AI-Generated Fake IDs Challenge Crypto Exchanges' KYC Protocols

These AI-generated IDs have been very successful as many people have reported that they can be used to easily bypass KYC checks on major exchanges.

Artificial Intelligence (AI) has once again opened the doors for criminals to find some pretty creative ways to defraud people in the crypto space. OnlyFake, a controversial service using AI to create realistic fake IDs, has been reported to bypass KYC checks on major crypto exchanges. Meanwhile, IBM Security researchers have unveiled "audio-jacking," a new cyberattack method using generative AI to manipulate live audio conversations. On a more positive note, Roblox has introduced an AI-powered translation model aimed at enabling real-time text-based interactions among players speaking different languages.

Crypto Exchanges Face New Threats from AI-Generated Fake IDs

A new service named OnlyFake is creating some serious waves in the crypto and financial services sector by offering to generate realistic fake driver's licenses and passports from 26 countries, including major ones like the United States, Canada, Britain, Australia, and several European Union countries, for just $15 each. This service, which claims to use artificial intelligence "neural networks" and "generators," accepts payment in various cryptocurrencies through Coinbase's commercial payments service. It has also reportedly been successful in passing Know Your Customer (KYC) checks on multiple crypto exchanges.

According to 404 Media, the service even managed to bypass the KYC verification process of crypto exchange OKX using a photo of a British passport it generated, which appeared to be casually laid on a bedsheet. There is even a Telegram group where users share their success stories in using these IDs to beat verification processes at several financial platforms including Kraken, Bybit, Bitget, Huobi, and PayPal.

The pseudonymous owner of OnlyFake, going by "John Wick," confirmed to 404 Media that the IDs could fool KYC checks at major exchanges like Binance, Kraken, Bybit, Huobi, Coinbase, OKX, and the crypto-friendly neobank Revolut. Despite the alarming capabilities of the service, OnlyFake's website claims that it does not "manufacture forged documents" and states that its templates are intended solely for use in entertainment and illustration purposes.

The process of creating a fake document on OnlyFake is reportedly very quick, taking less than a minute. Users have the option to upload a personal photo or select one from a provided library. The service also offers the capability to generate up to 100 fake IDs simultaneously using Excel spreadsheet data and provides options for spoofing image metadata, including GPS location, date, time, and the device used for taking the photo.

This development naturally raises some serious concerns considering the backdrop of increasing sophistication in technology used by scammers, including AI deep fake tools that challenge the effectiveness of video verification in identity checks.

Audio-Jacking: AI's New Cyber Threat

Meanwhile, IBM Security researchers have uncovered a new form of cyberattack called "audio-jacking," which uses generative AI and deepfake audio technology to hijack and manipulate live conversations. This technique allows attackers to process live audio from conversations, like phone calls, and alter it based on certain triggers like specific keywords or phrases. In a demonstration, the AI was able to intercept a speaker's request for bank account information during a conversation and substitute the authentic voice with a deepfake one, providing a different account number without detection by the participants.

The experiment showcased how relatively simple it is to develop such a system, pointing out the very powerful capabilities of modern generative AI. According to IBM Security's blog post, the primary challenge was not building the AI system but capturing audio from a microphone and feeding it to the generative AI.

While the execution of an attack like this might require elements of social engineering or phishing, the implications of audio-jacking are massive. Beyond financial fraud, it also poses a great risk as a tool for invisible censorship, potentially altering live news broadcasts or even political speeches in real-time.

Roblox Unveils AI Translation Model

In other AI news, Roblox, the popular online gaming platform, has taken a big leap forward in breaking down language barriers among its global player base. In a recent announcement, Roblox's Chief Technology Officer, Dan Sturman, unveiled the development of an innovative AI-powered "unified translation model" designed to facilitate real-time text-based conversations between players speaking different languages.

This system is built on a large language model (LLM) that operates with a base latency of just 100 milliseconds, ensuring that the conversations happen seamlessly, without the users noticing any delay. The creation of this translation system emerged from Roblox's ambition to transcend the automatic translation of static in-game content, aiming for a more dynamic interaction between its users.

According to Sturman, the main challenges in developing this translator were the design of a system capable of translating between all 16 languages independently and achieving the speed necessary for real-time communication. To overcome these hurdles, Roblox decided against creating individual models for each language pair, which would have required 256 different models. Instead, they developed a single transformer-based LLM capable of handling all language pairs, thereby streamlining the process considerably.

Roblox's approach to training this LLM involved both public and private data sources, alongside collaboration with "expert" translation apps for refining each language's nuances. The model also tackles the challenges of translating less common language pairs by employing "back translation" techniques to enhance accuracy and understandability. Furthermore, Roblox incorporated human evaluators to keep the system updated with the latest slang and trending terms, ensuring the translator remains relevant and effective.

This new translation feature has already shown positive impacts on user engagement and session quality. With over 70 million daily active users from more than 180 countries, Roblox's initiative not only enhances the gaming experience for its diverse user base but also aligns with CEO David Baszucki's vision of interoperability in the metaverse, where users can freely move digital assets across multiple platforms.