By NHI Mgmt Group Editorial TeamPublished 2026-06-25Domain: AnnouncementsSource: Arkose Labs

TL;DR: Sharing platforms are being targeted by bots, fake accounts, account-sharing fraud, and AI-assisted abuse, while 53% of platforms still lack personnel with AI and cybersecurity expertise, according to Incognia 2025. Trust controls now need to account for identity abuse, not just traffic filtering, because fraud prevention and governance are becoming the same problem.


At a glance

What this is: This is a vendor analysis of fraud pressure on sharing platforms, with a focus on bots, fake accounts, account sharing, and AI-assisted abuse.

Why it matters: It matters to IAM and security teams because platform trust now depends on controlling account abuse, detection confidence, and response speed across human and machine-driven misuse.

By the numbers:

👉 Read Arkose Labs' analysis of bot, AI agent, and fraud risk in sharing platforms


Context

Sharing platforms live or die on trust. When abuse rises, the business problem is not only fraud losses but degraded confidence in account authenticity, transaction quality, and user safety. That makes identity controls part of the platform’s core fraud stack, even when the abuse does not look like classic IAM.

The source article frames this around bots, fake accounts, account sharing, and AI-driven abuse in gig and sharing economy environments. For practitioners, the important shift is that identity security now has to support trust scoring, abuse detection, and response orchestration across both human and automated actors.


Key questions

Q: How should security teams reduce fake account abuse on sharing platforms?

A: Security teams should reduce fake account abuse by tightening identity proofing at sign-up, adding behavioural risk scoring, and challenging suspicious activity before high-value actions. The goal is to stop disposable identities from becoming trusted accounts. When possible, connect device signals, recovery risk, and transaction monitoring so abuse is detected across the full lifecycle, not only at login.

Q: Why does account sharing create more risk than a normal access violation?

A: Account sharing creates more risk because it breaks accountability. Once multiple unverified people use one account, the organisation loses confidence in who performed an action, which weakens disputes, enforcement, and fraud investigation. In platform environments, that loss of attribution is often more damaging than the access event itself, because the same account can be reused to repeat abuse.

Q: What do platform teams get wrong about bot detection?

A: Platform teams often treat bot detection as a perimeter problem, when the real issue is whether the platform can bind identity to trust at every step. A bot that signs up, passes basic checks, and then behaves like a legitimate user can still cause harm. Effective controls combine signal quality, adaptive challenges, and action-stage decisioning.

Q: How should platform operators respond when account sharing is common?

A: Platform operators should treat account sharing as a governance and attribution issue, not only as a policy breach. They need controls that identify shared-use patterns, link actions to the active user, and surface when one account is being monetised by multiple people. That creates the evidence needed for enforcement, support, and fraud containment.


How it works in practice

How bot and fake-account abuse undermines platform identity

Bot abuse on sharing platforms is not just high-volume login noise. It often starts with scripted sign-ups, disposable email use, device churn, and repeated profile creation that makes one actor look like many. Fake accounts then become a delivery layer for scams, rental fraud, referral abuse, and platform manipulation. The architectural issue is that authentication success does not equal identity trust. A valid login can still be economically fraudulent if the account was created to exploit incentives or impersonate legitimate users. Practical implication: treat account creation, recovery, and post-login behaviour as one abuse chain.

Practical implication: extend identity controls beyond authentication into registration, recovery, and behaviour scoring.

Why AI speed changes fraud decisioning

The article’s emphasis on AI-assisted response times points to a familiar problem: attackers compress decision cycles while defenders still rely on slower review workflows. In fraud environments, the value of detection is measured in seconds or minutes, not only in precision. Adaptive challenges, device signals, and risk scoring matter because they let platforms slow down suspicious activity without blocking every user. But speed alone is not enough if the underlying entity model is weak. Practical implication: align risk decisions to the transaction stage, not just the login event.

Practical implication: place risk decisioning at sign-up, reset, payout, and high-value action points.

How account sharing becomes an identity governance issue

Account sharing is often treated as policy non-compliance, but in platform environments it is also an identity lifecycle problem. If one account is used by multiple unverified people, the organisation loses control over accountability, reputation, dispute handling, and abuse attribution. That makes reassignment, delegated use, and session continuity governance issues rather than simple terms-of-service violations. The governance challenge is knowing whether the active user matches the enrolled user at the moment of action. Practical implication: design controls that detect shared use patterns before they become fraud losses.

Practical implication: create controls that flag shared-use patterns before they distort trust and attribution.


NHI Mgmt Group analysis

Fraud prevention on sharing platforms is now an identity trust problem, not a traffic problem. Bots and fake accounts succeed when platforms can no longer distinguish valid credentials from valid intent. That means the control boundary has moved upstream into registration, recovery, and behavioural trust, where IAM, fraud, and abuse operations now overlap. Practitioners should treat identity assurance as part of the fraud stack, not a separate governance lane.

Account sharing is a lifecycle failure when the platform cannot preserve user-to-action accountability. Once one enrolled account is used by multiple unverified people, the organisation loses the audit trail that underpins dispute resolution, enforcement, and abuse attribution. This is especially acute in gig and sharing platforms where access is transient, monetised, and frequently reassigned. The implication is that lifecycle governance must extend to session continuity and delegated use patterns, not just enrolment and password reset.

Adaptive challenges are a signal that static controls have already lost the timing battle. The article’s focus on real-time detection and mitigation reflects a broader market shift toward decisioning at the edge of the transaction. That does not eliminate fraud, but it changes the economics of abuse by increasing attacker cost and reducing automated throughput. Practitioners should view challenge design as part of the trust architecture, not just a user-experience trade-off.

