The PSD2 Compliance Gap in Biometric Payments and How Liveness Closes It

Biometric payment systems are under increasing pressure from deepfake and spoofing attacks. Group-IB identified 8065 cases during January through August 2025, which involved attempts to use AI-generated deepfake videos to bypass biometric security tests at a financial institution. The attackers did not have to steal a face. They just needed to change the live video feed before the liveness check could happen.

Many biometric payment systems overlook an important issue. The assessment of these systems requires fraud investigators and payments security experts to answer two essential questions. The first question requires determining whether the system can differentiate between authentic human faces and counterfeit facial representations.

The second question requires determining whether verification occurs on the device or after sending the image to a server. The biometric system fails to protect the system when users make incorrect biometric system choices.

What a Biometric Payment System Actually Verifies

Before diving into the layers that protect your transactions, it’s essential to understand what biometric payment systems actually verify and where many fall short.

The Matching Layer vs. the Liveness Layer

The enrollment process functions as the initial step for all biometric payment systems. The user submits a biometric sample, which includes their facial scan, fingerprint, and iris image. The system creates a mathematical template from the biometric sample, which is stored with the user’s account. The system collects a new sample during payment processing and conducts a 1:1 match test. The system grants transaction approval when the match score reaches the required threshold.

The matching process serves as the boundary for most payment system descriptions, which security experts treat as their primary security event. The method protects against multiple security threats, which include stolen credit card information, guessed PIN codes, and phished user credentials. Retailers who implement fingerprint point-of-sale systems experience a 36% decrease in fraudulent activities. The process of matching biometric data requires different steps than the process of verifying whether someone is currently alive. Many biometric payment systems only perform one of these functions.

A facial recognition terminal can be fooled by a printed photograph that shows a user’s face. A video replay can deceive a fingerprint scanner that only checks for movement, but not depth. A silicone mask can deceive face-matching systems that use 2D texture analysis for identification. The methods are referred to as presentation attacks. The attackers use physical or digital reproductions to simulate a live person, which enables them to access systems without needing to copy the account holder’s appearance.

Liveness detection serves as the method that identifies real biometric samples and their corresponding fake counterparts. The process assesses the sample against the enrolled template while it specifically checks for proof that the sample originated from a living person at the time of collection. The system uses depth cues together with blood flow micro-movements and sub-pixel skin texture analysis, and special lighting patterns that flat photographs and replayed videos cannot reproduce. A biometric payment system that lacks this capability has no means to distinguish between the actual account holder and a high-quality replica.

The Attack Surface Biometric Matching Alone Cannot Close

Presentation Attacks

Presentation attacks involve placing a physical or digital reproduction in front of a sensor. The first case shows a printed photo that operates as a facial recognition terminal input. The second case demonstrates a silicone fingerprint cast, which functions as a fingerprint scanner input. The third case shows a user video that operates as a second-screen input. The sensor detects an object that seems to be a legitimate input. The matching algorithm processes this input and authorizes the transaction.

Injection Attacks

Injection attacks are becoming more common and harder to detect. In this type of attack, instead of tricking the camera, the attacker intercepts the data sent between the camera and the authentication server. They then insert fake media that was created by AI directly into the stream. The camera does not see anything unusual. This creates a problem for server-side liveness checks. If a system only looks for liveness after receiving the image at the server, it cannot spot an attack that replaces the image before it is sent. A client-side SDK solves this problem by protecting the camera on the device itself. It can catch any virtual camera replacements before the image leaves the device.

Deepfake-as-a-Service

The economics of biometric fraud have changed. Custom deepfake images can be created at a cheap rate. Data from the Washington & Lee Law Review (2025) indicates that deepfake attacks on biometric systems occurred every five minutes in 2024, making up 40% of all biometric fraud worldwide that year.

PSD2, SCA, and What the Inherence Factor Actually Requires

Two-Factor Authentication and Dynamic Linking

The Strong Customer Authentication (SCA) requirements of PSD2 mandate payment service providers in the European Union and the United Kingdom to use two separate authentication methods, which include three types of authentication: knowledge, which requires knowledge only the user possesses, possession, which requires physical items only the user owns, and inherence, which requires physical traits specific to the user. Biometrics satisfy inherence. The two-factor authentication requirement gets fulfilled through biometric authentication together with a banking application that operates on a user’s registered smartphone device, according to the SCA compliance guide developed by Ping Identity. The regulation requires a biometric factor that demonstrates that a live individual currently possesses the physical feature that needs to be verified, while a template match fails to fulfill this requirement.

The Certification Standard PSD2-Compliant Liveness Must Meet The highest commercial certification under ISO/IEC 30107-3 PAD is iBeta Level 2. The certification verifies that a liveness detection system successfully detects all spoofing methods, including structured spoofing, printed photos and video replays, and 3D masks, which were evaluated in controlled testing environments. The Attack Presentation Classification Error Rate (APCER) functions as the primary performance metric for this system. The APCER test shows no successful spoofing attempts when the results show an APCER value of 0%. The organization provides this evidence to support vendor evaluations. A liveness system that does not have this certification has not undergone testing for the various attack methods that its marketing materials claim to detect.

Step-Up Authentication: Protecting the Highest-Risk Transaction Moment

The procedure of biometric verification during enrollment establishes a system that stops fraudsters from opening new accounts using false identities, but lacks the ability to identify credential theft. The system fails to protect against attackers who use valid credentials stolen through methods such as credential theft, SIM swapping, and session hijacking. The initial biometric authentication process shows valid results because the attacker uses stolen credentials to execute a fraudulent transfer during an active session, which had received original authentication.

When a user initiates a high-value transfer or changes payee details, the system triggers a fresh liveness check. This is step-up authentication, and it is how PSD2’s dynamic linking requirement gets fulfilled at the transaction layer. The user does not need to log out and back in. They simply complete a biometric verification that matches the enrolled account holder. If they fail, the transaction is blocked, protecting against attackers who have gained session access through a stolen token.

 The transaction-specific authorization code that each step-up event produces establishes both the transaction amount and the payee information while fulfilling the dynamic linking requirement of PSD2 regulations. A Research reported that new account fraud losses in the U.S. reached $6.2 billion in 2024.

How Facia Secures Biometric Payment Authorization

Facia’s pay-with-face capability places a certified liveness check at the transaction confirmation step, not just at login. It holds iBeta Level 2 compliance under ISO 30107-3 PAD with 0% APCER on both Android and iOS , zero successful presentation attacks in the entire test battery, completing in under one second with a sub-1% false rejection rate (FRR).

At iBeta Level 1 PAD testing, its false acceptance rate (FAR) is 1-in-100-million. For static workflows where a live camera feed is impractical, Single Image Liveness achieves 98.8% accuracy from a single still frame, a separate capability from the core 3D liveness check.

The SDK operates client-side, securing the camera at the device and intercepting virtual camera substitutions before a frame is transmitted, closing the injection attack surface that server-side-only liveness cannot address. 

For injection attacks at the session layer, Facia’s deepfake detection engine Morpheus 2.0 provides frame-level detection. The in-house modern dataset result is 89.01%, stress-testing against current generative AI tools, including GetImg and Dream, that legacy benchmarks do not cover. 

Facia holds iBeta Level 2 / ISO 30107-3 PAD compliance, has been evaluated in NIST’s Face Recognition Vendor Test (FRVT), a third-party performance benchmark distinct from iBeta certification, and holds GDPR, CCPA, and ICAO compliance. On-premises deployment is available for institutions with data residency requirements.

Make Biometric Payments Safe with Facia. See It in Action. Book a Demo today.