The security landscape is at a turning point: on the one hand, deepfake technologies and subtle video manipulation threaten trust in evidence and require authentication procedures such as media signing and open standards (ONVIF Profile T) to be embedded in the camera itself. On the other hand, cloud-based platforms such as Verkada are demonstrating how video surveillance, access control and environmental sensors can be merged into a scalable single-pane-of-glass solution that can be seamlessly integrated into heterogeneous existing environments. Last but not least, operational security technologies (OST) form the backbone of modern physical protection concepts by modularly linking PACS, video, sensor technology and management platforms and delivering mission-critical results through lifecycle management, interoperability and cybersecurity best practices. Based on ONVIF publications and specifications, this article highlights how all these elements work together to usher in a new era of holistic security in times of generative AI, complex infrastructures and growing compliance requirements.

Deepfakes and digital trust: Why video authentication is essential

Video footage is one of the most powerful pieces of evidence in investigations, court proceedings and security-critical processes. However, with the rise of generative AI, recordings are increasingly suspected of being manipulated: deepfakes, subtle frame-slicing tricks and metadata forgery are undermining trust in the authenticity of video evidence. Traditional forensic methods are reaching their limits, which is why secure authentication procedures must become the basis of modern security architectures right from the filming stage. This article highlights the dangers of manipulated videos, how media signing and open standards such as ONVIF Profile T offer protection at the source, and what innovations for video integrity were presented at ISC West 2025.

The rapid development of generative artificial intelligence is opening up completely new possibilities for security and surveillance systems in terms of efficiency, accuracy and analytical capabilities. At the same time, however, these same technologies also provide perpetrators and manipulators with powerful tools for falsifying videos or distorting their content – so-called deepfakes. Some manipulations are obvious, such as when a dinosaur suddenly walks through a reception hall. However, subtle manipulations that are hardly noticeable are much more problematic: shifting timestamps to move an event to another day, or removing individual video frames so that a specific person does not appear in the image at all.

For law enforcement agencies, courts and companies that rely on video material as evidence, this raises a crucial question: How can we ensure that the footage is authentic and actually reflects reality? Traditional forensic methods are increasingly reaching their limits here. In this article, I will first outline the dangers posed by deepfakes and subtle video manipulation, then present modern approaches to video authentication, and finally report on the most important news on video integrity presented at the ISC West 2025 security trade fair in Las Vegas.

The threat of deepfakes in surveillance

Attacks on the integrity of video recordings can take various forms. On the one hand, timestamps can be manipulated: a simple intervention in the metadata can create the false impression that an incident took place outside regular working hours or on a completely different day. This can lead to serious misjudgements in police investigations and insurance claims.

Another common method is frame slicing and frame replacement: by removing certain individual frames from a video or replacing them with others, entire people or actions can be made to disappear. A suspect no longer appears in the image even though they were actually filmed, or their behaviour is distorted.
Finally, criminals and propagandists are increasingly using AI-assisted inpainting and reframing techniques, in which algorithms seamlessly add image particles, change backgrounds and even insert synthetic voices into audio tracks. Even for trained experts, these interventions are often difficult to detect and elude traditional forensic examination methods.

Without effective technical countermeasures, trust in video evidence is at risk of eroding: investigators, judges and security officials will then have to constantly ask themselves whether the film material at their disposal is unaltered and genuine or whether it has already been manipulated.

Authentication technologies: protection at the source

Media signing comes into play to counteract this development – a process that starts as soon as the video is captured and secures its authenticity from that moment onwards.
Immediately after exposure, the camera signs each individual frame or data block with a private key belonging to the device. Any subsequent changes – deleting individual frames, adjusting time stamps or other manipulations – mean that the signature no longer matches the data and the intervention is clearly recognisable.
It is essential that authentication is not only performed once, but throughout the entire value chain: whether in the network video recorder (NVR), during live transmission to monitoring workstations or when exporting to the archive – each system checks the signature before displaying or processing the video material. This creates a seamless core of trust that eliminates the need for time-consuming chain-of-custody verification. To ensure that this process works across the industry, the global organisation ONVIF is working on an open specification for media signing as part of its Profile T standard. This will enable cameras and recording systems from different manufacturers to be interoperable and use the same signature mechanisms to ensure video integrity.

News from ISC West 2025

At the world’s largest security trade fair, ISC West 2025, held in Las Vegas from 31 March to 3 April, the topic of video integrity was the focus of numerous presentations and live demonstrations.
In a keynote speech and live demo on 2 April at the Venetian Expo (Room 203), ONVIF Chairman Leo Levit, together with partners such as Axis Communications and Bosch, presented signed live streams for the first time: the cameras generated their digital signatures on site, and attempts at manipulation in the form of frame drops or timestamp changes were detected in real time and visually marked.
Bosch Security Systems announced that it is working with Intel to integrate hardware-based signature modules into EdgeKI units to embed the signature directly in the camera chip. Eagle Eye Networks presented a cloud-based analysis platform that combines camera-generated signatures with deepfake detection chains to automatically filter out manipulation attempts.
In a panel discussion, experts from IT departments, the judiciary and the security industry discussed how courts will need to adapt future rules for admitting video evidence when deepfakes become ubiquitous. All participants agreed that the authentication and integrity of video recordings is no longer an optional extra, but a mandatory requirement for legally compliant and trustworthy surveillance.