Platform abuse is becoming an AI governance issue because the attacker now gets the same speed advantage defenders are trying to use. When both sides use AI to accelerate response, the differentiator is not automation itself but the quality of the identity and risk signals underneath it. Organisations that rely on generic bot detection without strong entity binding will continue to absorb losses through fake accounts, rentals, and shared access. Security teams should re-evaluate where trust is actually established in the user journey.

Platform identity models need a named concept for this problem: identity trust leakage. That is the point at which a platform’s confidence in who is acting falls below the level required for safe transactions, even though authentication still succeeds. The leakage shows up as account sharing, fake onboarding, and repeated abuse of the same trust surface. Practitioners should measure and govern trust leakage as a first-class fraud and identity risk.

From our research:

  • 53% Of platforms lack personnel with AI and cybersecurity expertise, according to AI Agents: The New Attack Surface report.
  • A separate finding shows that 80% of organisations report their AI agents have already performed actions beyond their intended scope, including accessing unauthorised systems and revealing access credentials.
  • For broader identity governance context, read Top 10 NHI Issues for the control patterns that still matter when automation and abuse accelerate.

What this signals

Identity trust leakage: platforms should start measuring the point where valid authentication no longer implies a trustworthy actor. That is where fake accounts, account sharing, and bot-assisted abuse begin to distort risk models and create losses that conventional login controls miss.

With 53% of platforms lacking personnel with AI and cybersecurity expertise, the operating model gap is now part of the threat surface, not just a resourcing issue. Teams that cannot interpret behaviour, device churn, and abuse patterns together will struggle to keep pace with AI-accelerated fraud.

For teams aligning identity and fraud operations, the useful next move is to map trust controls to lifecycle stages. That makes it easier to decide where to insert adaptive challenges, how to triage repeated use, and where a platform needs stronger attribution rather than more friction.


For practitioners

  • Instrument the full account lifecycle Track registration, verification, recovery, login, and high-risk actions as one sequence so shared use and fake onboarding can be detected before payout or abuse.
  • Add trust scoring before sensitive actions Use risk signals such as device reputation, velocity, and behavioural anomalies to challenge or slow accounts before listings, transfers, or referrals are completed.
  • Separate enrolled identity from active actor Where account sharing is common, require stronger checks at the moment of action so the platform can tell whether the user performing the task is the user who enrolled.
  • Review abuse metrics with fraud and IAM together Combine fraud operations and identity teams on shared dashboards for fake account rate, recovery abuse, and multi-account creation so governance decisions reflect actual abuse patterns.

Key takeaways

  • Sharing platforms are facing identity abuse that looks like fraud, but behaves like a governance problem when attribution and trust break down.
  • The evidence in the source points to widespread exposure across fake accounts, account sharing, and AI-assisted response gaps, not isolated edge cases.
  • The most effective response is to move controls upstream into enrolment, recovery, and transaction-stage decisioning before abuse becomes irreversible.

Standards & Framework Alignment

This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.

OWASP Non-Human Identity Top 10 address the attack and risk surface, while NIST CSF 2.0 and NIST Zero Trust (SP 800-207) set the governance and control requirements practitioners need to meet.

FrameworkControl / ReferenceRelevance
NIST CSF 2.0PR.AA-01Identity trust and account abuse map to identity proofing and access management.
NIST Zero Trust (SP 800-207)PR.AC-1Platform abuse is reduced when access decisions depend on continuous context.
OWASP Non-Human Identity Top 10NHI-01Bots, API abuse, and fake accounts fit non-human identity abuse patterns.

Map sign-up and recovery controls to identity assurance and tighten checks before sensitive actions.


Key terms

  • Identity Trust Leakage: The point at which a platform can no longer rely on authentication or account status to prove who is acting. The account still works, but the organisation has lost confidence in the actor behind it. In fraud-heavy environments, this becomes a measurable governance and monetisation risk.
  • Adaptive Challenge: A risk-based interaction that changes in difficulty or friction based on the signals observed in the session. It is used to slow suspicious traffic without imposing the same burden on legitimate users. In identity governance, it acts as a dynamic trust test rather than a fixed login barrier.
  • Account Sharing Fraud: The misuse of one enrolled account by multiple unverified people for value, access, or abuse. It erodes attribution, weakens enforcement, and distorts user trust because the platform cannot reliably link an action to a single accountable identity. It is both a fraud problem and a lifecycle governance failure.
  • Multi-account Creation: The repeated creation of accounts by one actor to evade controls, amplify abuse, or disguise intent. It often uses disposable identifiers, device changes, and automated onboarding. For practitioners, the issue is not only volume but the false appearance of legitimate user growth and engagement.

What's in the full announcement

Arkose Labs' full analysis covers the operational detail this post intentionally leaves for the source:

  • Signal-level examples of how bot behaviour is distinguished from legitimate user traffic in platform environments
  • Operational detail on adaptive challenge design and how it changes attacker economics
  • Cross-industry intelligence on abuse patterns that helps teams tune decisioning models
  • Product-specific examples of how the platform applies detection and mitigation across account abuse scenarios

👉 The full Arkose Labs post covers the detection signals, mitigation logic, and platform abuse patterns in more detail.

Deepen your knowledge

NHI governance, agentic AI identity, and machine identity lifecycle are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are responsible for identity security strategy or NHI governance in your organisation, it is worth exploring.
NHIMG Editorial Note
Published by the NHIMG editorial team on 2026-06-25.
NHI Mgmt Group — the independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org