TL;DR: Dating platforms recorded a 6.3% identity fraud rate in 2025, the joint highest across industries tracked in Sumsub’s Identity Fraud Report 2025-2026, while 84% of UK users said deepfakes make trust harder and 61% reported deception by fake profiles or someone close to them. Trust signals built for human moderation are no longer enough when synthetic personas can scale faster than review cycles.
At a glance
What this is: This is a partnership announcement tied to a broader fraud problem, showing how dating platforms are becoming a high-risk identity fraud surface for deepfakes and synthetic personas.
Why it matters: It matters because dating platforms combine human identity, fraud operations, and trust decisions in one workflow, making this a useful warning for IAM teams thinking about verification, lifecycle checks, and abuse detection across user-facing systems.
By the numbers:
- The dating sector recorded an identity fraud rate of 6.3% in 2025, joint highest of any industry tracked in Sumsub's Identity Fraud Report 2025-2026.
- Sumsub's survey of 2,000 UK dating app users found 84% believe deepfake content has made it harder to trust people they meet online.
- Nearly two in three users, or 61%, have been deceived by a fake profile or knew a family member or friend who had.
- Romance scams cost UK victims more than £100m last year.
👉 Read Sumsub's analysis of dating app fraud, deepfakes, and trust risk
Context
Dating app fraud is no longer a narrow consumer-trust problem. It is an identity assurance problem, because the attacker’s real objective is to establish a believable digital persona long enough to move the victim off-platform and into a financial request or other harmful exchange. That makes the control surface broader than account creation alone.
For IAM and fraud teams, the lesson is that identity proofing, behavioural signals, device intelligence, and abuse response need to work together. When AI-generated images and video can be used to create convincing synthetic personas, platforms have to treat identity confidence as a lifecycle issue, not a one-time signup check. The same governance logic applies to any user population where trust is the product.
The industry starting point is not atypical. Consumer platforms tend to optimise for low-friction onboarding, which is exactly where fraudsters look for weak verification and inconsistent review thresholds. This is why dating apps have become an early warning signal for broader identity governance gaps.
Key questions
Q: How should dating platforms reduce fraud without making signup unusable?
A: Use risk-based verification instead of a single hard gate. Keep low-friction onboarding for low-risk users, then apply step-up checks when accounts show suspicious signals such as rapid messaging, repeated profile changes, device inconsistency, or attempts to move conversations off-platform. The goal is to separate access to the platform from access to trust.
Q: Why do deepfakes change identity risk on consumer platforms?
A: Deepfakes change the risk because they let an attacker create believable identity evidence at scale. A platform can no longer assume a profile photo, video call, or polished conversation is enough to establish trust. That forces identity teams to combine media analysis, behavioural signals, and escalation workflows rather than relying on one proof point.
Q: What do teams get wrong about fake profile detection?
A: They often focus on removing bad accounts after reports arrive, instead of measuring how trust was built in the first place. Fraud prevention has to look at early intent signals, not just obvious policy violations. If the platform only reacts after harm, it is already operating behind the attacker’s timeline.
Q: How can organisations tell whether their trust controls are working?
A: Look for lower fraud conversion rates, fewer successful off-platform migrations, and shorter time-to-review for suspicious accounts. If fake profiles still progress from signup to meaningful engagement, the control set is too shallow. Effective trust control reduces attacker dwell time before the first financial request or impersonation attempt.
Background and context
How deepfake-enabled social engineering works on dating platforms
Deepfakes and synthetic personas work because they compress the time needed to create trust. Instead of relying on a single credential or a static profile photo, the fraud chain combines realistic images, repeated conversation, and platform migration to establish credibility. Once the victim is moved off-platform, the attacker can introduce payment requests, romance scam narratives, or impersonation attempts. The technical challenge is not just detecting fake media, but linking account behaviour, content patterns, and transaction intent across the session.
Practical implication: combine media verification with behavioural and transaction-layer controls, not profile checks alone.
Identity proofing versus ongoing trust verification
Identity proofing answers whether an account looks real at signup. Ongoing trust verification asks whether the account still behaves like the same legitimate user over time. That distinction matters on dating platforms because a genuine account can become compromised, while a fraudulent account can also age into trust through normal-looking interactions. Continuous monitoring must therefore track velocity, conversation shift, device changes, and off-platform migration cues rather than treating registration as the end of the control.
Practical implication: design controls that re-evaluate trust after onboarding, especially when users begin moving conversations off-platform.
Why synthetic personas are an identity governance problem
Synthetic personas turn fraud into a governance problem because the platform is not only screening for bad content, it is deciding which identities deserve trust, access, and visibility. That is a classic identity control question even if the subject is a consumer account. The more AI tools lower the cost of producing believable profiles, the more platforms need risk-based verification, escalation paths, and abuse case management that can adapt to new impersonation patterns.
Practical implication: treat synthetic identity abuse as a governed risk domain with documented review and escalation criteria.
NHI Mgmt Group analysis
Dating app fraud is an identity governance failure, not just a content moderation problem. The attacker’s goal is to establish a trusted persona, move the conversation off-platform, and convert that trust into financial harm. That means the control failure sits at the intersection of identity proofing, behavioural assurance, and abuse response, not at the level of profile review alone. Practitioners should read this as a warning that trust signals must be governed across the full user journey.
