In The Arena by TechArena - Microblink’s Radu Tudoran on AI-Driven Identity Fraud
Episode Date: May 15, 2026Microblink VP Radu Tudoran explores how AI-driven deepfakes are reshaping identity fraud, why enterprises must rethink security, and how AI fights back....
Transcript
Discussion (0)
Welcome to Tech Arena, featuring authentic discussions between tech's leading innovators and our host, Alison Klein.
Now, let's step into the arena.
Welcome in the arena. My name is Allison Klein, and today I am delighted to be joined by Radhu Tutoran, VP of Engineering at MicroBlake.
Radu, welcome to the program.
Thank you very much for the invitation. I'm more than happy to be here and chat with you.
The topic today is identity, be verified.
and manifestations within that with AI.
But can you just quickly talk about your role
as VP of Engineering at MicroBlink,
introduce MicroBlink,
because this is the first time you've been on the program,
and provide some broader context for your background in this space.
You've spent five years working in this very space.
What perspective has it given you on how fast fraud tactics evolve?
Sure, happy to do so.
So MicroBlink is one of the leading identity verification.
providers out there.
We are powering billions of checks actually per year,
so quite massive numbers in terms of document processing and extraction and
verification and all the different aspects that are related to knowing your customer
and identifying the humans.
My role as a VP of Engineering with MicroBlink is actually to lead the engineering department,
which basically focuses both on keeping up, as you well said, with the latest technologies
and developing our fraud protection mechanism in order to be able to fight all these different
fraud elements that are being created day by day, but in the same time to provide reliable
services to our customers in order for them to be able to operate at scale and in a
reliable manner. And about my journey in the space, as you have said, I spent more than five years now
in the identity verification. I also worked for some years before into the payment or banking,
transaction monitoring, and several years in general in data processing and cloud services and
everything related to that, which I think it's a good combination. Being the enterprise fatness and reliability,
into this space.
Now, I think everybody is living day by day in the transition from traditional document fraud
to AI-generated impersonation and deepfakes.
And my social feeds are filled with deep-fake contents all the time.
When you look at this from your lens, what feels fundamentally different about the fraud
landscape today compared to even two or three years ago?
Yes.
There has been, you can even say, some sort of a revolution with the generative aspects.
So it affects just like it affects a lot of aspects of our daily life, the capabilities of these generative models.
But specifically into the fraud space, two aspects have fundamentally changed over the last two or three years.
One aspect is the fact that these models are now accessible to everyone.
So what that actually means is that the entry level, so to say, for fraudsters, has greatly been reduced.
They don't need to put upfront investment.
They don't need specialized equipment.
They can start actually doing identity fraud, even from the perspective of having just a simple laptop and using some of these powerful tools.
and how powerful these tools become is actually the second aspect
because if you look at the models and the model performances
over the last two or three years, things became more and more realistic.
If let's say maybe at the beginning you got something that was easy for the eye
to spot that, okay, this is AI generated or this is not really a human face
or this is a silly drawing of a document, so to say,
those things are not valid anymore today.
In fact, humans are actually now way worse than machines
to realize that this is something that is actually deep fake
or entirely generated.
The biggest implication that is brought into the identity verification industry
is that if you look at the broader space,
several years ago, a lot of the players started or even today they are offering solutions
where they say, look, we have a mixture where we have some trained humans that are going to
check these documents for you and based on their expertise, we can guarantee to you that we do
a thorough verification. Okay, that's cool. But what if now humans cannot visually make any
differentiation between what is real and what is fraud. How is that going to now protect us as an
industry? So clearly this generative evolution that is basically unfolding in front of us
is actually driving also changes in the identity verification space where you now do need to lean
on machines. You do need to lean on AI models and just on AI models in order to
basically be able to protect against this kind of attacks and deepfakes and be able to
differentiate between what is real and what is not.
Now, when we look at generative AI, you know, I think that there's some things that we need
to look at just to break it down. There are some synthetic identities being created,
alternate documents being created, real-time impersonations being created.
how do you see the democratization of AI changing the threat model for businesses?
