TL;DR: Identity verification in hiring is moving from manual review to automated checks that combine phone, email, document, and selfie liveness signals, according to Incode. The governance challenge is no longer speed versus security, but whether hiring workflows can verify people without creating blind spots in fraud prevention or candidate record integrity.
At a glance
What this is: This is Incode’s analysis of automated candidate verification in hiring workflows, showing how identity checks can be embedded across application, verification, and record-updating steps.
Why it matters: It matters because IAM, IGA, and risk teams increasingly need to govern identity proofing in workforce onboarding without relying on manual checks that do not scale against impersonation and deepfake-driven fraud.
By the numbers:
- Only 20% have formal processes for offboarding and revoking API keys, and even fewer have procedures for rotating them.
- 96% of organisations store secrets outside of secrets managers in vulnerable locations including code, config files, and CI/CD tools.
- 80% of identity breaches involved compromised non-human identities such as service accounts and API keys.
👉 Read Incode's analysis of automated candidate verification in hiring workflows
Context
Hiring identity verification has become a governance problem, not just a workflow problem. Deepfake interviews, impersonators, and fraudulent applicants can slip through processes that were built for trust-based screening rather than authenticated proofing, so the identity check now has to happen inside the hiring system itself.
The article describes a verification workflow that uses automated checks at multiple points in the hiring cycle, including phone, email, document, and selfie liveness verification. For IAM and workforce security teams, the interesting part is not the award framing but the operational shift from manual judgment to embedded identity proofing in candidate onboarding.
Key questions
Q: How should organisations govern candidate identity verification in hiring workflows?
A: Organisations should treat candidate verification as a governed onboarding control, not a recruiter-only task. Build verification into defined hiring stages, require evidence-based pass or fail outcomes, and ensure the results update the system of record. That lets HR, IAM, and security teams make downstream decisions on a shared identity state.
Q: Why do deepfakes and impersonation attempts complicate hiring security?
A: Deepfakes and impersonation attempts weaken the assumption that a candidate record corresponds to a real person. Traditional manual checks were built for smaller-scale fraud and are not reliable against synthetic media or coached interviews. Automated proofing and liveness verification help restore an evidence trail that can be audited and enforced.
Q: What breaks when candidate verification is kept outside the ATS or HR system?
A: When verification sits outside the authoritative record, recruiters and downstream systems may still act on stale or incomplete information. That creates a gap between proofing and action, which is where fraudulent candidates can slip through and where auditability is lost. The result is inconsistent governance and weaker onboarding decisions.
Q: Who is accountable when a fraudulent applicant passes identity verification?
A: Accountability sits across HR, security, and identity governance because candidate verification is now part of the onboarding control plane. HR owns the process, security owns the assurance requirements, and IAM owns how verified status influences provisioning and access. If any of those are disconnected, the organisation cannot prove who approved the risk.
Technical breakdown
How candidate verification becomes a workflow control
The workflow described in the article turns candidate verification into a staged decision process. Early checks such as phone, email, and non-document validation can screen low-confidence records before the process reaches heavier proofing. At the Identity Verification stage, document verification and selfie liveness checks add stronger evidence that the applicant is physically present and tied to the submitted identity. The important technical point is that identity assurance is not a single gate. It is a sequence of checks that can branch based on risk and update downstream systems automatically.
Practical implication: define where in the hiring flow identity proofing becomes mandatory and ensure those states are enforced consistently across ATS and HR systems.
Why liveness detection matters in candidate onboarding
Liveness detection is meant to answer a simple question: is a live person present, or is the system being fed a replay, image, or synthetic impersonation attempt? In hiring, this matters because an applicant may pass basic credential-style checks but still not be the real person behind the application. When liveness is combined with document verification, the control is stronger than either signal alone because it links the claimed identity to a live interaction at the point of verification.
Practical implication: require liveness checks for higher-risk roles and treat pass rates, retry rates, and exception handling as governance metrics.
How real-time verification updates reduce hiring blind spots
The article notes that verified status, ID images, and selfie images are written back into Greenhouse. That matters because identity verification loses value if results sit in a separate workflow and do not affect the authoritative candidate record. Real-time updates create a single operational view of the candidate's verification state, which helps recruiters avoid duplicate checks and helps security teams audit who was verified, when, and on what evidence. The control is partly technical and partly procedural: verification has to become part of the record lifecycle, not a side process.
Practical implication: ensure verification outcomes are written into the system of record and retained with auditability for later review.
Threat narrative
Attacker objective: The attacker seeks to get an unqualified or fraudulent identity accepted into the hiring process and recorded as a legitimate candidate.
- Entry begins with fraudulent applicants and impersonators using false or manipulated identity claims to enter the hiring funnel.
- Escalation occurs when basic screening fails to distinguish a real applicant from a deepfake interview or synthetic identity and the candidate reaches later-stage review.
- Impact is the creation of a hiring record and recruitment decision based on an unverified identity, increasing fraud and downstream access risk.
Breaches seen in the wild
- Cisco DevHub NHI breach — IntelBroker exploited exposed Cisco credentials, API tokens and keys in DevHub.
- Schneider Electric credentials breach — exposed credentials gave attackers access to Schneider Electric Jira, exfiltrating 40GB.
Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.