Recommendations for companies

Companies and public authorities should quickly integrate the new technologies into their security architectures:

1. Early integration: Media signing should be a mandatory requirement in the specifications for the next camera replacement or system update. Open, manufacturer-independent profiles such as ONVIF Profile T facilitate product selection and ensure interoperability.
2. Pilot test in live operation: For practical testing, a proof of concept in a clearly defined area, such as a reception area with high visitor traffic, is recommended. This allows performance and compatibility to be tested realistically.
3. Training and awareness: Investigators, security officers and IT administrators must be made aware of what manipulated video evidence looks like and why digital signatures are necessary. Only those who know the limitations of traditional forensic methods can recognise the importance of the new technology.
4. Clarify the legal framework: In close consultation with the legal department, companies should examine how signed videos can be recognised as evidence in criminal and civil courts. Standardised, source-secure signatures make judicial admission considerably easier.
5. Continuous monitoring: In addition to the usual motion monitoring, systems should be introduced that also detect signature discrepancies in live streams. This allows an unintentional frame drop or an unverifiable timestamp change to be reported immediately.

Outlook

Video authentication at the source transforms surveillance cameras into reliable ‘witnesses’ whose recordings cannot be manipulated, even by the most subtle deepfakes. ISC West 2025 has shown that ONVIF standardisation and industry-wide cooperation are laying the foundation for a new era of digital trust. Companies, law enforcement agencies and security authorities should evaluate and implement these developments now in order to protect their video evidence against future generations of generative AI. Because only an authentic image creates genuine digital trust.

Verkada: Cloud-based physical security as a driver of innovation

Since its founding in 2016, Verkada has redefined physical security and expanded its product portfolio from smart video cameras to a comprehensive platform with access control, alarms, environmental sensors, intercoms and workplace management. Thanks to an intuitive cloud architecture, more than 30,000 organisations worldwide now control their systems centrally via a single dashboard – live, scalable and audit-proof. Verkada’s ONVIF membership in August 2024 underscores its commitment to integrating heterogeneous legacy systems and protecting existing investments. Below, we explain how Profile S compliance is achieved for the Command Connector and the advantages of combining open standards and cloud flexibility.

Verkada is today’s innovation leader: What began with the development of smart video surveillance cameras is now a comprehensive ecosystem of six natively integrated product lines: video cameras, access control, alarm systems, environmental sensors, intercom modules and workplace management tools. All these components are bundled on an intuitive cloud platform that customers can control from anywhere via a web browser or mobile app.

At its core, Verkada has a clear mission: to improve the security of businesses, educational institutions and public institutions without the need for complex IT infrastructures or high maintenance costs. With a single dashboard that displays live video streams, access logs and alarm notifications, physical security management can be centralised. Around 30,000 organisations in 93 countries – including 91 of the Fortune 500 companies – now rely on Verkada to protect their sites in a flexible, scalable and audit-proof manner.

Interoperability is essential to ensure that this openness works not only internally but also in heterogeneous system landscapes. In August 2024, Verkada joined ONVIF, the world’s leading alliance for open interfaces in IP-based security technology. The aim of this move was to add the ability to seamlessly integrate ONVIF-compliant devices to the native cloud platform ‘Command’. Thanks to ONVIF’s clear specifications and comprehensive technical documentation, customers can continue to use their existing hardware investments while still benefiting from the advantages of a modern cloud architecture.

A key result of this collaboration was the validation of Profile S compliance for the new Command Connector, which acts as a bridge between local ONVIF devices and the Verkada cloud. Compliance with ONVIF standards overcomes typical integration hurdles such as different protocols, proprietary APIs and inconsistent metadata. This significantly shortens implementation projects and creates a single pane of glass in which both legacy devices and state-of-the-art Verkada hardware can be managed together.

For Senior Vice President of Product & Operations Brandon Davito, ONVIF membership is more than just a technical add-on: ‘The ONVIF community and its standards have provided us with tremendous support during testing and validation. They open the door to the cloud for our customers without losing their existing investments in security cameras or access readers.’ This openness not only attracts new prospects who want a gradual migration, but also strengthens Verkada’s position as a provider of a future-proof, vendor-neutral security platform.

The advantages of an open, cloud-based approach are manifold: While traditional on-premise systems often incur significant hardware and maintenance costs, Verkada users benefit from automatic software updates, centralised lifecycle management and integrated security checks. At the same time, the cloud enables easy expansion to new locations and flexible activation of additional modules without the need for complex cabling or service teams on site.