And is it just putting the most powerful tools in the hands of a exponential number of bad actors?
Clearly, this later part that you mentioned is happening.
These tools are available to everyone.
And there is little control that exists, at least today,
in what people will actually end up using this.
models for. And all the three aspects that you mentioned are happening today and we see almost every
week at least an article of one fraud pattern that became well known in either of those directions.
As you said very well, you can have people that just want to do impersonation attacks.
The only thing that they need is one single picture of their target, which takes.
Typically, they can get from the internet, from the company page, if they are targeting a specific business, from LinkedIn or from, I know, Facebook or wherever people are putting images.
So with that image alone, they can now start impersonating, even within videos, that person.
So to do basically face more thing, they can also synthesize sound if they want to go.
for something even more realistic and try basically a real-time impersonation of that person.
If they want to do something offline where they are recording a video,
again, we have all seen in the news and on the internet,
plenty of these videos that are actually looking quite real,
that if you have enough time to process and refine those videos, those tools exist.
and what you mention actually
and what is quite scary is that
now also from this image
that maybe before it was mostly about creating
some sort of video where faces were more
for someone was saying something
but now you can actually take that page
and also start altering documents
and the altering the generative capabilities
of creating these synthetic documents
whether you're just trying to replicate the real one or, as you well said, creating a whole new synthetic identity,
this again becomes very real because people start from templates that exist on the darknet or even from real samples or whatever they can get their hands on
and start applying these powerful models to actually create the type of templates and the text that you mentioned.
So all these different thread aspects become real and all of them become real for pretty much any type of business.
So there is no single business that says, okay, I cannot be attacked or I am not of interest to these fraudsters.
So the need for real good protection becomes even more relevant today because of these things.
So when you look at that, the interesting interplay here is that AI is the foundational.
tool that bad actors are tapping to advance their capabilities.
An AI is the foundational tool to identify the fraud.
How do you see the arms race between offensive and defensive AI in this space right now?
Unfortunately, the fraudsters had the head start.
I would say in the sense that if you look at public statistics, for example, last year,
So in 2025, the deep fake attacks had a 244% increase compared to the previous year.
So as an unfortunate situation is that Froster started already exploit this to the maximum capabilities,
and they are using this already enough or more than a year, if not for the last two years plus.
Now, in terms of the defensive parts, stopping them, I think the industry, or at least a couple of players in the industry started to realize the seriousness of the situation and started to change.
If you want, the approaches and the layers that they are offering their customers as a mechanism, stop this kind of frauds.
But that is not actually the case for everyone.
if by chance anyone has looked at the blog post, for example, that MicroBlink is doing,
there was a DHS, so Department of Homeland Security did a benchmark evaluation a couple of weeks ago.
And almost half of the players out there are actually having terrible performance
and something that is not reliable in terms of offering any protection.
And the reason why this is actually the case is that simply the type of protections that you are building
or that maybe you have built a couple of years ago might not be relevant anymore today.
Just to give you one example, you measure, for example, the impersonation, that face impersonation,
someone takes a picture and tries to morph and pretend it's someone else.
Now, I'm sure you have also seen maybe even the audience has gone through such a flow
where you are now doing the biometric verification and you are being asked to say,
okay, move your head or smile or look to the left or to the right or upwards and the like.
That is a good example of how we looked as a protection mechanism some years ago
where the fact that you could do live such a challenge was
the protection or the proof that you are human and that you are real, because the industry did not
encounter the possibility of impersonating things in real time. However, that is not the case anymore,
as you have said very well earlier. You can now actually impersonate that any face in real time
and do whatever challenges. So if that's the whole protection, so to say, obviously that becomes
almost useless or very easy to bypass.
Now, when you think about the frequency of deep-pake attacks,
what do you think the readiness is an enterprise right now for these types of scenarios?
And if you look at, you know, is this a C-change adjustment or is it an incremental adjustment
to managing threat vectors?
What does an enterprise need to do to get ready for this new reality?
