The deepfake-defense vendor matrix
Detection finds yesterday's deepfake. Prevention makes tomorrow's irrelevant. Here is the recent matrix.
Two strategies, two outcomes
The deepfake market splits into detection (look at content; flag if synthetic) and prevention (verify authentic provenance; reject content that lacks it). Detection is reactive and probabilistic. Prevention is proactive and cryptographic. Both are useful; only one keeps pace with generative AI.
The vendor categories
Detection — image and video. Sensity AI, Reality Defender, Hive AI. Train classifiers on known deepfake artifacts; score incoming content. False-positive and false-negative rates fluctuate with each new generative model release. Useful for content moderation at scale; structurally limited as a fraud control on the cutting edge.
Detection — biometric / liveness. deepidv, iProov, Veriff, Onfido. Active liveness checks (turn your head, blink) plus passive signal analysis. Stronger than image classifiers because the test is live, but the arms race continues — newer generative models pass active liveness at growing rates.
Prevention — content provenance. Truepic, C2PA-aligned vendors, Adobe Content Credentials. Sign content at the moment of capture with a hardware attestation; relying parties verify the signature. Strong for media (newsroom, court evidence). Weaker for the agent age because it does not extend to actions taken by humans.
Prevention — identity attestation. Manav, Worldcoin (with AgentKit), full-stack HATI vendors. Bind a verified human to ongoing identity, delegation, and work attestation. The agent age's structural answer.
The matrix
| Detection (image/video) | Detection (liveness) | Prevention (content) | Prevention (identity) | |
|---|---|---|---|---|
| Vendors | Sensity, Reality Defender, Hive | deepidv, iProov, Veriff, Onfido | Truepic, C2PA, Adobe | Manav, Worldcoin |
| Approach | Probabilistic | Probabilistic + active | Cryptographic, content-bound | Cryptographic, identity-bound |
| Resilient to next-gen AI | Weak | Medium | Strong | Strong |
| Best for | Content moderation at scale | One-time KYC | Newsroom, evidence | Hiring, agent delegation, audit |
| Cost | Per-asset | Per-check | Per-capture | Per-verification + license |
The honest assessment
Detection vendors are not going away. Content moderation at platform scale needs them. But the use case where detection still wins is shrinking — the gap between generative quality and detector accuracy keeps narrowing. The vendors honest about this all describe themselves as one layer in a defense-in-depth stack, not a sole control.
Prevention is structurally superior for the high-stakes use cases — hiring, regulated AI, agent delegation. Either you cryptographically prove the human-and-the-content-and-the-action chain, or you are betting on detection keeping up. The bet is no longer rational at scale.
The right stack
Use detection for triage and content moderation. Use prevention (Manav for identity, C2PA for media) for high-stakes verification. Stack them where appropriate. The mistake is buying detection alone for a problem prevention solves.
Common objections
Buyers reasonably ask: do we have to choose? No. Most production stacks run both — the incumbent for the layer it owns, the new category for the layer the incumbent does not. The category split is real; the integration is clean; the procurement question is sequencing, not selection.
Frequently asked questions
Why not just use the incumbent for both? Because the incumbent was built for the previous problem. The fact that the workflow looks similar masks an architectural mismatch the incumbent cannot fix without rebuilding. We respect the incumbent; we do not pretend they ship the answer.
Where does the incumbent still win? In its native category. Use the incumbent where it was designed to operate; use the new layer where the new category begins. Most production stacks end up running both, with a clean handoff between them.
How long until we have to choose? You don't, mostly. The clean integration runs both side-by-side. The choice arrives only when a procurement contract forces consolidation, and by then the data on which layer is doing the work is usually clear.
Where to start
To go deeper, read deepfake hiring playbook for the architectural diff and how to prove human 2026 for the broader vendor map. Most procurement teams converge on the same composition — incumbent plus the new layer — once they have walked both.
The matrix that explains the matrix
Every cell in the deepfake-defense matrix represents a different threat actor with a different budget. The cells in the upper-left — low-effort, low-stakes — are addressed by simple liveness checks. The cells in the lower-right — well-funded state actors targeting senior executives — require the full stack: behavioral biometrics, attestation chains, cryptographic identity binding, and real-time anomaly detection. The mistake most defenders make is buying for the wrong cell. They invest in the lower-right defenses against threats that live in the upper-left, or they leave the lower-right exposed because the upper-left is the visible threat. The matrix is a reading aid, not a procurement list. The right approach is to map your actual threat model onto the cells, then buy depth where your model concentrates, and accept residual risk where it does not. Defending every cell is unaffordable; defending the cells you actually face is the discipline.
Detection chases. Prevention pre-empts. The arms race chooses the winner.