How we stopped a deepfake voice bypass in our auth flow (and the 3-step active provenance loop…
A customer support system detected a sophisticated synthetic voice attempting to bypass biometric security, prompting a shift from passive detection to active provenance verification.
- Incident date
- May 2026
- Target
- unspecified customer
In May 2026, a customer support system flagged a sophisticated synthetic voice attempting to bypass a biometric security check. Traditional passive listening methods failed entirely, highlighting the need to rethink digital provenance and content watermarking.
What happened
Instead of relying on standard deepfake detection solutions that analyze audio or video files for artifacts, the organization implemented a 3-step active provenance loop. This involved challenging the client environment to prove its cryptographic authenticity. The steps included sending a mathematically generated, inaudible high-frequency "jitter" pattern to the client's speaker and checking for its reflection in the inbound audio, requiring client applications to sign audio packets using the C2PA standard, and performing a local spectral phase check to analyze phase alignment of consonants.