I would say that the first thing is to realize that if they didn't assess or re-evaluated their protection mechanism for some years,
I strongly encourage everyone to do a test, just like, for example, for many of the security or cyber security practices,
for example, you do a penetration test every year just to make sure that whatever you have in place is irrelevant against,
today's threat, I would apply the same mental model, for example, also in the identity
verification and deep space, because just like we discussed, the evolutions and sophistication
of these attacks increases. And now if someone is using outdated protection, it's not a matter
of, okay, can someone bypass? It's more of a matter of when that will happen. And this is actually
As sad as that sound, this is actually the moment today when most of the enterprises start to realize that, hey, maybe our protections are not necessarily the best or the latest one that they should be when they are actually being hit by a fraud ring or by a large-scale attack or by some deepfakes that creates big damages.
Unfortunately, many enterprises are still highly reactive rather than being proactive into this,
and they end up looking for proper solutions relevant for today, again, just when something that has already happened.
Now, as you look at that landscape, what are the current limitations and capabilities to actually fight this fraud?
And where do you see microblank playing a role here?
If we play again what is happening is on the fraudster side,
and you can already see a bit of a hint of where a good differentiation of microblin
compared to the others is that we have actually a really good understanding of
how fraud patterns are being created as a first step for us to build the tools to actually stop them.
So again, starting from the fraudster side,
they will actually end up testing multiple hypotheses, multiple templates until they get one right.
Now, this is also related to one of your questions earlier of what has changed.
Maybe in the past, the fact that you had, let's say, one identity that was able to bypass whatever security systems that were in place did not necessarily translate into a large scale.
attack because, okay, you have just one sample. But today now once you have that one sample
that can actually serve as a template and then these frosters will replicate in the thousands.
They will make small modification from that. Maybe changing the name, maybe changing slightly
the face, maybe just changing the shadowing or the lightning on that. And then out of the sudden,
you don't have just one thing that you miss. You have 10,000 things that. You have 10,000 things
that you miss from one day to another.
And this is where actually the critical aspect
that comes as an implication on the defense side
is how fast are you able to understand this
and how fast are you able to react
that is if by any chance you were not able to prevent it in the first place.
And for example, microblein,
one of the things that we are extremely proud of
is that we created what we call internally
a fraud lab that actually has the mission to study these patterns again because we want to be
proactive we want to understand them before they hit our customers and we want to be able to build
those models and adopt existing models in order to be able to protect against whatever new
type of invention of a fraud pattern exists out there and again it's all about the speed okay one
you realize that there is a new, even, for example, a new model is being released.
If you move from a Gemini 2.5 to a Gemini tree or the like, everything changes, the capabilities
change, the patterns, the way images are being created, all changes.
So are you able to now generalize and protect against that or whatever you have built
six months ago as a protection becomes suddenly irrelevant?
That's the kind of continuous work that we are doing in order to keep the models and the protection layer, the flood protection layers up to date always.
Now, from an infrastructure standpoint, how should companies rethink workflows to remain resilient?
And what does that mean in terms of the underlying infrastructure requirements to fuel the fire here?
I would start from my previous point about the reaction time because that is critical.
Because again, if we start from my earlier example that in a 24 or 48 hour time span,
a frost-ring can create thousands of identities or fake identities.
Now, if you take two days to update anything, you already have let in
thousands of fake accounts, for example, or fake users and the like,
and depending on what they can do afterwards,
that can actually cost a lot, certain businesses.
So the way I recommend, for example, our customers
to look at their infrastructure is actually starting from this reaction time
in the sense that if by any chance they don't have the best or the fastest
or the most modern practices in deploying new things, updating changes,
have some sort of continuous deployment and stuff like that.
It's much easier, for example, to use either cloud-like services
or some combinations of mechanisms between in-house things and external
in order to be able to scale, not only in terms of coping with whatever workload
that they need to support for their customers, but also in terms of reaction time.
So there is a certain need for speed that needs to be taken into account, let's say, in addition
to the more traditional aspects of, okay, this is the peak demand that I need to scale, this is
the auto-scaling strategy that I have, this is how my infrastructure is going to support that load.
