A Polish cybersecurity researcher demonstrated that OpenAI’s ChatGPT-4o could be manipulated to generate a highly convincing replica of his passport in under five minutes. Using basic prompt engineering and image guidance, the model produced a near-perfect forgery without external tools.
The incident raises major concerns about the vulnerability of Know Your Customer (KYC) processes, especially those relying solely on document uploads for identity verification. The ease and speed with which ChatGPT-4o generated the fake document highlight significant gaps in current AI moderation and fraud prevention systems.
Expert Analysis:
The key issue here is not simply the ability to create a fake passport but how easily generative AI can dismantle the trust assumptions behind KYC systems. If a public AI model can produce fraudulent identity documents in minutes, it renders document-based verification meaningless.
Organizations depending solely on visual inspection of uploaded IDs are facing an existential threat: fraud can now be scaled industrially, without specialized skills or tools. Criminals no longer need graphic designers or forgery equipment. They just need an API and a prompt.
Read the full article here.
