Unmasking Cybercrime Strengthening Digital Identity Verification against Deepfakes 2026

Page 9 of 23 · WEF_Unmasking_Cybercrime_Strengthening_Digital_Identity_Verification_against_Deepfakes_2026.pdf

← Prev Next → Download original PDF
TABLE 1 Evaluation criteria (continued) Category Evaluation criteria 2 Camera injection tools (camera feed replacement/spoofing) Tool basics Tool name, version, source, price/licensing Injection method Virtual camera, hooking camera application programming interface (API), overlay, emulation Mobile platform supportAndroid/iOS/Emulator (BlueStacks, LDPlayer, etc.) Root/jailbreak requiredYes/no; if yes, specify framework (Magisk, Xposed, etc.) Camera replacement typeFull feed replacement/overlay/mirrored injection Live feed streaming Can it stream face-swapped content in real time? Compatibility with KYC appsFaceTec, Onfido, Jumio, etc. – which apps can it spoof? Detection resistance Can it bypass software development kits (SDKs), detecting VCam or hook tools? Timing accuracy Is the feed synced with user interface (UI) prompts (e.g. smile now, blink now)? UI hijack capabilities Can it fake app UI or overdraw the KYC app interface? Latency and quality Frame rate, feed lag, resolution distortion Device artefacts Custom package name, process ID, camera access logs Sandbox evasion Can it avoid being detected in test/sandboxed KYC environments? Network behaviour Does it connect to command-and-control (C2) or upload feeds/logs externally? Persistence Can it autostart, run in stealth mode or survive reboot? Summary In total, 17 face-swapping tools were evaluated to determine their functional characteristics and potential to enable digital KYC bypass. Tools were observed to cluster into three operational modes: real-time webcam swappers, offline desktop frameworks and hosted web services. Genuine real-time face swapping capability was uncommon (demonstrated by five tools), and only a subset of those (three tools) provided virtual-camera or equivalent injection paths suitable for integration into live verification flows. Overall, the greatest KYC risk was found where low-latency, high-fidelity, real-time swaps were deliverable directly into a verification pipeline. Most tools were intended for creative or entertainment use and did not explicitly include anti-KYC functionality. These findings are based solely on claims made in the tools’ publicly available documentation and websites, not on direct empirical testing. Evaluation of face-swapping tools Unmasking Cybercrime 9
Ask AI what this page says about a topic: