detection: CNN or transformer-based classifiers trained to flag GAN- and diffusion-specific artifacts — blending seams around the jawline, inconsistent specular highlights in the eyes, and frequency-domain anomalies invisible in pixel space.
• Temporal consistency checks: models that look across frames for unnatural micro-expressions, irregular blink rates, and head-pose drift — common failure modes of frame-by-frame face swap pipelines.
• Physiological signals: remote photoplethysmography (rPPG) to detect the faint color changes from blood flow that synthetic faces typically fail to reproduce convincingly.
• Injection attack detection: device- and stream-level signals that identify virtual cameras, emulators, and replay attacks, which often precede deepfake injection.

Sumsub claims its detection runs in-session with low enough latency to halt a verification flow before it completes — the practical bar that separates “real-time” from marketing language.

The Competitive Landscape

Sumsub is not alone. iProov has long marketed its Dynamic Liveness product around real-time injection defense; Onfido (now part of Entrust) has pushed deepfake-aware biometrics; and startups like Reality Defender and Sensity AI sell standalone detection APIs. What differentiates the identity-verification incumbents is distribution: they already sit inside thousands of fintech, crypto, and gig-economy onboarding pipelines, which gives them both the data to train detectors and the surface area to deploy them.

The flip side is that detection is an arms race. Every published benchmark — FaceForensics++, DFDC, DeepfakeBench — shows that detectors degrade significantly on out-of-distribution generators. A model trained on 2023-era face swaps will struggle against 2025 diffusion-based avatars unless it is continuously retrained on fresh adversarial samples.

Strategic Implications

For enterprise buyers, the launch is a signal that deepfake defense is moving from an optional add-on to a baseline KYC requirement. Regulators are catching up: the EU AI Act’s transparency obligations, the FTC’s impersonation rule in the U.S., and emerging biometric data rules in multiple jurisdictions all push verification vendors to demonstrate active synthetic-media controls.

For the broader synthetic media ecosystem, Sumsub’s move highlights the tension at the heart of digital authenticity. The same generative models that power legitimate creative tools — AI avatars, dubbing, virtual production — are repurposed by fraud rings within weeks of release. Detection vendors are effectively building a permanent shadow infrastructure tracking the output distribution of every major video and voice generation model.

Expect more announcements like this through 2025 as identity vendors race to add real-time deepfake layers, and as enterprise customers begin asking for measurable detection rates against named generators rather than generic “AI fraud protection” claims. The benchmark question for buyers should be specific: what is your true positive rate on injection attacks using current open-source and commercial face-swap tools, measured at production latency? Vendors that can answer concretely will define the next phase of digital authenticity.

Stay informed on AI video and digital authenticity. Follow Skrew AI News.