Verkada is thus demonstrating what physical security can look like in an increasingly connected world: modular, interoperable and convenient to use. Combined with open standards such as ONVIF, this results in security solutions that not only protect in the moment, but evolve with the needs of businesses – from initial camera installation to global multi-site monitoring. Verkada proves that effectiveness and user-friendliness in physical security are not mutually exclusive, but complement each other perfectly thanks to cloud technology and industry-wide standards.

Operational Security Technology: The key to mission-critical outcomes

Operational Security Technology (OST) forms the backbone of modern physical security strategies by transforming specialised hardware and software components into integrated, scalable architectures. The SIA report ‘Operational Security Technology – Principles, Challenges and How to Achieve Mission-Critical Outcomes Leveraging OST’ clearly defines OST as distinct from industrial OT and highlights the rapid growth rates in areas such as building management systems. It highlights key hurdles – from system convergence and lifecycle management to cyber and data protection requirements – and outlines best practices for needs assessment, technology selection, piloting and continuous improvement. In this article, we summarise the key findings and explain how security managers can successfully operationalise OST.

Modern security strategies increasingly rely on operational security technology (OST) to manage physical protection tasks in a systematic, automated and scalable manner. The SIA report ‘Operational Security Technology – Principles, Challenges and How to Achieve Mission-Critical Outcomes Leveraging OST’ provides comprehensive guidance on this topic. It defines OST as those technical components that have been specifically developed for physical security objectives and clearly distinguishes them from industrial operational technology (OT), which is primarily aimed at controlling and monitoring production processes. OST, on the other hand, is the bridge between security requirements and modern automation, without which effective security processes would be virtually inconceivable today.

The relevance of OST is growing in parallel with the global OT market, which is expanding at a CAGR of around 10% until 2030, and the building management systems (BMS) sector, which is even forecast to grow by 15.2% annually. This dynamic underscores that, in addition to efficiency and cost pressures, integrated security architectures in particular will set the standard in the future.

At the same time, the report raises awareness of key obstacles: OST components such as physical access control systems (PACS), video surveillance, sensor technology, perimeter protection and management platforms rarely operate as stand-alone solutions. Their convergence often leads to complexity and interoperability problems, with up to 50% of PACS administrators reporting difficulties integrating them into heterogeneous infrastructures. This is often compounded by a lack of lifecycle management when systems originally installed as pilots grow without upgrade or exit strategies. A lack of focus on total cost of ownership and the threat of vendor lock-in jeopardise long-term stability and availability. Finally, high cybersecurity and data protection requirements (e.g. under GDPR or ISO 27001) necessitate security and organisational measures ranging from data encryption and network segmentation to regular penetration tests.

The SIA report divides OST systems into five main categories. Physical access control systems form the first line of defence and include keycards, biometric readers, interlocking doors and multi-factor authentication. Their development requires a rigorous approach, from requirements analysis to audits, to guarantee long-term reliability and data protection. Surveillance systems such as CCTV, PTZ and thermal imaging cameras serve as deterrents and for live monitoring; they require centralised video management solutions with big data storage capabilities to ensure access rights, high availability and fast analysis. Detection systems – from motion and glass break sensors to gas sensors – act as the sensory organs of physical security. Only intelligent pattern recognition and consistent maintenance can minimise false alarms and ensure that genuine alarms are responded to reliably. Perimeter and environmental security includes digital fences, bollards and BMS integrations that protect the surroundings of sensitive locations. Their connection to comprehensive management systems creates a continuous ‘security highway,’ but requires sophisticated integration and cybersecurity concepts. Finally, Security Operations Centres, mass notification and incident management bundle OST data in real time so that even complex threat scenarios can be quickly overviewed and efficiently handled.

To achieve mission-critical results from this technology toolkit, the report proposes a multi-stage approach. It begins with a precise needs assessment and risk analysis, in which clear goals (‘What problem are we solving?’) are defined, assets are identified and continuous risk assessments are established. In the technology selection and piloting phase, the focus is on a cost-benefit analysis and a requirements matrix; proof-of-concept projects and open standards (such as ONVIF or SIA OSDP) prevent isolated solutions and ensure interoperability. The question of scalability and functionality is answered by modular architectures and cloud-hybrid models that enable growth without disruptive large-scale migrations, while putting the ‘function-first’ concept at the forefront. People, processes and tools form the third foundation: regular training, clearly defined escalation paths and detailed maintenance plans guarantee continuous operability. Finally, the report emphasises the need for continuous improvement – through regular reviews, lifecycle management and strategic partnerships – to avoid technical obsolescence and unpleasant surprises when OEM roadmaps change.

The SIA report makes it crystal clear that OST solutions are indispensable, but by no means trivial. Only organisations that conduct clear needs analyses, internalise interoperability and lifecycle thinking, and closely integrate cybersecurity and data protection will be able to establish sustainable and cost-efficient security architectures. With a structured approach, proven best practices and a consistent focus on mission-critical outcomes, maximum physical security can be achieved – at manageable costs throughout the entire lifecycle.