For banks, fintech firms, lenders, and payment platforms, the threat no longer sits in the realm of theoretical cybercrime. Deepfake attacks are now reaching the most sensitive parts of digital finance, where facial checks, voice checks, and behavioral verification are used to open accounts and onboard customers.
Indonesia has already seen the cost of this shift. Between the end of 2024 and 2025, there were 274,000 fraud reports with total public losses exceeding Rp6 trillion. The scale of the damage shows how quickly AI-driven impersonation has moved from an emerging risk to a direct financial threat.
The danger lies in how convincing synthetic identities have become. Deepfake technology can closely mimic a person’s face, voice, and even behavior, making it increasingly difficult to separate real users from fabricated ones.
That development matters because digital banking and remote registration have expanded the attack surface. Systems that rely on traditional visual and audio checks are now among the easiest targets, especially when criminals are able to adapt their methods faster than many defenses can be updated.
Verification is no longer optional
The Financial Services Authority has said that liveness verification and real-time anomaly detection now need to be part of daily operations for financial institutions. The agency sees these tools as essential to confirming that a customer’s identity is genuine, even as synthetic identities become more sophisticated.
Indah Iramadhini, Head of the Banking Regulation and Development Department at OJK, conveyed that position at the Expert Lab forum held by AFTECH and ADVANCE.AI in Jakarta. OJK also stressed the need for regulatory guidance that is strict but still flexible enough to allow innovation without compromising public funds.
Old defenses are falling behind
Security systems built on older rules are no longer considered sufficient against manipulated images and audio generated by intelligent algorithms. For fintech companies, financing firms, and payment services, the problem is not a narrow technical issue but an existential operational challenge.
That is why upgrading detection technology is now viewed as a full-system task rather than a simple add-on. Adding another layer to an old model will not be enough if the system cannot recognize the changing patterns of a deepfake attack.
Industry response has to be collective
The same forum outlined four dimensions of industry response, from stronger regulatory signals to the deployment of identity detection technology that has already been tested across the region. ADVANCE.AI also demonstrated an end-to-end verification solution that it says can distinguish real human interaction from digital manipulation in seconds.
Firlie Ganinduto, Secretary General of AFTECH, warned that no single institution can stand alone against the speed at which cyber fraudsters adapt. He said each organization must build a mitigation strategy that fits its own business risk profile and operating context.
The technology exists, but adoption remains the test
Entin Rostini of ADVANCE.AI Indonesia said the technology needed to detect deepfake attacks is already mature. The main challenge now is whether institutions are willing to integrate it across their operations and daily transaction monitoring.
That issue is becoming central as regulators, associations, and technology providers push for closer collaboration. A stronger security framework will be crucial if Indonesia wants to build a more resilient digital economy and reinforce its position as one of Southeast Asia’s leading safe financial infrastructure hubs.
Source: id.mashable.com