Biometric identity verification firm iProov has released its 2026 Threat Intelligence Report, revealing a dramatic escalation in AI-enabled identity attacks — including a 1,151% surge in injection attacks targeting iOS devices in the second half of 2025.

The report, drawn from live observations by iProov’s Security Operations Center (iSOC), examines how generative AI is enabling threat actors to evolve tactics, launch attacks faster, and operate at greater scale against organisations that rely on digital identity verification.

iOS Devices Become Prime Attack Targets

After a modest 14% increase in iOS-targeted injection attacks in the first half of 2025, activity surged by 1,151% in the second half, contributing to a 741% annual increase. iProov said this marks the industrialisation of attack techniques once limited to experimental or state-sponsored operations, now weaponised into repeatable, scalable playbooks.

Deepfakes Expand Beyond Identity Verification into Everyday Workflows

Deepfakes are no longer confined to identity verification systems. iProov found that synthetic identities are increasingly being used in everyday corporate workflows — particularly video-based interactions. Advances in image-to-video generation tools, including platforms such as Kling AI and Nano Banana, are making it easier to create highly realistic synthetic identities from minimal source material.

“Generative AI is allowing attackers to industrialize digital impersonation at scale. To defend against this, organizations must be able to establish genuine human presence in digital interactions to ensure trust and security.” — Dr. Andrew Newell, Chief Scientific Officer, iProov

Southeast Asia a Testing Ground for Emerging Fraud Techniques

Southeast Asia emerged as a proving ground for new attack techniques in 2025, recording a 720% spike in attacks in the third quarter. iProov noted that techniques proven in the region — including virtual camera attacks and stolen KYC identity packages — are subsequently adopted and scaled by criminal networks in other regions, particularly Latin America.

The report calls for organisations to move beyond static, legacy approaches to identity verification, adopting systems that continuously monitor the threat environment and align with updated standards including NIST SP 800-63-4 and FIDO Face Verification Certification. iProov’s clients include GovTech Singapore, the U.S. Department of Homeland Security, and UBS.

The full 2026 iProov Threat Intelligence Report is available at iproov.com.