Konstantin Bulatov, the Chief Technology Officer of OCR Studio, has, he says, uncovered a novel use of artificial intelligence that is breaking KYC checks worldwide.
He says the new scheme uses AI bots to mass-produce fake “selfie with ID” images and fire them at KYC verification systems by the thousands.
The article, which you can read here, reveals just how the scheme works.
Here Is How He Says It Works
He says the entire process runs without any human involvement
Step 1 – Harvest Stolen IDs With AI Bots
Bots collect large batches of stolen identity documents, including passports, driver’s licenses and national ID cards, from dark web forums and data breach dumps.
And there is no shortage of identity documents circulating. In 2025 alone, the Connex Credit Union breach exposed government IDs for 172,000 customers. A hacking group called “mydocs” stole up to 160,000 high-resolution ID scans from Italian hotels in Venice and Trieste. And Discord’s third-party vendor breach leaked 70,000 government ID images that users had submitted for age verification.
Step 2 – Find Look-Alikes
For each stolen ID, the AI searches social media and the open web for people with similar facial features. It doesn’t need to find a perfect match. It just needs someone close enough to fool the facial comparison check during verification.
Step 3 – Build A Fake Selfie
The bots stitch the look-alike’s photo together with the stolen ID document into a single composite image. It’s designed to look like a real person holding their own ID card. There’s almost no limit to how many of these the system can generate.
Step 4 – Do Mass Submissions At Many Companies
The bots automatically fire these composites at company verification systems. At scale, even a false acceptance rate of 0.1% becomes a reliable way in. Submit 10,000 fakes, and roughly 10 will pass.
Why AI Is Making KYC Worse
Identity documents have never been so under attack, and two things are really driving it.
First, the supply of stolen identity documents is soaring. And that is because hackers are stealing identity documents in breaches.
AU10TIX (used by TikTok, Uber, and Coinbase) left credentials exposed for over a year, potentially compromising millions of government ID images. Coinbase disclosed that bribed overseas contractors stole ID images from nearly 70,000 customers. DISA Global Solutions, which screens employees for 30% of Fortune 500 companies, suffered a breach affecting 3.3 million people.
With AI, cybercriminals can leverage breached data to attack lenders at scale with real identity cards that won’t flag in some systems.
