Vitalik's new article: Security challenges in the age of deepfakes
TechFlow Selected TechFlow Selected
Vitalik's new article: Security challenges in the age of deepfakes
In the era of deepfakes, effective security strategies and authentication methods are crucial.
Navigating Web3 tides with focused insightsAuthor: Vitalik
Translation: BlockBeats
Editor's Note:
On February 4, a finance worker at a multinational company was tricked into transferring $25 million during a video conference call, where scammers used deepfake technology to impersonate the company’s CFO. Initially, the employee suspected a phishing email after receiving a message allegedly from the CFO in the UK about a secret transaction. However, after the video call, the employee dropped their initial concerns because everyone present appeared and sounded like colleagues they knew—though in reality, all were AI-generated deepfakes.
In response, Vitalik argues that encryption alone cannot solve everything. He suggests leveraging information rooted in human memory by incorporating security questions into workflows alongside other protective layers. Yet he also acknowledges that while security questions are useful, they currently lack sufficient user-friendliness.
The original article is translated as follows:
Special thanks to Hudson Jameson, OfficerCIA, and samczsun for feedback and review.
A recent article has been circulating about a company losing $25 million when a finance employee transferred funds to a scammer impersonating the CFO via an extremely convincing deepfake video call.
Recently, deepfake technology—AI-generated fake audio and video—has become increasingly common in the cryptocurrency space and beyond. Over the past few months, my own deepfakes have been used to promote various scams and dog coins. The quality of deepfakes is improving rapidly; while those from 2020 were very poor, recent ones are becoming harder to distinguish. People familiar with me can still tell the dog coin videos are fake because I say "let's f***ing go," whereas I only use "LFG" (looking for group), but someone who has only heard my voice briefly might easily be fooled.
When I mentioned this $25 million theft to security experts, they unanimously viewed it as an unusually embarrassing failure of corporate operational security on multiple levels. Standard practice would require multiple layers of approval before authorizing any transfer near that amount. Yet one fact remains: as of 2024, a person's audio or even live video stream is no longer a secure way to verify identity.
This raises the question: what *is* a secure method of identity verification?
Relying solely on cryptographic methods doesn't solve the problem
Securely verifying people's identities is important for many individuals across many scenarios: individuals needing to recover their multisig or social recovery wallets, businesses approving commercial transactions, individuals authorizing large personal transactions (e.g., investing in startups, buying property, sending remittances), whether using crypto or fiat, and even family members needing to authenticate each other during emergencies. Therefore, we need robust solutions capable of functioning in the emerging era of deepfake video.
In crypto circles, a common answer I hear is: “You can prove your identity by providing a cryptographic signature over the address of your ENS / Proof of Humanity profile / public PGP key.” This sounds appealing. But it completely overlooks why involving others in signing transactions is useful. Suppose you represent an individual user with a personal multisig wallet, and you’re submitting a transaction requiring co-signer approval. Under what conditions would they approve? Only when they’re confident you are genuinely the intended sender. If they suspect the requester is a hacker who stole your keys—or worse, a kidnapper—they will not approve. In enterprise settings, there are often more defense layers, but attackers could still impersonate managers not just in final requests but earlier stages of the approval process. They might even hijack legitimate ongoing requests by providing incorrect addresses.
Thus, in many cases, allowing other signers to accept your key-based signature as proof that “you are you” defeats the entire purpose: it reduces the contract to a 1-of-1 multisig, where stealing your single key is enough to steal all funds!
This leads us to a solution that actually makes practical sense: security questions.
Security Questions
Suppose someone messages you claiming to be your friend某某, using an account you’ve never seen before, saying they lost all their devices. How do you confirm it’s really them?
There’s an obvious answer: ask something only they would know, which should satisfy the following criteria:
-
Something you know
-
Something you expect them to remember
-
Something the internet does not know
-
Something hard to guess
-
Ideally, something even those who breached corporate or government databases wouldn’t know
Naturally, ask about shared experiences, such as:
-
Which restaurant did we have dinner at the last time we met, and what did you eat?
-
Which of our friends made a joke about an ancient politician? Who was the politician?
-
Did you dislike the movie we recently watched?
-
Last week, you suggested I talk to某某to see if they could help us with our XXX research?
Real examples of security questions recently used to verify my identity
The more unique your questions, the better. Questions that sit right at the edge—where the person needs to think for a few seconds or might even forget—are ideal. But if the person claims to have forgotten, always follow up with three more questions. Asking about micro-details (what someone likes/dislikes, specific jokes) is generally better than macro-details, since the former are harder for third parties to accidentally uncover. For example, even if only one person posted a photo of dinner on Instagram, modern LLMs might quickly extract and provide the location in real time. If your question has only a few plausible answers, add another question to increase entropy.
If security questions feel dull or burdensome, people will abandon the practice. So make them engaging. They can become ways to recall positive shared experiences—and even motivate people to create more such memories.
Additional Security Measures
-
No single security strategy is perfect, so it’s best to combine multiple techniques.
-
Pre-agreed passphrases: When together, intentionally agree on a shared phrase to later use for mutual authentication.
-
Consider establishing an emergency code word: a word you can casually insert into a sentence to signal you're under duress. It should be common enough to sound natural when used, yet rare enough that you won’t say it by accident.
-
When someone sends you an ETH address, have them confirm it across multiple channels (e.g., Signal and Twitter DMs, the company website, or through a mutual contact).
-
Mitigating man-in-the-middle attacks: Features like Signal’s “safety numbers,” Telegram’s emoji codes, and similar mechanisms are worth understanding and vigilantly checking.
-
Daily limits and delays: Simply impose delays on highly sensitive and irreversible operations. This can be done at the policy level (pre-agreeing with signers to wait N hours or days before signing) or at the code level (enforcing restrictions and delays in smart contract logic).
A potential advanced attack involves the attacker impersonating both executives and recipients at multiple steps of the approval process. Both security questions and delays can defend against this—ideally used together.
Security questions are useful because, unlike many other technologies, they fail not due to being unfriendly, but because they aren’t *human-friendly enough*. Security questions build on information that humans naturally excel at remembering. I’ve used security questions for years—it’s actually a very natural and non-awkward habit, well worth integrating into workflows alongside other protective layers.
Note that the “person-to-person” security questions described above differ significantly from “institution-to-individual” scenarios—for instance, calling your bank to reactivate a credit card after traveling abroad, enduring 40 minutes on hold, only for an agent to ask your name, birthday, and perhaps your last three transactions. The types of questions individuals know versus institutions know are vastly different. These two cases deserve separate consideration.
Everyone’s situation is unique, so the kind of personal information you share with someone varies accordingly. It’s usually better to adapt the technique to the person rather than force the person to adapt to the technique. A method doesn’t need to be perfect to be effective. The ideal approach combines multiple techniques and selects those best suited to your context. In the post-deepfake era, we must adjust our strategies to reflect what is now easy to forge versus what remains difficult. But as long as we do so, staying secure remains entirely possible.
Join TechFlow official community to stay tuned
Telegram:https://t.me/TechFlowDaily
X (Twitter):https://x.com/TechFlowPost
X (Twitter) EN:https://x.com/BlockFlow_News
@VitalikButerin