NHI Mgmt Group analysis
Candidate verification is becoming an identity governance control, not a recruiting convenience. Once identity proofing is embedded inside the hiring workflow, the question is no longer whether recruiters can move faster. The question is whether the organisation can trust the candidate record well enough to use it as a security boundary. That places workforce onboarding squarely inside IAM, IGA, and fraud prevention design. The practitioner implication is that hiring workflows now need assurance levels, not just process efficiency.
Manual screening cannot scale against synthetic identity pressure. Recruiter intuition and ad hoc review were never designed for deepfakes, impersonation attempts, or generated application artefacts. The article reflects a wider shift in which hiring teams need verifiable signals that can be logged, audited, and enforced. The practitioner implication is that identity proofing should be treated as a governed control point with explicit exceptions, not as an informal human judgment step.
Identity proofing only works when it updates the system of record. A verification result that does not flow into the authoritative candidate record creates a governance gap between proofing and action. That gap is where fraud survives, because downstream teams still operate on stale assumptions. The practitioner implication is that ATS and HR integrations must preserve verification state, evidence, and audit trails.
Candidate verification is a workforce identity boundary problem. Hiring is one of the earliest places where human identity assurance, fraud detection, and access governance intersect. If the onboarding record is weak, every later control inherits that weakness. The practitioner implication is that security and HR leaders should align on verification policy before roles are provisioned or system access is requested.
From our research:
- Only 20% have formal processes for offboarding and revoking API keys, and even fewer have procedures for rotating them, according to the Ultimate Guide to NHIs.
- 91.6% of secrets remain valid five days after the targeted organisation is notified, showing a critical gap in remediation procedures.
- See Ultimate Guide to NHIs , 2025 Outlook and Predictions for how identity governance is likely to evolve as AI-enabled verification and fraud pressure increase.
What this signals
Candidate verification is now part of the broader identity lifecycle. Once hiring systems generate trusted identity evidence, the next governance challenge is preserving that evidence through onboarding, access provisioning, and eventual offboarding. Security and HR teams should expect more scrutiny on how candidate proofing outcomes flow into IAM and IGA controls, especially where identity becomes the trigger for entitlements.
The next control gap is not whether verification exists, but whether it can be audited end to end. If proofing results cannot be tied to a candidate record, the organisation will struggle to defend hiring decisions, investigate exceptions, or show consistency across recruiters and regions.
This is where human identity, fraud prevention, and access governance begin to overlap in a single operating model. Teams that already map lifecycle controls across workforce identity will be better placed to extend those controls into candidate onboarding without creating manual bottlenecks.
For practitioners
- Embed identity proofing at defined hiring stages Map verification checkpoints to application, interview, and final onboarding stages so candidate assurance increases before any downstream employment or access decision is made.
- Write verification outcomes into the candidate record Ensure verified status, evidence, and failure states are stored in the system of record so recruiters and security teams operate on the same authoritative identity state.
- Treat deepfake resistance as a policy control Set escalation rules for failed liveness checks, repeated retries, and exceptions, then require human review only for defined edge cases rather than every case.
- Align hiring verification with access governance Connect candidate identity proofing to downstream onboarding and access provisioning so an unverified candidate cannot move into entitlement workflows.
Key takeaways
- Automated candidate verification is turning hiring into a governed identity checkpoint rather than a manual trust exercise.
- The article’s core risk is identity misrepresentation through deepfakes, impersonation, and fraudulent applicants, which manual screening does not reliably stop.
- Security teams should connect verification outcomes to the system of record so onboarding, audit, and downstream access decisions all use the same trusted candidate state.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
NIST CSF 2.0 and NIST SP 800-63 set the technical controls, while GDPR define the regulatory obligations.
| Framework | Control / Reference | Relevance |
|---|---|---|
| NIST CSF 2.0 | PR.AA-1 | Candidate identity proofing supports trusted onboarding decisions. |
| NIST SP 800-63 | SP 800-63A | The article centers on identity proofing for people entering a workforce flow. |
| GDPR | Art.32 | The workflow handles identity evidence and images that may require secure processing. |
Align candidate verification steps with SP 800-63A proofing guidance and document assurance levels.
Key terms
- Candidate Identity Verification: Candidate identity verification is the process of confirming that an applicant is the real person they claim to be before the hiring process advances. In practice, it combines evidence checks, liveness signals, and record updates so recruiters and security teams can rely on a shared, auditable identity state.
- Liveness Verification: Liveness verification checks whether a live person is present during a capture or interaction, rather than a replay, image, or synthetic representation. It is used to reduce impersonation and deepfake risk by adding a present-tense proofing signal that can be evaluated alongside document evidence.
- System Of Record: A system of record is the authoritative application that stores the official version of an identity or candidate record. For governance, it matters because downstream workflows should consume that state rather than maintain separate, inconsistent copies of verification outcomes.
What's in the full article
Incode's full post covers the operational detail this post intentionally leaves for the source:
- Workflow logic for moving from lightweight screening to full document and selfie verification.
- The exact Greenhouse record updates used to preserve verified status, ID images, and selfie evidence.
- How the hiring workflow branches on verification success or failure without manual intervention.
- The award context and submission details behind the Tines Fundamentals recognition.
👉 The full Incode post covers the workflow steps, record updates, and verification logic in detail.
Deepen your knowledge
NHI governance, agentic AI identity, and machine identity lifecycle are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are responsible for identity security strategy or NHI governance in your organisation, it is worth exploring.
Published by the NHIMG editorial team on 2025-12-08.
NHI Mgmt Group — the independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org