Sign in Subscribe
A human face dissolving into digital noise, representing deepfake spoofing of biometric authentication.
Newsletter

Your Voice Is Not a Password: The Deepfake Assault on Biometrics

A business owner wired away several million francs because the voice on the phone sounded exactly like his partner. It wasn't. Deepfakes now drive one in five biometric fraud attempts — and a usable voice clone takes three seconds of audio.

Alex Rivera
A human face dissolving into digital noise, representing deepfake spoofing of biometric authentication.

👋 Welcome to Unlocked

A business owner in the Swiss canton of Schwyz got a call from someone who sounded exactly like his trusted partner. Then another. Over two weeks of phone conversations, he wired away several million Swiss francs to an account in Asia. The voice was real enough to fool him completely. It just wasn't a person.

That's the uncomfortable truth of 2026: the things we treated as proof of identity — a face on a video call, a familiar voice on the phone — have quietly become some of the easiest things in the world to fake.

It's not a fringe problem. This week, researchers put the global cost of AI-enabled fraud over the last year at $442 billion, and noted that voice clones now fool even trained experts.

This week we dig into the deepfake assault on biometrics — why your face and voice are now attack surfaces, how cheap it has become to weaponize them, and what actually still works when seeing and hearing is no longer believing.

🔑 What's Actually Happening

For years, biometrics were sold as the answer to the password problem. You can forget a password; you can't forget your face. You can phish a code; you can't phish a fingerprint. So banks, phones, and onboarding flows leaned hard into face scans and voiceprints as the strong, "unfakeable" factor.

Generative AI quietly demolished that assumption. A convincing video deepfake or a clean voice clone no longer requires a studio, a budget, or any skill — it requires a few seconds of audio scraped from a webinar and a $30 service. The biometric that was supposed to be impossible to steal turns out to be sitting in every conference recording, social post, and voicemail you've ever left.

The result is a strange inversion. The defenses built to stop impersonation are now the exact systems being impersonated. A voiceprint check at your bank is only as strong as the assumption that the voice is human — and that assumption no longer holds.

📉 The Numbers

  • 1 in 5 — share of biometric fraud attempts that now involve a deepfake, per an analysis of over a billion identity verifications across 195 countries.
  • 1,151% — increase in injection attacks over the past year, where manipulated video is fed directly into a verification system, bypassing the camera entirely.
  • 3 seconds — the amount of public audio now needed to clone a usable voice.
  • $10–$50 — what a deepfake-as-a-service vendor charges to generate a spoof image; ready-made synthetic identities go for even less.
  • $500,000+ — average loss per deepfake fraud incident.
  • $442 billion — estimated global cost of AI-enabled fraud over the past year.

🔍 Three Reasons Biometrics Alone Can't Save You

1. The barrier to entry collapsed.

Deepfakes used to take expertise. Now there's a market for it. Deepfake-as-a-service platforms sell ready-to-run face and voice spoofing for the price of lunch, which means the attacker no longer needs an AI lab — just a target and a credit card. Commoditization is what turns a scary demo into an industry.

2. Injection attacks skip the camera entirely.

The naive assumption behind a face scan is that a real camera is pointed at a real person. Injection attacks break that assumption by feeding pre-made deepfake video straight into the authentication pipeline — no camera, no physical presence, no problem. With these attacks up more than 1,100% in a year, "show us your face" is no longer evidence that a human is on the other end.

3. The fallback is also fakeable.

When something looks off, organizations fall back on a human check: a video call to "confirm it's really you," a voiceprint at the help desk, an approval call to the CFO. Those are exactly the channels voice and video cloning target. Deepfake-enabled vishing has surged into the leading AI fraud vector precisely because the "let me just verify with a quick call" reflex is now the vulnerability, not the safeguard.

🛡️ What This Means for Your Access Layer

Treat biometrics as a username, not a password.

A face or voice is a great way to say who you claim to be — and a terrible way to prove it. Use biometrics for convenience and identification, but never let them stand alone as the thing that grants access. The moment a biometric is the only gate, it's a gate anyone with a recording can walk through.

Bind logins to hardware that can't be cloned.

The one thing a deepfake can't reproduce is possession of a physical device. Phishing-resistant, hardware-bound credentials — passkeys and security keys — tie authentication to something an attacker has to physically hold, not something they can synthesize from a podcast clip. That's the factor deepfakes can't forge.

Kill voice and video as a verification channel for money and access.

Any process where a phone call or video confirmation can move funds or grant access needs a second, out-of-band step: a callback to a known number, a transaction-signing app, an internal code word for high-value requests. "It sounded like the boss" cannot be the control.

Demand liveness and injection detection — and proof it works.

If you rely on biometric verification, insist on certified liveness and injection-attack detection, not a vendor's marketing claim. The industry is moving toward measurable, independently tested assurance for a reason: the spoofs got good.

🔑 The Bottom Line

Biometrics didn't fail because the technology is bad. They failed as a standalone proof because the core assumption — that a face or voice is hard to reproduce — is no longer true. In 2026, your appearance and your voice are public data, cheaply weaponized. The question isn't whether your biometrics can be faked. It's whether your access still depends on the assumption that they can't.

💡 Unlocked Tip of the Week

Ask your team one question this week: "If someone called our finance team with the CEO's exact voice and asked to move money, what would actually stop them?" If the honest answer is "the employee noticing something felt off," you don't have a control — you have a coin flip. Build the out-of-band step before you need it.

🔥 Final Takeaway

For a generation, security advice boiled down to "use something you are." That advice just expired.

One in five biometric fraud attempts now ride a deepfake. A voice clone takes three seconds of audio and thirty dollars. Injection attacks are up over 1,100% in a year. None of it requires breaking your encryption — just convincing a human, or a camera, that a fake is real.

The organizations that come through this in better shape won't be the ones with the sharpest face scanners. They'll be the ones that stopped treating "you are" as proof and went back to "you have" — hardware-bound, phishing-resistant credentials tied to a device an attacker can't synthesize. A deepfake can copy your face. It can't copy the key in your pocket.

Seeing is no longer believing. Plan your access layer like you already know that.

Stay ready. Stay resilient.

Until next time,

The EveryKey Team

← Last Week: The Other 99%: The Non-Human Identities Quietly Running — and Wrecking — Your Network

Share

Related articles