Notifications
Clear all
Topic starter
10/06/2026 10:35 pm
TL;DR: Marketplace platforms are adding identity verification, behavioral analytics, transaction monitoring, and real-time risk scoring to reduce fraud while improving onboarding and dispute handling, according to Sumsub. The shift shows that trust and safety for marketplaces now depends on identity governance, not just fraud tooling.
NHIMG editorial — what this means for NHI practitioners
Questions worth separating out
Q: How should marketplaces balance fast onboarding with fraud prevention?
A: Marketplaces should use tiered identity verification, risk-based step-up checks, and continuous transaction monitoring instead of a single fixed onboarding path.
Q: Why do marketplaces need ongoing identity checks after sign-up?
A: Because fraud often appears after initial verification.
Q: What do security teams get wrong about marketplace fraud controls?
A: They often treat fraud prevention as a separate function from identity governance.
Practitioner guidance
- Define participant-specific verification paths Separate onboarding rules for buyers, sellers, merchants, and independent professionals so verification depth matches the trust required for each role.
- Link onboarding to runtime monitoring Connect initial verification results to behavioural analytics and transaction monitoring so changes in device, payment pattern, or counterparties can trigger re-review or transaction holds.
- Build escalation rules for fraud and compliance review Document when suspicious activity, chargeback patterns, or abnormal payments should move from automated scoring to manual investigation, including ownership for exceptions and evidence retention.
What's in the full announcement
Sumsub's full article covers the operational detail this post intentionally leaves for the source:
- The specific marketplace verification and risk flows the vendor says can be customised for buyers, sellers, merchants, and independent professionals.
- The transaction-monitoring and device-intelligence combinations used to spot scams, abnormal payments, and risky counterparties.
- The anti-abuse coverage for promotion, loyalty, and referral fraud that implementation teams need to tune.
- The vendor's framing of how continuous risk assessment is intended to reduce manual review without slowing onboarding.
👉 Read Sumsub's analysis of marketplace trust, fraud prevention, and onboarding →
Marketplace trust controls: what IAM teams need to know?
Explore further
11/06/2026 2:41 am
Marketplace identity governance is becoming a lifecycle discipline, not a point-in-time verification problem. The article's core message is that onboarding, transaction monitoring, and fraud controls are converging into one trust layer. That is consistent with OWASP-NHI and ZT-NIST-207 thinking: identity state must be continuously evaluated, not assumed stable after registration. Practitioners should treat marketplace participants as governed identities whose risk changes during the relationship.
A few things that frame the scale:
- Organisations maintain an average of 6 distinct secrets manager instances, creating fragmentation that undermines centralised control, according to The State of Secrets in AppSec.
- Only 44% of developers are reported to follow security best practices for secrets management, according to The State of Secrets in AppSec.
A question worth separating out:
Q: How can organisations reduce manual review without losing control?
A: By using dynamic risk scoring to route only ambiguous or high-risk cases into manual review. Routine low-risk activity can stay automated, but the policy must define clear thresholds, escalation paths, and evidence retention so automation improves speed without removing accountability from fraud and compliance teams.
👉 Read our full editorial: Marketplace identity controls for fraud, onboarding, and compliance
