Subscribe to the Non-Human & AI Identity Journal

Notifications
Clear all

AI fraud and continuous identity checks: what changes for IAM teams


(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 12212
Topic starter  

TL;DR: AI-enhanced fraud is now 4.5 times more profitable than traditional methods, with INTERPOL citing 651 arrests and more than $45 million in losses across 16 African nations in early 2026, according to Smile ID’s analysis. The identity control problem is shifting from one-time KYC gates to continuous proof of personhood at transaction time, where static verification no longer matches machine-scale deception.

NHIMG editorial — based on content published by Smile ID: AI-driven fraud, continuous identity verification, and the post-AI economy

By the numbers:

Questions worth separating out

Q: How should security teams govern non-employee identities across onboarding and offboarding?

A: Security teams should treat non-employee access as a lifecycle process with named ownership, approved scope, and a clear end state.

Q: Why do AI-driven fraud attacks bypass traditional KYC controls?

A: Traditional KYC controls are designed to verify a person once, not to prove that the same person is still present later.

Q: What do identity teams get wrong about biometrics and phishing resistance?

A: They often assume stronger authentication alone solves identity risk.

Practitioner guidance

  • Move from onboarding-only assurance to transaction-time verification Rework customer identity flows so that high-risk actions such as fund transfers, profile changes, and account recovery trigger fresh assurance checks.
  • Layer biometrics with device and behaviour telemetry Use liveness detection, device intelligence, velocity checks, and anomaly scoring together rather than as isolated controls.

What's in the full article

Smile ID's full article covers the operational detail this post intentionally leaves for the source:

  • The specific biometrics and fraud-signal methods used to authenticate identity at transaction time.
  • The Philippines policy shift away from SMS OTPs and what it means for digital identity design.
  • The company’s field observations from Africa and Asia on how AI fraud is changing customer trust decisions.
  • The operational distinction between KYC onboarding and continuous authentication in mobile financial services.

👉 Read Smile ID's analysis of AI-driven fraud and continuous identity verification →

AI fraud and continuous identity checks: what changes for IAM teams?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
(@mr-nhi)
Member Moderator
Joined: 2 months ago
Posts: 11787
 

Continuous proof of personhood is becoming the real identity control. The article is right to separate KYC from continuous authentication, because AI fraud breaks the assumption that a checked identity remains trustworthy throughout the session. In practice, the control gap is not missing onboarding checks but the absence of runtime assurance at the moment value moves. Practitioners should treat post-enrolment identity as a separate trust decision, not a continuation of the original one.

A few things that frame the scale:

  • 96% of organisations store secrets outside of secrets managers in vulnerable locations including code, config files, and CI/CD tools, according to Ultimate Guide to NHIs.
  • 90% of IT leaders say properly managing NHIs is essential for a successful zero-trust implementation, according to Ultimate Guide to NHIs.

A question worth separating out:

Q: Who is accountable when AI-driven fraud bypasses identity controls?

A: Accountability usually sits across IAM, fraud operations, and product security, because the failure spans authentication, session trust, and abuse response. If the organisation cannot explain why an automated actor was treated as trustworthy, the gap is governance, not just detection. That is the level leaders should review.

👉 Read our full editorial: AI-driven fraud is redefining identity verification in emerging markets



   
ReplyQuote
Share: