Deepfakes are often framed as a future problem. In the APAC region, that future is already here.
Over the past three years, the APAC region has become a proving ground for advanced fraud techniques, where deepfake technology, synthetic identities, and AI-driven attacks converge within everyday onboarding flows. What emerges from this environment does not stay local. It increasingly shapes how global digital identity frameworks, fraud detection models, and fraud prevention strategies evolve.
What is Fraud Today, and Why the Definition is Changing in the APAC Region
Deepfakes are no longer theoretical. In APAC, deepfake-related fraud has been rising for three consecutive years. According to Sumsub’s annual Identity Fraud Report 2025–26, multiple countries in the region recorded triple-digit growth, indicating steady expansion with no sign of slowing down.
Fraud no longer starts with stolen cards or obvious scams
While credit card fraud and traditional impersonation schemes still exist, overall fraud volumes are stabilizing in several mature markets. At the same time, deepfake incidents are rising sharply. APAC is recording some of the fastest growth rates globally.
In Singapore, for example, deepfake fraud grew by 158% year-on-year in 2025, driven largely by impersonation scams and fraudulent e-wallet registrations, even as the country’s overall fraud rate fell. This pattern — lower volume but higher sophistication — shows that fraudsters are deliberately investing in better tools to defeat liveness checks, rather than relying on simple or high-volume attacks.
The APAC region as a testing ground for next-generation fraud
What is now emerging globally is a Sophistication Shift, where deepfakes are used as one layer in complex, multi-step fraud chains rather than as standalone tricks.
Sumsub’s data shows a 180% year-on-year jump in “sophisticated” fraud, where attackers combine synthetic personal data, document forgeries, deepfake video, and telemetry tampering to get through onboarding.
In APAC, these techniques are often tested in high-growth sectors such as crypto, e-wallets, and online trading, where onboarding is remote, fast, and frequently cross-border. The headlines around deepfakes are justified. But the real story is that deepfakes have become part of industrialized fraud operations targeting any business with digital onboarding.
Deepfake Meaning in Practice: When Visual Trust Breaks Down
One example is synthetic video. Next-generation text-to-video systems, such as Google Veo and OpenAI’s Sora and Sora 2, can render entire dynamic scenes from short prompts, complete with realistic facial microexpressions, lighting, and depth.
These tools allow attackers to stage convincing deepfake liveness checks that mimic the movements and reactions of real people. As a result, visual verification — once a cornerstone of fraud detection — has become one of the most vulnerable layers of digital identity defense.
From Fake Documents to Fake Context: the Next Phase of Fraud
The most surprising shift in 2025 is not just better deepfakes, but how fraud is executed.
AI fraud agents and fully automated onboarding attacks
Fraudsters have moved away from low-effort schemes, such as sloppy document forgeries or basic credit card fraud, toward autonomous AI fraud agents that can run an entire onboarding attempt end-to-end.
These self-operating systems can build a synthetic persona, generate deepfake content, tamper with device data, and retry verification with small variations until it succeeds. Instead of a fraudster manually uploading a forged document, AI systems now orchestrate full attack chains at scale.
Why context manipulation breaks traditional fraud prevention
At the same time, telemetry tampering has surged. Fraudsters no longer fake only faces or documents. They manipulate the invisible infrastructure behind verification — SDKs, APIs, device fingerprints, and network signals — to make high-risk sessions appear legitimate.
In simple terms, fraud has shifted from manipulating content to manipulating context. This exposes two major weaknesses in verification systems today: over-reliance on visual checks and insufficient scrutiny of behavioral and device-level signals that distinguish a real human from an AI-driven attack.
Digital Identity Under Pressure: When Onboarding Works Too Well
For founders and operators, the first sign of compromise is rarely a dramatic breach. Instead, it appears as a pattern of “quietly good” customers who pass onboarding smoothly and only reveal themselves later.
The rise of synthetic identities in the APAC region
In 2025, synthetic personal data fraud in APAC surged by 142% year-on-year and now accounts for approximately 15.7% of all fraud attempts, making it the region’s third-largest fraud category.
These synthetic identities combine fabricated personal information — names, addresses, dates of birth, and document numbers — with high-quality deepfake content. They often pass basic document checks and remain dormant for months.
When “good” users turn into a fraud risk later
These accounts surface later through chargebacks, money mule activity, or coordinated abuse across multiple accounts, highlighting how digital identity risk now extends far beyond onboarding.
Money Mule Networks and the Downstream Impact of Fraud
The rapid growth of fraud networks and money mule operations in APAC is particularly alarming. Legitimate accounts, once properly onboarded, are increasingly drawn—through deception or coercion — into organized laundering networks.
Fraudsters either trick users into “renting” their accounts or purchase verified accounts outright. Research shows the average price for one account ranges from US$40 to US$100. Once acquired, these accounts become nodes in large-scale money mule networks, moving illicit funds across borders in ways that are extremely difficult to trace.
In 2025, one in four individuals in the APAC region was targeted for mule recruitment, highlighting how widespread and normalized this form of fraud has become.
Why Onboarding-Only Fraud Prevention No Longer Works
With the Sophistication Shift, the attack surface has expanded beyond onboarding to the entire customer lifecycle. Instead of trying to break in at the door, fraudsters focus on getting verified first — then exploiting the trusted status they gain.
To stay ahead of this evolving fraud landscape, businesses require continuous, real-time monitoring across the entire lifecycle. This includes post-KYC protection through behavioral analytics, fraud network detection, and intelligence sharing based on large-scale, real-world fraud data.
Fraud Detection vs Usability: Protecting Digital Identity Without Exclusion
Deepfake detection models are improving rapidly, but they perform best with clean, stable input. Real users, however, do not always have perfect lighting, modern smartphones, or reliable connectivity.
KYC flows must assume imperfect conditions. Clear instructions, real-time feedback, short steps, and the ability to re-capture individual stages without restarting the entire process help honest users succeed while maintaining strong fraud prevention.
At the same time, security cannot rely on a single liveness check. Real protection comes from layered fraud detection, combining biometrics, document verification, device fingerprinting, and behavioral signals throughout the customer lifecycle.
Transparency, Trust, and Fraud Prevention in the Age of AI
There is growing momentum toward transparent AI in verification. However, full “ingredient-style” disclosure — detailing exactly how liveness models work — creates security and intellectual property risks.
Instead, the industry is moving toward explainable enough systems. Verification providers must clearly communicate what data is used, how it is protected, and how decisions can be reviewed, without exposing mechanisms that fraudsters could reverse-engineer.
As regulators sharpen their focus on AI and fraud, transparency and governance are becoming competitive differentiators in fraud prevention.
When Fraud Prevention Becomes a Driver of Exclusion
From a business-risk perspective, the most underestimated danger today is exclusion. As fraud becomes more sophisticated, many organizations default to overly strict controls that block legitimate users.
According to Sumsub’s Greenflag study, over 627 million people globally are excluded from financial, healthcare, education, and employment platforms due to non-standard IDs, changing appearances, low digital literacy, or geographic bias. This group represents an estimated US$1.75 trillion in untapped purchasing power.
Overly strict systems create hidden costs — lost revenue, reputational damage, and long-term trust erosion. Overly lenient systems expose businesses to financial losses, regulatory penalties, and brand harm.
The Real Trade-Off Businesses Can’t Avoid Anymore
Neither extreme works. The future of fraud detection and fraud prevention lies in full-cycle, risk-based verification combined with more inclusive approaches such as document-free verification.
This model allows businesses to stay ahead of advanced fraud while avoiding “reject-by-default” systems that quietly lock legitimate users out of the digital economy.
