Cyber security group MITRE ATLAS has published a case study describing a critical vulnerability in remote Know Your Customer (KYC) identity checks, based on an attack scenario developed by biometric firm iProov's internal Red Team. The exercise, led by iProov Red Team Head Dr Panos Papadopoulos, drew on open-source tools and publicly accessible images. According to the description, the team first gathered identity data and high-definition facial images of targets from online sources. They then used Faceswap, a desktop application that applies generative AI, to create live face-swapped videos. The Red Team next configured Open Broadcaster Software to stream these videos. They added Virtual Camera: Live Assist, an Android app that replaces the phone's default camera feed with an incoming video stream. The app runs on standard, non-rooted Android devices, which reduces the likelihood of detection by basic device integrity checks. During a simulated onboarding session with a financial services application, the team routed the deepfake video feed through the virtual camera into the KYC flow. The system accepted the feed, and the liveness check did not flag the session as suspicious.