CardLab discusses the solutions businesses should consider to ensure they can reap the benefits of AI while overcoming the safety and security challenges that come with it.
Artificial intelligence (AI) is here to stay, has proven highly effective in the pursuit of efficiency, and is being implemented in many areas of society. It has definitely been a great help in getting an overview of large amounts of data and creating fairly reliable workflows, statistics, predictions, and diagnostics for use in everyday life, both personal and professional.
With the simultaneous advent of supercomputers and quantum computing, technological development will proceed at an unprecedented rate, bringing improvements to our lives that were perhaps unimaginable just a few years ago. However, the flip side is that these technologies are not just for those who use them responsibly; they can also be used for malicious purposes.
In this article, we explore both sides of the coin and present some of CardLab’s recommended ways to leverage the benefits of AI and gain the greatest possible protection against malicious use of AI.
Understand the benefits of AI
According to a study conducted by Stanford University, AI business in the United States will increase approximately six times by 2030, contributing a net 21% increase to the U.S. GDP at the same time. This shows that AI can significantly contribute to the overall wealth of society.
As we can see, this seems to be a general trend worldwide. Research conducted by Stanford HAI, PwC, McKensey, and others further explores the trend toward absolute increases in productivity, wealth, and other benefit potential, as well as productivity gains.
Concerns about AI utilization
Alongside the increased use of AI, a major concern among consumers is its potential to perpetuate the spread of misinformation. More than 75% of consumers are concerned about the impact AI will have on their ability to trust information on the internet. If you look at photos on the internet and social media, you’ll see that this concern is completely justified, as up to 60% of social media content is generated by AI.
It was once said that in love and war, truth is the first victim. Maybe we need to change this to “In AI, love, and war, truth is the first victim.” In CardLab’s view, this doesn’t have to be the case, but according to analysis by LexisNexis Risk Solutions, theft using synthetic identities currently accounts for 11% of all reported fraud, making it the fastest growing type of fraud worldwide.
An eight-fold increase in synthetic identity fraud in 2025 indicates a shift in fraudster tactics, according to the data analytics firm’s latest cybercrime report. Fraudsters also value return on investment, and a change in strategy that invests time in learning technologies such as generative AI to create sophisticated synthetic identities is an investment in gaining access to today’s most valuable asset: data.
Solutions to make AI safer and more secure
Artificially created synthetic IDs can be combined and blended with real ID details from various stolen IDs, or simply create a fake ID from high-resolution photos or snippets of audio. Despite advances in presentation attack detection systems, including deepfake detection, thwarting such attacks has proven complex. After CardLab worked with several high-level companies in the industry, it became clear that the main cause of the problem was the shift to fully digital solutions, all based on mathematical logic algorithms.
One of our partners said: “Everything created by logic can also be destroyed by logic.” With the immense power of supercomputers and quantum computers, the speed at which encryption can be broken is astonishing. CardLab has been providing security to the digital world for years by blending online and offline solutions to defy mathematical logic and introduce strategies to ensure data validity. This means users can trust the identity, information, or data as real and not generated by AI.
Card Lab biometric authentication system
In a world where data is becoming increasingly important and valuable, CardLab offers solutions that enable data and identity exposure in the form of biometric cards with data storage capacity and user fingerprint recognition. This gives GDPR a whole new dimension, giving users control over their own data and when it is made public, and ensuring that no one else can access it without your authorization in the form of a fingerprint on a card. The advantages are:
Important biometric data is not stored centrally, which risks data loss in case of hacking. Tokenized identities and transactions are resistant to “man-in-the-middle” attacks. Multi-factor authentication takes a fraction of the time compared to traditional MFA solutions. Facility management and IT management can be handled on the same card and platform.
CardLab’s experience shows that using online devices is no longer safe for advanced security operations, as hackers can easily access the communications layer of most devices via malware, spyware, or other advanced intrusion tools. We recently saw Anthropic’s Frontier model capable of carrying out multi-stage cyberattacks that previously required days of human effort, and the AI model was shown to autonomously complete a complete corporate network penetration, from initial reconnaissance to full takeover.
