Biometric spoofing just moved further into mainstream devices — iPhones and other iOS products are now being targeted at scale.
Overview
iProov’s Threat Intelligence Report 2026, built on data from its Security Operations Center and threat teams, documents a major rise in biometric injection attacks. The firm reports a 741% year-over-year increase overall, with attacks against iOS devices spiking by about 1,151% in the second half of 2025. The findings indicate attackers are increasingly using generative AI to produce realistic biometric forgeries that can defeat remote identity checks.
Key findings
- Massive overall growth in injection attacks, driven by advances in generative AI and automation.
- A dramatic shift in targets: Apple devices, long seen as relatively safe from injected deepfakes, experienced an especially steep rise.
- Criminal techniques often originate in specific regions before being scaled globally.
- Experts warn that improvements in AI movement and realism could create systemic operational risk for organizations relying on face or voice biometrics.
- Market response: demand for deepfake and injection attack detection is growing rapidly, with forecasts projecting multi‑billion dollar markets in the near term.
Regional patterns and attack lifecycle
The report describes a pattern where new fraud techniques appear in Southeast Asia, are refined, then spread to other markets — notably Latin America. This typical lifecycle allows criminal groups to test and scale successful methods before targeting larger or more regulated geographies.
Standards and defenses
iProov stresses continuous identity threat detection and alignment with established and emerging standards such as NIST SP 800-63-4, CEN/TS 18099, FIDO Face Verification Certification and ISO/IEC 25456. Recommended defenses include continuous liveness checks, multi-modal verification, real-time threat intelligence, and stronger accountability around AI agents used in identity systems.
Why this matters
- Financial impact: Banks and fintechs face higher fraud losses if biometric checks can be bypassed.
- Operational risk: Widespread, convincing deepfakes could disrupt onboarding and verification processes at scale.
- Trust and reputation: Organizations that fail to detect injected biometrics risk losing customer trust and regulatory scrutiny.
- Market pressure: Growing demand for robust deepfake detection will reshape vendor offerings and procurement priorities.
Conclusion
The iProov report is a clear signal: biometric systems can no longer rely on assumptions about device immunity. Organizations should accelerate continuous liveness detection, adopt relevant standards, and integrate threat intelligence to stay ahead of increasingly automated identity attacks.