With decades of experience in management consulting, Marco Gaietti is a seasoned expert in Business Management. His expertise spans a broad range of areas, including strategic management, operations, and customer relations. In this discussion, we explore the crumbling foundation of biometric trust as artificial intelligence makes it easier than ever to spoof identities. Gaietti highlights why the cost of deception has collapsed, the inherent danger of using permanent physical traits as passwords, and how the weakest link in security is often the human element in the help desk. We examine a shift toward layered authentication models where biometrics serve as local keys rather than centralized credentials.
AI has significantly lowered the cost of creating convincing deepfakes using publicly available audio from earnings calls and podcasts; how has this democratization of technology shifted the threat landscape for modern enterprises?
In the very recent past, if an attacker wanted to spoof a biometric signature, they needed highly specialized tools, deep technical expertise, or even physical access to a person’s device to capture usable data. Today, that barrier to entry has essentially vanished because AI has collapsed the cost of producing a convincing spoof to nearly zero. We are no longer just worried about well-funded nation-states with unlimited resources; now, individual hackers and small hacker groups can launch sophisticated impersonation attempts at scale. These attackers utilize widely available AI systems to scrape audio and video from public sources like recorded earnings calls, social media, and podcasts to build synthetic identities. They can generate and refine these fake personas repeatedly until one finally succeeds, allowing them to bypass remote identity checks or trick support systems into resetting high-level accounts.
If voice and face are now considered the highest-risk biometric signals due to their public exposure, how are organizations adapting their onboarding and account recovery processes to compensate?
Organizations are realizing that the face and voice are no longer reliable as standalone proof of identity because people volunteer so much training data through their everyday digital activity. Anyone who has participated in a recorded meeting or a public video has effectively handed over the keys to their identity, as these signals are far easier to reconstruct than something like a fingerprint. As a result, enterprises are moving away from treating a selfie or a voice snippet as a “secret” and are instead moving toward layered models. These models combine the biometric check with other signals, such as device trust, behavioral patterns, and contextual risk scoring, to ensure the person is who they claim to be. This shift is particularly critical for account recovery and financial transactions, where a single cloned voice can currently trick a call center agent into authorizing a fraudulent move.
You’ve mentioned that the “social layer” is often the weakest point in a security system; how do attackers exploit human workflows to bypass even the most advanced technical biometric controls?
Many of the most devastating identity failures don’t happen because an algorithm was technically defeated at the “front door,” but rather because an attacker successfully manipulated an exception path like a help desk workflow or a manual override. If an attacker can use AI-generated audio or video to convince a support staff member that they are a legitimate user who is simply locked out, the biometric control becomes completely irrelevant. We saw a chilling example of this in 2024 when a finance employee in Hong Kong was convinced to transfer roughly $25 million after joining a video call with what appeared to be senior colleagues, including the CFO. The attackers didn’t need to break the biometric encryption; they used AI to manufacture enough trust to defeat the entire business process. It’s a stark reminder that if a human can be pressured or tricked into bypassing a technical check, the biometric system isn’t the real security boundary—the human process is.
Biometrics were originally marketed as a more secure alternative to passwords, but you’ve noted a structural weakness in their permanence. Can you elaborate on the long-term risks of using an identifier that cannot be changed once it is compromised?
This is the fundamental paradox of biometric security: the very thing that makes a fingerprint or a face convenient—the fact that you can’t lose it or forget it—is exactly what makes it a massive liability. A biometric identifier is not a secret in the way a password is, because once a face or voice is captured, synthesized, or replayed, the user cannot simply “reset” their physical features. When a password is breached, you change it and the threat is neutralized, but a compromised biometric signal can persist as a threat across every system that uses that same signal for verification. Enterprises are quietly committing to a permanent privacy and security posture that they cannot walk back, effectively creating a “forever” vulnerability for their employees and customers. If a centralized template database of biometric data is breached, that data remains useful to attackers for the rest of the victim’s life.
As the industry moves toward “passwordless” environments, why is the assumption that biometrics should be the primary factor now being revisited by cybersecurity experts?
While moving away from passwords was absolutely the right move because they are inherently weak and easily guessed, we can no longer assume that biometrics-as-a-primary-factor is the silver bullet we once thought it was. Recent technical testing, including NIST’s biometric programs, has documented meaningful failure rates against presentation attacks in systems that would have passed with flying colors just two years ago. We are seeing production-grade voice biometric systems being bypassed in controlled tests using synthetic audio built from nothing more than publicly available samples. Because of this, the new consensus is that biometrics should not act as the credential itself, but rather as a fixed facsimile bound to a much stronger cryptographic credential. We are seeing a move back to basics where the biometric is just one of many signals, rather than the core pillar of the entire identity architecture.
How does the implementation of passkey-based architectures solve the problem of biometric data traversing networks and being stored in vulnerable centralized databases?
The future of identity assurance lies in keeping the biometric verification local to the user’s specific device, which is the core philosophy behind passkey-based architectures. In this model, your face or fingerprint never traverses a network or gets stored in a central database where it could be leaked; instead, it simply acts as a local “key” to unlock a cryptographic credential stored on the hardware. This means that even if an attacker manages to perfectly spoof your biometric signal, they would still need physical possession of your specific device to gain access to your account. This “something you have” paired with “something you are” creates a much higher barrier for attackers, as it forces them to bridge the gap between digital synthesis and physical theft. By anchoring the identity to a device and a cryptographic key, we can finally treat biometrics as a convenient unlock mechanism rather than a high-stakes secret.
What is your forecast for the future of identity security as AI continues to evolve and deepfakes become even more indistinguishable from reality?
I believe we are entering an era where “seeing is no longer believing,” and as a result, the next five years will see a total retreat from biometrics as a standalone proof of identity. We will see a massive surge in the adoption of “zero-trust” identity frameworks where every single access request is evaluated through a lens of contextual risk, looking at the time of day, the geolocation, the health of the device, and even the micro-patterns of how a user types or moves their mouse. Organizations will likely stop asking “Is this the user’s face?” and start asking “Does this entire session’s behavior match the historical profile of this user?” The human element will also be forced to evolve, with help desks and administrative staff receiving intensive training to recognize the subtle “uncanny valley” indicators of AI, though ultimately, we will have to remove the human “override” capability from the most sensitive workflows entirely to prevent $25 million mistakes from happening again.
