iProov Issues Annual Threat Intelligence Report

LONDON--(BUSINESS WIRE)--iProov, the world's leading provider of science-based biometric identity verification solutions, today released its 2026 Threat Intelligence Report. Drawing on live observations of criminal activity worldwide, the report examines how generative AI is enabling threat actors to evolve their tactics and launch attacks faster and at greater scale, targeting organizations that rely on digital identity verification to secure access to systems and high-value transactions.

“Identity is becoming the new battleground in cybersecurity,” said Dr. Andrew Newell, Chief Scientific Officer at iProov. “Generative AI is allowing attackers to industrialize digital impersonation at scale."

Share

Key findings include:

• Injection attacks targeting iOS devices surged by 1,151% in the second half of 2025, contributing to a 741% annual increase.
• Deepfake impersonation is expanding within enterprises across everyday corporate workflows, particularly video-based interactions.
• Southeast Asia experienced a 720% spike in attacks in Q3 2025, highlighting the region’s role as a testing ground for emerging fraud techniques.

“Identity is becoming the new battleground in cybersecurity,” said Dr. Andrew Newell, Chief Scientific Officer at iProov. “Generative AI is allowing attackers to industrialize digital impersonation at scale. To defend against this, organizations must be able to establish genuine human presence in digital interactions to ensure trust and security.”

Evidence of the growing threat is reflected across the wider industry. According to the Ponemon Institute, 41% of organizations have experienced deepfake attacks targeting executives, while a September 2025 Gartner study found that 37% of cybersecurity leaders have encountered deepfake incidents during video calls. These findings illustrate how advances in AI are accelerating identity-based attacks — from deepfakes to impersonation and social engineering — across digital systems and corporate communications. Recent cyber incidents, including those affecting Marks & Spencer and Jaguar Land Rover, demonstrate how gaps in identity and access security can leave organizations exposed, allowing a single successful impersonation or social engineering attack to disrupt systems and operations.

The iOS Security Gap

Attacks targeting iOS devices accelerated rapidly throughout 2025, indicating they have suddenly become an attractive target for attackers. While the first half of the year saw a 14% increase in injection attacks, activity surged in the second half, rising by 1,151% compared with the same period in 2024. This marks the industrialization of attack techniques once feasible only for experimental or state-sponsored use, as they move from isolated operations to weaponized, repeatable playbooks deployed at scale.

Deepfakes Strengthen Their Hold on the Enterprise

Deepfakes are increasingly being used beyond identity verification systems and into everyday corporate workflows, particularly across video-based interactions. Advances in image-to-video generation, driven by widely accessible AI tools such as Kling AI, Nano Banana, and similar platforms, are making it easier than ever to quickly create highly realistic synthetic identities from minimal source material.

Globalization of Crime Networks With Southeast Asia Leading the Way

Identity fraud is also becoming increasingly globalized. Criminal groups are attacking in Southeast Asia which has become a test ground for new techniques, including virtual camera attacks and stolen KYC identity packages. During 2025, the region experienced dramatic spikes in activity, including a 720% increase in attacks during Q3. Once proven, these techniques are then adopted and scaled by criminal groups to other regions, particularly Latin America, accelerating the spread of coordinated identity attacks across global financial institutions and digital platforms.

Organizations Must Shift to Continuous Identity Threat Detection and Standards Alignment

The rapid evolution of the threat landscape is outpacing static, legacy approaches to identity verification and authentication. These approaches assume threats are constant and that defenses can be tested by static methodologies alone, and they have become obsolete and perilous. As a result, organizations must adopt systems that continuously monitor the threat environment and are set up to evolve in response to the changing threats, increasingly powered by AI. This broadens their focus from technology capabilities to the visibility, agility, and speed of the business systems that maintain them. Key to this is conformance with recently updated standards and guidelines outlined in NIST SP 800-63-4, CEN/TS 18099, and FIDO Face Verification Certification.

Report Methodology and Themes

The annual iProov Threat Intelligence Report 2026 draws data from the iProov Security Operations Center (iSOC), combining real-time threat detection, external threat intelligence, dark web monitoring, red-team penetration testing, and biometric security research.

Download the Report

To download the full report and learn more about the latest trends in identity verification threats and mitigation strategies, please visit the iProov website here.

About iProov

iProov provides science-based biometric solutions that enable the world’s most security-conscious organizations to streamline secure remote onboarding and authentication for digital and physical access. Its award-winning liveness technology and iSOC offer unmatched resilience against deepfakes and generative AI threats while ensuring effortless, scalable user experiences. Trusted by leading governments and enterprises, including the U.S. Department of Homeland Security, U.K. Home Office, GovTech Singapore, ING, and UBS, iProov sets the standard in biometric identity assurance. Learn more at www.iproov.com.