Imagine your child picks up your phone and tries to buy a new gadget using your mobile banking app. Then, the password works, and the one-time PIN arrives. Everything seems to work just fine—until the app asks for a quick face scan.
Your child holds up the phone a few distance from the face. Seconds later, the transaction is denied. The system detected that the face on screen does not match the account holder.
That scenario, shared by iProov Managing Director for Asia-Pacific Milko Radotic in an exclusive interview with PhilSTAR Tech, is a simplified version of how banks today have tightened digital safeguards as artificial intelligence (AI)-powered fraud becomes more sophisticated.
Deepfake tools, face-swapping software and AI-generated video grow more accessible by the minute as traditional security layers turn useless on their own.
Criminals are increasingly attempting to bypass identity checks using manipulated camera feeds or synthetic video designed to impersonate legitimate users.
According to Radotic, Union Digital Bank has integrated iProov’s facial verification technology into its authentication process for transactions flagged as risky.
The system prompts users to complete a brief selfie scan and performs two separate checks, which are face matching and liveness detection.
Face matching compares the live image against the photo submitted during account opening. Liveness detection confirms that the interaction is happening in real time, not through a printed photo, a mask, a replayed video or an AI-generated injection attack inserted directly into the camera stream.
iProov’s more advanced “Dynamic Liveness” technology uses a controlled light sequence deployed on the device screen.
Through this, the reflected light patterns help verify that the person is physically present and authenticating at that exact moment, make it it harder for sophisticated deepfake or injection attacks to succeed,
According to Radotic, since the technology was introduced at Union Digital Bank, there have been no successful account takeover cases that bypassed the system, although attempted attacks have been blocked.
“Which is a great testament to the technology that we provide,” Radotic said.
Verification happens real time and returns a yes-or-no response to the bank. If rejected, the bank received information indicating whether the issue was a facial mismatch or signs of spoofing.
A fragmented ID system meets digital banking
The growing use of selfie-based verification also shows a deeper structural issue, which is how identity works in the Philippines.
Financial institutions are allowed to accept up to 31 different types of government-issued IDs when opening an account. But while inclusive, the diversity creates complexity when services move online.
Radotic noted that from a user perspective, accepting many ID types is positive.
From the bank’s side, he said, making sure a document is real, hasn’t been altered, and that the image taken from it isn’t fake or added later creates a lot of technical challenges.
Many Philippine IDs were designed for physical inspection and not for digital authentication.
Unlike some countries where identity documents contain embedded chips that can be “cryptographically verified,” most local IDs rely on visual security elements.
Banks now see the need for verification to be done remotely as more transactions shift to mobile apps, which means an increase in relying on biometric verification.
Radotic said even as the national ID system under PhilSys expands and platforms like eVerify.ph allow institutions to validate identities against government databases, the challenge remains in confirming that the person using the phone is physically present and matches their enrolled identity
