Presence verification is the act of confirming that the person being checked is physically present during the transaction. In identity programmes, it reduces the risk that a proxy, replay, or stored image can be used to satisfy a live verification step.
Expanded Definition
Presence verification is a live-step assurance check used in identity and fraud controls to confirm that a real person is physically present during the transaction. It is narrower than general identity proofing because it focuses on liveness at the moment of interaction, not on long-term identity validity or account ownership. In practice, organisations may use device sensors, challenge-response prompts, or supervised video flows to reduce the chance that a proxy, replayed recording, or stored image can satisfy the check. Standards bodies do not treat presence verification as a single universally defined control, so usage in the industry is still evolving across onboarding, step-up authentication, and remote transaction approval. For governance alignment, the control intent maps most cleanly to the NIST Cybersecurity Framework 2.0 emphasis on verifying and protecting access paths, while identity programmes often pair it with stronger identity assurance methods. The most common misapplication is treating a static selfie or cached video as proof of presence, which occurs when a system lacks a true liveness check and cannot distinguish a live user from replayed media.
Examples and Use Cases
Implementing presence verification rigorously often introduces user friction and operational review overhead, requiring organisations to weigh fraud reduction against conversion drop-off and support cost.
- Remote account opening that asks the applicant to complete a live facial or movement challenge before the account is provisioned.
- High-risk payment approvals where a user must re-confirm presence before a sensitive transfer is released.
- Workforce onboarding flows that combine identity document capture with a live presence step to reduce impersonation risk.
- Fraud review processes that flag repeated attempts to satisfy the check with replayed media or automated tooling.
- Identity governance programmes that add presence checks to the highest-risk actions rather than every routine sign-in.
NHIMG’s Ultimate Guide to NHIs shows why strong verification matters beyond human onboarding: 80% of identity breaches involved compromised non-human identities such as service accounts and API keys, which is a reminder that weak assurance anywhere in the identity stack expands attack paths. Presence verification is therefore best treated as one layer in a broader assurance design, not as a standalone trust decision. For teams building remote verification flows, the relevant external reference is the NIST Cybersecurity Framework 2.0, which helps anchor access validation to risk-based governance.
Why It Matters for Security Teams
Presence verification matters because it reduces the chance that an identity process can be satisfied by something other than the living subject. When it is weak, attackers can use screenshots, deepfakes, pre-recorded clips, or a proxy operator to bypass remote controls that were meant to validate human participation. That creates exposure in fraud prevention, high-risk approvals, and any workflow where a remote action is assumed to require the actual person. NIST guidance on identity and risk governance is relevant here, but the operational lesson is broader: the control must be calibrated to the threat model, not just the user experience. NHIMG research on the Ultimate Guide to NHIs also highlights that only 5.7% of organisations have full visibility into their service accounts, underscoring how often identity assurance gaps persist until an incident forces remediation. Organisations typically encounter the consequences only after a fraudulent transaction, account takeover, or audit failure, at which point presence verification becomes operationally unavoidable to address.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Agentic AI Top 10 and OWASP Non-Human Identity Top 10 address the attack and risk surface, while NIST SP 800-63, NIST CSF 2.0 and NIST AI RMF set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| NIST SP 800-63 | IAL2 | Presence checks support higher identity proofing confidence during remote enrollment. |
| NIST CSF 2.0 | PR.AA | Identity verification and access assurance align to authenticated, risk-based access. |
| OWASP Agentic AI Top 10 | Agentic workflows can trigger high-risk actions that need live human confirmation. | |
| OWASP Non-Human Identity Top 10 | Identity assurance gaps often span both human and non-human workflows. | |
| NIST AI RMF | GOVERN | AI-enabled presence checks need governance, accountability, and risk controls. |
Use presence verification as one signal within a stronger identity proofing flow.