This does not mean that AI tools and online devices should not be used, but businesses and individuals should assess their risk appetite and decide which security tools to deploy. If data loss doesn’t affect your life or business, a fully online setup is fine, but as soon as you have valuable data, you should start thinking about what security tools you need to implement. The main causes of data breaches are still lost, stolen, or misused passwords, and human error during the authentication process.
The solution created by CardLab is to move away from the use of traditional passwords and instead use biometric tokenized physical and digital access to protect both identity and data, but, crucially, prevent intruders from gaining access to critical data and infrastructure. CardLab’s system is FIDO certified on both the passkey and server side.
While some might argue that many companies already use biometric access by utilizing central fingerprint scanners, facial scanners, or other similar methods, they all rely on central databases, online connections, and templates created and transmitted over the phone or inside the company’s access management system, making them prone to hacking. With the rise of synthetic fraud, this is exactly what is happening. With online access management systems, there is no certainty that an authorized user has gained entry.
Even when using biometrics on offline devices, generating static data when a fingerprint is approved still presents an attack vector. This is because a “man-in-the-middle” attack is possible, which captures static data by eavesdropping on the reader or skimming the entire system. However, the first step in security is achieved by validating the identity offline from the hacker space. This means your biometric data is protected. However, if the data generated is static, it can lead to abuse and fraud. Additionally, the risk of synthetic fraud has been shown to be significant when access control is based on central fingerprint, voice, facial, vein, or other types of access within connected systems, especially when there is interesting data within the system.
CardLab has chosen to provide the ultimate security umbrella for digital and physical systems by providing a complete authentication system that includes the following key elements to fully protect authenticated users:
Offline biometric ID verification on biometric cards with fingerprint sensors. Tokenization of identity after the user is biometrically authenticated. Validate tokens and other gate requirements in the authentication system before access to the operating system is granted.
To keep a company’s digital life safe, it’s important to ensure that only legitimate users have access, and that only those with authorized privileges can make changes to IT systems, perform updates, or initiate encryption (commonly seen in ransomware attacks). It is recommended that such changes be made only by an authorized person who initiates the process. This can be ensured using the CardLab biometric platform combined with strict corporate IT policies. To overcome the looming threat of AI-assisted attacks, we found that taking at least the following precautions has a significant positive impact on synthetic fraud prevention:
Ensure identity verification through offline biometric authentication. Stop using static passwords and change to dynamic passwords, FIDO, or tokenized access. Once KYC is performed, we issue an offline biometric tool to lock your identity to your KYC document. Eliminate online identity verification methods. It decentralizes sensitive data (i.e. fingerprints, personal data, etc.) and puts it under the complete control of the user, so that companies do not need to hold it.
KYC/AML requirements are strict in many respects, but with synthetic fraud on the rise, it becomes a complete waste of time and money unless the person being checked at the end of the KYC process is locked into the data provided. In CardLab’s system, this is done by issuing a biometric card, which requires users to register their fingerprints as the last part of the KYC process. If this is not done, no one can be sure that the person on the other end is a real person the moment they leave the office, as identities can be easily forged or impersonated with the help of AI. Biometric cards that authenticate users offline and turn them into a tokenized ID once their identity is verified ensure that they are transacting with the right person, as a token cannot be generated without a valid fingerprint from a living finger. The positive outcome is that there is no longer a need for a KYC process elsewhere, as the KYC process is carried out and the person is the holder of the biometric card, so other parties recognize this to be true.
As a service, CardLab helps companies assess their risk profile, learn how best to mitigate risk, and in most cases obtain the best solution that can fit directly into a company or organization’s existing infrastructure without extensive implementation efforts. From the beginning, CardLab’s solutions should be user-friendly, convenient, secure and provide users with the best physical and digital protection. This means that the solution has scalable security levels to suit your specific needs and security requirements, but always with the following objectives: Protect the world’s most important data: your data.
Please note: This is a commercial profile
This article will also be published in the quarterly magazine issue 26.
Source link
