CAMBRIDGE, Mass. — A growing underground market for tools that bypass facial-recognition safeguards is undermining banks’ and crypto platforms’ efforts to prevent fraud and money laundering, according to an investigation by MIT Technology Review.
The publication reported that scammers are increasingly using software known as “virtual cameras” to defeat “Know Your Customer” (KYC) identity checks, which are designed to verify that account holders match submitted identification documents. Instead of using a live camera feed, the tools allow fraudsters to substitute pre-recorded video, images or deepfakes to pass so-called “liveness” tests, MIT Technology Review said.
According to MIT Technology Review, these tools are widely marketed on Telegram, where researchers identified at least 22 public channels advertising services to bypass biometric verification and sell stolen identity data. Some groups, with thousands of members, promoted their offerings with videos claiming successful breaches of safeguards at major financial institutions and cryptocurrency platforms.
‘Cat and Mouse Game’
The report said the rise in such tools reflects an escalating “cat-and-mouse game” between financial institutions and cybercriminals. As banks and crypto firms strengthen security and compliance requirements, attackers are developing more sophisticated methods to exploit weaknesses in mobile devices and banking apps.
MIT Technology Review cited cybersecurity researchers and firms as saying these attacks are increasing sharply. Biometric verification company iProov estimated that virtual-camera attacks were more than 25 times as common globally in 2024 as in 2023, while identity verification firm Sumsub reported that complex fraud attempts, including KYC bypasses, nearly tripled among its clients.
Global Growth of Scams
The publication also linked the trend to the rapid growth of global online scams, including “pig-butchering” schemes, in which criminals build trust with victims before stealing funds. Blockchain analytics firm Chainalysis estimated that crypto scams and fraud reached about $17 billion in 2025, up from $13 billion a year earlier, MIT Technology Review reported.
The United Nations Office on Drugs and Crime has warned that expanding scam syndicates, particularly in Asia, are helping scale the industry’s profits, according to the report.
MIT Technology Review said financial institutions including Binance, BBVA and Revolut acknowledged the existence of such threats, describing them as an industrywide challenge, though they emphasized ongoing efforts to detect and prevent attacks.
How Regulators are Responding
Regulators are also responding. The report noted that authorities in countries such as Thailand have strengthened monitoring requirements and account controls, while the U.S. Financial Crimes Enforcement Network has warned about the use of deepfakes and virtual cameras in financial fraud.
Despite those efforts, experts told MIT Technology Review that many attacks may go undetected, and that cybercriminals are likely to continue adapting. As one researcher told the publication, tightening controls may slow fraudsters but “it’s just a matter of time” before new methods emerge.