So that is one dimension extra.
Now, one of the things that I wanted to ask you, Radu,
and I haven't really talked about my feelings on this up to this point,
is that this is very terrifying for individuals too.
And I guess one question that I would have for you is,
as we look at this landscape and we think about identity theft
being something that is much more sophisticated and much more pressing right now,
what would you say for individuals who are considering this space
And is there anything that individuals can do to protect themselves?
From the individual perspective, I would say there are at least two dimensions.
First of all, everyone should be very careful what websites and what tools they are using
because you see every day at least some data breach here and there.
And you cannot predict who actually will go in such a situation,
but it's always a good idea to be careful.
But more importantly, if we look also forward in how our world transforms and we didn't actually touch much about the whole agentic space, for example, e-commerce and all those aspects.
That I would say adds even on the additional dimension on top of what you have said, because now if you also have agents that potentially impersonate or act on behalf of certain users or certain humans,
I do believe that the core aspect that we should try to push the industry and the enterprises to use
is to give actually a full control to the humans, to the individuals over both their identities,
as well as the agents as they are coming.
So what I'm basically trying to say is that if you look, for example, in things such as on-device identity,
on-device verification where, okay, you have now your phone, it's physical, your identity stays here,
the verification is actually happening here, and maybe you do not need to provide to the e-commerce
website your full identity and every details and everything.
Maybe you just need to, for example, have something that is trusted to say, look, I'm over 21,
I can buy, for example, a wine.
You don't need to share more than what is actually needed.
Those kind of elements could be done, for example, more on device.
And the implicit question is, okay, why is that not happening then if that would be a much better situation?
And the reality is that, again, it's some sort of a legacy from the industry
because actually besides microblink, most of the players rely,
only on cloud solution so they cannot do on-device verification.
So there was just not enough offering, so to say, to the enterprise is to move the identity
verification on device or to give human control over it.
And this is where I'm going next also in terms of know your agent that now is we want to
have also agents that act, for example, for e-commerce on behalf of the human.
you absolutely need some sort of an operating system.
So to say in which the humans are in charge of their identity,
of the association with the agent,
and are having the ability to empower the agents
or to actually cut the association
and basically cut any access to that agent
because otherwise everything becomes available to everyone
and then you will have also agents that act maliciously,
and the whole thing will take a very dark turn very quickly.
Now, finally, for executives navigating this new AI-driven risk environment,
what mindset shift is most important right now to avoid being reactive rather than strategic?
I would say they do need to rethink their solutions.
And as mentioned briefly a bit earlier,
If they didn't look at things for several years, they might want to at least do some sort of health check, so to say, of how relevant are their current protection mechanism.
But the most important is to not be in a mindset to think that, okay, if by chance no such deep fake attack or thawdering has targeted us for the last couple of years, it will not happen.
That would be, I would say, the worst mentality.
And then if that is changing, then executives can actually take a proactive mentality to start
thinking that, okay, if I accept that there is a certain high-level threat out there,
I can start acting now rather than when it is too late.
Well, Rado, it's been a wonderful conversation on a very important topic in the world of computing
and our society.
and I really am happy that you and others at MicroBlink and others in the community are working on this incredible challenge because it's so important both to business and to individuals.
I'm sure that the folks who are listening online are going to be intrigued by what we've talked about today.
Where would you send them to engage with you and learn more about what you and your team are delivering in this space?
We try to have quite regular communication, either, for example, on our website, MacCobling.com, you can see our blog post.
We typically do quite regular benchmarks or give insights from the industry, and those type of communication also are typically shared on LinkedIn.
So depending on people's preferences, there is one way or the other where they can actually reach out, was read the last,
the latest insights and also learn about the latest protection mechanism that we are putting out there.
Awesome. Well, thank you so much, Radu, for the time. I'd love to have you back on the show again
sometime soon. Thank you. Happy to be here anytime. Thanks for joining Tech Arena.
Subscribe and engage at our website, Techorina.a.i. All content is copyright by Tech Arena.