Synthetic personas create a trust-amplification loop that traditional onboarding controls do not break. Once AI-generated images, video, and scripted dialogue make a profile look authentic, every additional interaction can strengthen belief rather than weaken it. That is why platforms built around lightweight signup checks are especially exposed. The practitioner lesson is that assurance has to be re-evaluated after registration, not only before account creation.
Trust-at-signup is the named failure mode this sector now exposes. It was designed for a world where identity evidence changed slowly enough to review manually. That assumption fails when fraudsters can manufacture believable personas quickly and repeatedly with AI tools. The implication is that platforms must rethink where trust is established in the lifecycle, because the old boundary is too early to be meaningful.
Dating platform fraud now links consumer identity, financial crime, and AI-generated deception in one chain. That cross-domain behaviour is why this topic matters beyond the sector itself. The same pattern will appear wherever a platform monetises trust and allows direct user-to-user interaction. Practitioners should treat dating as an early indicator of how synthetic identity abuse will spread into other consumer and community environments.
Association-led guidance is useful here only if it translates into measurable operational controls. Industry education alone will not reduce deception if platforms cannot measure profile authenticity, off-platform migration, and fraud escalation rates. The field needs clearer governance thresholds for when an account shifts from ordinary user to suspected synthetic persona. Practitioners should expect assurance models to become more risk-scored and less binary.
From our research:
- 80% of identity breaches involved compromised non-human identities such as service accounts and API keys, according to Ultimate Guide to NHIs.
- Only 5.7% of organisations have full visibility into their service accounts, which shows how quickly identity blind spots become operational risk.
- For the lifecycle angle, see NHI Lifecycle Management Guide, which covers provisioning, rotation, visibility, and offboarding across non-human identities.
What this signals
Trust-scoring will become a core control in consumer identity programmes. Platforms that treat signup as the main checkpoint will keep losing ground to synthetic personas, because the attack is now iterative rather than one-time. The governance shift is toward continuous re-evaluation of trust signals, especially when users are allowed to escalate relationships quickly or move off-platform.
Synthetic identity abuse is an early signal of broader assurance pressure. The same logic that enables fake profiles on dating platforms will appear in any environment where social trust, rapid onboarding, and external contact channels overlap. For security teams, the useful response is to define escalation criteria before abuse scales, not after it becomes visible in complaints or chargebacks. See the NIST SP 800-207 Zero Trust Architecture model for continuous verification principles that map well to this problem space.
For practitioners
- Reassess onboarding as a trust gate Separate basic registration from higher-trust actions such as messaging volume increases, link sharing, or off-platform contact. Apply stepped-up verification when behaviour indicates a move from casual use to scam-like interaction patterns.
- Add synthetic persona detection signals Use device reputation, image reuse, conversation repetition, and behavioural anomalies to flag accounts that look human at signup but operate like fraud infrastructure.
- Build off-platform migration controls Treat requests to leave the platform as a risk event. Escalate accounts that rapidly push users into external chat apps, payment links, or personal contact channels.
Key takeaways
- Dating apps are now high-pressure identity environments where fraud, deepfakes, and trust engineering converge.
- The available evidence points to a material problem, with 6.3% identity fraud in the sector, 84% of users reporting reduced trust, and more than £100m in UK romance scam losses.
- Practitioners should move from signup-only checks to continuous trust verification, especially where users can migrate conversations off-platform.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
NIST SP 800-63, NIST Zero Trust (SP 800-207) and NIST CSF 2.0 set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| NIST SP 800-63 | Identity proofing and trust assurance are central to dating platform verification. | |
| NIST Zero Trust (SP 800-207) | PR.AC-4 | Continuous verification maps to off-platform trust decisions and ongoing access review. |
| NIST CSF 2.0 | PR.AA-01 | Authentication and identity assurance need to extend beyond initial account creation. |
Use risk-based identity proofing and step-up checks when account behaviour changes after signup.
Key terms
- Synthetic Persona: A synthetic persona is a fabricated identity designed to look credible to a real person or system. In fraud settings, it combines profile data, images, dialogue, and behaviour to build trust. The risk is not just false registration, but the ability to sustain deception long enough to trigger real-world harm.
- Identity Proofing: Identity proofing is the process of checking whether an identity claim is believable enough to allow access or participation. In consumer platforms, it usually happens at signup, but that is only the first layer. Effective proofing has to be paired with ongoing trust checks when the account begins to behave differently.
- Trust Verification: Trust verification is the ongoing re-check of whether an account still appears legitimate as it interacts, escalates, and moves across channels. It differs from initial verification because it is behavioural and contextual. On dating platforms, it helps detect accounts that start real and become risky, or start fake and become persuasive.
- Off-Platform Migration: Off-platform migration is the point at which a conversation or relationship is pushed away from the controlled platform into a channel the operator cannot monitor as closely. Fraudsters often use this move to reduce scrutiny and increase leverage. It is a key escalation marker in consumer trust abuse.
Deepen your knowledge
Dating app fraud, deepfakes, and trust scoring are covered in our NHI Foundation Level course, the industry's only accredited NHI security programme. If your programme needs to handle identity assurance beyond onboarding, it is worth exploring.
This post draws on content published by Sumsub: users wary of finding love online with over 6% of all identity fraud in 2025 taking place on dating apps. Read the original.
Published by the NHIMG editorial team on 2026-06-08.
NHI Mgmt Group — the independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org
