How generative AI is revolutionising identity theft and digital fraud

AI Identity Theft

As generative AI technology becomes more sophisticated, cybercriminals are leveraging deepfake technology and AI-powered tools to commit AI identity theft on an unprecedented scale. This comprehensive analysis examines the growing threat of AI-enabled fraud and explores how South Africa and global institutions respond to protect our digital identities.

Artificial intelligence’s multifaceted operational and creative uses have experienced a surge in public awareness on the internet’s surface level. Still, a darker, more sinister undercurrent is emerging that exploits the technology. 

For all of the water cooler chats about ChatGPT, ways to find restaurant recommendations or logo generation tools to get small businesses up and running, Generative AI (GenAI) in the hands of criminals significantly impacts all digital users.

The rise of AI identity theft in South Africa

Social media is already rife with ‘AI slop’, often harmless enough, whereas superimposed images are also recognisable in election-time propaganda or graphic content unlawfully using people’s identities. Now, this deepfake technique is used by financial criminals. 

By imitating biometric features and curbing authentication logins, it grants them access to a swathe of shareable personal information, begging the question – how can we maintain data safety in South Africa, and around the world, ensuring financial institutions become impervious to opportunistic fraudsters, yet remain open to legitimate users?

Digital identity verification under threat

Identity data is the most valuable commodity businesses use to understand their customers or governments and keep records of their citizens. This makes it ample ammunition for criminals who desire it for hacking purposes, blackmail, or other financial gain. 

South Africa is a red-hot target: the second most on the continent, 37th globally and, as the Daily Maverick finds, in an uphill battle to ensure its residents’ data privacy. The state and public sector are at risk, with hacks occurring at national airlines, the South African National Defence Force (SANDF) and the Department for Home Affairs (DHA) – the authority in charge of national identification and civil registration.

Even though trust in effective and practical GenAI is gathering steam, almost half of South African businesses are tentative about integrating the technology. It’s not hard to see why. The dark web is a worrying haven for our email addresses, phone numbers, and passport photos, shared under the radar by underground networks. GenAI can replicate images at the push of a button, granting scammers control of even more information.

digital identity challenges in 2025

How deepfakes are changing digital identity

Identities once unique to us are being blurred from reality into fiction at the hands of others, all on the digital playground of the internet. The open-source network’s governance has been debated since its inception, where discourse over public safety has ramped up due to advanced criminal sophistication that’s making more ‘real’ news headlines.

Government and regulatory responses to AI identity threats

Are we moving toward better online detection? Efforts being suggested to craft a standardised regulatory framework for the World Wide Web are either centralised and highly policed, or decentralised, a method already viewed as a way to track and verify transparent audit logs for cryptocurrency transfers to stamp out illegal users. While the former can be criticised for being restrictive, the latter opens loopholes for criminals, where distributed ledgers for crypto are a compliance grey area, like AI itself.

World Bank’s ID4D initiative and South African reforms

Instead, regional practices for customer and national identity verification and data privacy are a burgeoning cornerstone for trusted compliance. As part of the World Bank’s Identification for Development (ID4D) initiative, which shares expertise around digital identification systems for safety, inclusion and responsible governance between businesses and governments, the DHA has reformed its ID practices since 2000, expanding coverage amongst its population. This provides greater access to social programmes (for obtaining IDs promptly), secure holdings of birth, death, and other civil documentation, the implementation of biometrics (using the Automated Fingerprint Identification System, AFIS), and creates a dialogue between government and regulatory authorities committed to robust identification systems.

Holistic, broad strokes over ID verification and safety are tricky globally. However, closer partnerships between specialised agencies and government bodies for using sophisticated regulation technology (RegTech) are spreading to account for growing AI-based criminal activity over identity collection. 

A joint effort of investigation and prosecution starts with standardised levels of intelligence sharing and ID system modernisation, as shown by the DHA and the wider World Bank initiative, itself working in conjunction with the Bill & Melinda Gates Foundation, the UK Government, the Australian Government and the Omidyar Network.

data privacy and technology integration

Balancing security and financial inclusion in the AI era

Additional challenges come with these greater parameters around identity governance (especially in the wake of GenAI). As we have recently seen in South Africa’s financial circles, the DHA’s proposed price hike for live ID verification enquiry costs has faced market opposition for its potentially damaging effect on democratising the financial services industry. 

Strict laws and the costs of complying with them either price out startups and smaller innovative businesses that can disrupt the market, or drive up prices for their customers in attempting to meet requirements. If implementing anti-money laundering (AML) compliance to onboard trusted customers and monitor payments securely becomes an expensive and exclusive privilege, this wrecks the ideal of financial inclusion that South Africa is working hard toward.

The need for connected ecosystem solutions

This only reinforces the need for a connected ecosystem reliant on cooperation and product development between regulators, technologists, government bodies and financial services. Striving to protect consumers and maintain accountability is paramount. Through RegTech, the sector can focus on keeping customer registration, money transfers and basic banking necessities affordable, strengthening every player’s growth in the diverse financial field.

building a robust financial ecosystem in 2025 and beyond

The future of AI identity protection

It is not simple to find a middle ground in the black-or-white GenAI debate: on one hand, heavy surveillance, on the other, the diffusion of responsibility in thinking somebody else is solving the market’s identity verification compliance challenges. 

However, going forward, concrete, proactive measures need to be taken regionally and globally between all necessary parties to find a workable ID framework suitable for the entire sector quickly before digital identity theft threatens to alter the very idea of personal identity.

*The battle between sophisticated fraud techniques and advanced security measures intensifies as generative AI evolves. Organisations, governments, and individuals must work collaboratively to develop robust identity protection systems that balance security with accessibility, ensuring their potential for misuse doesn’t overshadow the benefits of AI technology.*

Disclaimer
This article is intended for educational purposes and reflects information correct at the time of publishing, which is subject to change and cannot guarantee accurate, timely or reliable information for use in future cases.

Arrange a demo

More News and Resources

Resourcing a modern AML compliance function main banner

Resourcing a modern AML compliance function

January 27, 2024

With digitalisation playing a significant part in our lives, it’s no different for&nbsp;modern AML compliance. However, regulatory technology (RegTech) cannot work best alone. Human ingenuity still plays its role in solving the problems that permeate financial services regarding money laundering, terrorist financing and other crimes; it’s calculated that around&nbsp;99.8% of laundered money&nbsp;is still untraced, while &hellip; <a href="https://relycomply.com/resourcing-a-modern-aml-compliance-function/">Continued</a>

ai-powered transaction monitoring

Revolutionising AML Compliance: The Impact of AI-Powered Transaction Monitoring

April 3, 2024

Advancements in RegTech are having a crucial effect on financial services’ approach to achieving AML compliance. Automation processes can provide accurate real-time risk alerts and continuous KYC, reducing manual work and, more importantly, the threat of laundered money moving through the system.&nbsp; Fuelling this tech revolution is AI, whose generative functions are reshaping operational processes &hellip; <a href="https://relycomply.com/ai-powered-transaction-monitoring/">Continued</a>

KYB vs KYC

KYB vs KYC: Understanding the Differences and Importance in AML

August 14, 2024

This article discusses the nuances of KYB vs KYC, exploring their differences, importance, and implementation in the context of&nbsp;AML compliance.&nbsp; As regulatory scrutiny intensifies, financial institutions must implement comprehensive due diligence measures to mitigate risks associated with money laundering, terrorist financing, and other financial crimes.&nbsp; At the heart of these measures lie two critical processes: &hellip; <a href="https://relycomply.com/kyb-vs-kyc/">Continued</a>

Cookie Settings

Manage your cookie preferences here.