Appdome has released 30 new dynamic defense plugins for Deep Fake Detection in Android and iOS apps, aimed at enhancing Account Takeover Protection (ATO) protection. These plugins are designed to protect Apple Face ID, Google Face Recognition, and third-party face and voice recognition services against AI-generated and other deepfake attacks. The mobile economy relies on facial recognition for authentication, KYC compliance, and combating on-device fraud. However, the rise of AI-generated deepfakes, virtual cameras, image substitution, buffer attacks, and voice cloning has made deepfake detection one of the top anti-fraud and anti-ATO objectives for brands and enterprises in 2025.

“The mobile economy depends on the integrity of facial recognition, FaceID, and other biometric authentication methods as they are more and more used to reduce friction,” said Eric Newcomer, CTO and Principal Analyst, Intellyx. “However, attackers are constantly finding new ways to bypass biometric authentication. Appdome is taking on the challenge of AI-generated deepfake Attacks head-on and providing mobile businesses the granular detection and control defenses to stop these attacks inside the mobile app, preventing them from passing attack data to other systems. This is a great way to combat ATOs and ODF quickly and efficiently.”

“Everyone, from mobile app developers to enterprises to Face ID and Facial Recognition vendors, is struggling with the technical challenges of detecting AI-generated Deepfakes and Face ID Bypass techniques,” said Tom Tovar, CEO of Appdome. “While no one can stop the creation of deepfakes, we’ve succeeded in stopping their use inside mobile applications and we’re making our innovations available to mobile app developers and face recognition vendors alike.”

Despite the growing sophistication of Face ID and facial recognition services for mobile applications, Face ID bypass techniques, which manipulate biometric authentication processes, use virtual cameras, and use AI-generated synthetic images or streams to mimic legitimate users, have started to outpace biometric authentication methods. Additionally, malicious actors are developing tools and techniques to exploit vulnerabilities in device hardware, face recognition software, and face recognition APIs to compromise the integrity of biometric authentication. These challenges highlight the need for enhanced security measures around the biometric authentication workflows, to safeguard Face ID and facial recognition against deepfake attacks.

Appdome’s Deep Fake Detection plugins sit on top of OS-native or third-party Face ID, facial recognition, and voice recognition methods, including face verification SDKs. This approach ensures that any facial recognition process is secure from deepfake attacks and provides enhanced integrity and security for authentication workflows, regardless of the provider. Specific attack vectors that Appdome’s Deep Fake Detection protects against include:

  • Face ID Bypass: Detects attempts to bypass Native Android and iOS biometric, facial recognition authentication systems on mobile devices, including FaceID and Biometric API calls, hardware abstraction layers, and more.
  • Deep Fake Apps: Detects deepfake and face swap apps that can be used to spoof facial recognition services used by Android and iOS applications, including in combination with virtual camera and video injection tools.
  • Deepfake Video Detection: Detects synthetic identity attacks, video injection, frame and image buffer attacks, Direct Memory Access (DMA) attacks, monitors face embeddings, and more.
  • Appdome Liveness Detection: Applies primary or secondary liveness check to ensure a real face is used during the facial recognition process, applying AI models to verify 3D depth, skin texture, lighting, eye reflectiveness, the strength of the liveness image, and more.
  • Voice Cloning: Detects synthetic voice spoofing and voice cloning apps when in use with the protected application, perfect for applications that rely on “my voice is my password” authentication workflows.
    Brands and businesses can expect each Appdome defense to detect a Deep Fake attack as well as its variants. Appdome dynamic defense plugins use real-time behavioral analysis to detect the behaviors and methods that the multitude of FaceID bypass and AI-based DeepFake and Voice Cloning Tools use to exploit authentication checks in Android & iOS apps. As a learning system, it constantly evolves to ensure continuous defense against Deep Fakes and related threats.

“It’s amazing how fast facial recognition, FaceID, and other biometric authentication methods were undermined by AI-generated deepfakes in the mobile economy,” said Chris Roeckl, Chief Product Officer at Appdome. “Appdome is the only solution on the market that places sentries and defenses deep in the execution framework of the mobile application to prevent the deepfake delivery model and well as the use of deepfakes in the applications themselves.”

Like all Appdome mobile app defenses, the new deep Fake Detection plugins combine the power of choice-driven defense in depth, and no-code, no SDK delivery with innovative on-device detection, defense, and intelligence options to satisfy any implementation objective. All Android & iOS Deep Fake Detection Plugins are available with Appdome’s Threat-Events™ Intelligence and Control Framework and ThreatScope™ Mobile XDR service. Threat-Events allows mobile brands and facial recognition SDK and API providers to gather data on each attack and use the data to control the application or user experience when deepfake attacks happen. Mobile brands and facial recognition SDK and API providers can use Threat-Events to gather deeper threat intelligence and create unique workflows and user messages leveraging the power of their brand voice when threats are present. Mobile brands can track and monitor Deepfake attacks via Appdome’s ThreatScope™, either before or after the deployment of the anti-Deep Fake features.

Learn more about Appdome’s Deep Fake Detection.