Entrust launches biometrics to curb AI account takeover

Entrust has launched a biometric authentication product aimed at reducing account takeover by extending a verified identity across subsequent account interactions.

The launch comes as businesses face rising fraud linked to artificial intelligence. Entrust cited data showing that one in five biometric fraud attempts now involves AI-generated deepfakes. It also said global businesses lose an average of 7.7% of annual revenue to fraud, with account takeover accounting for nearly one-third of those losses.

Beyond login

Rather than focusing only on login, the new product targets a wider range of moments when attackers may try to seize control of an account. These include account recovery, device changes and large transactions, when firms often need stronger checks to confirm that the person making the request is the legitimate account holder.

Entrust's approach links biometric authentication to the identity established when a user first enrols. That verified identity can then be used across different access points and interactions, allowing organisations to adjust the level of authentication according to risk.

The product combines biometric identity verification with adaptive, risk-based authentication. In practice, this allows a business to apply different methods depending on the context of a request, rather than relying on passwords, one-time passcodes or security questions for every interaction.

Three methods

The product includes three authentication methods for different scenarios. Biometric passkeys are intended for higher-risk moments by tying authentication to a verified human identity, while face authentication is aimed at routine checks and step-up authentication.

The third method, motion authentication, is designed for higher-assurance cases in which firms want stronger protection against deepfake, replay and injection attacks. Entrust said the liveness detection used in this part of the system conforms to ISO 30107-3 PAD Level 1 and Level 2 and has been independently tested by iBeta Quality Assurance.

Entrust is positioning the launch as an alternative to what it described as a fragmented market, in which onboarding, authentication and fraud prevention are often handled by separate tools. It argues that keeping those functions disconnected can make it harder for organisations to apply a consistent standard of identity assurance across the life of a customer account.

For companies handling sensitive customer activity, the pitch is partly about reducing operational friction as well as fraud. The system is intended to lower the number of lockouts caused by password and one-time passcode failures, while also cutting manual reviews and support calls through self-service authentication.

Market shift

Mike Baxter, Chief Technology & Product Officer, Entrust, said the shift in attacker behaviour means businesses need to rethink how authentication works. "Too many organizations are treating authentication as a login problem, but attackers have already moved beyond access," said Mike Baxter, Chief Technology & Product Officer, Entrust. "Preventing account takeover in the age of AI requires confirming the person behind every interaction. Entrust helps organizations apply the right level of assurance at the right moments while delivering secure, low-friction experiences."

The launch reflects a broader shift in the identity and security market as vendors respond to the spread of generative AI tools that can create synthetic voices, images and video. That has increased pressure on businesses in sectors such as financial services, telecoms and digital platforms to strengthen checks beyond sign-in, especially when a customer wants to reset credentials, switch devices or authorise a large payment.

Identity assurance

Biometric checks have become a central part of that response, though they also face scrutiny over spoofing and privacy risks. Suppliers have increasingly emphasised liveness detection and adaptive controls to show that a face match or device-based credential alone may not be sufficient when the risk of manipulation is higher.

Entrust said the product is available now and can provide a consistent, auditable approach to identity assurance across the user lifecycle. The company operates in more than 150 countries through a global partner network.