Notifications
Clear all
Topic starter
10/06/2026 10:40 pm
TL;DR: Overall fraud volume fell 50% while sophisticated attacks nearly tripled and now combine synthetic identities, deepfakes, and telemetry tampering to defeat verification systems, according to SumSub’s annual Identity Fraud Report based on over 4 million fraud attempts globally. Fraud controls built for static checks are losing ground to coordinated operations that adapt in real time.
NHIMG editorial — based on content published by SumSub: an episode discussing findings from its annual Identity Fraud Report on AI-powered fraud and verification bypass
By the numbers:
- Overall fraud attempts have dropped by 50% year over year.
- ID cards account for 72% of fraudulent documents in the report’s findings.
Questions worth separating out
Q: How should security teams respond when synthetic identities pass verification checks?
A: They should treat the pass event as the start of a governance review, not proof of legitimacy.
Q: Why do deepfakes and liveness bypasses create such high fraud risk?
A: Because they undermine the evidence used to establish that a real person is present.
Q: What do identity teams get wrong about telemetry-based fraud detection?
A: They often assume telemetry is neutral input rather than a target.
Practitioner guidance
- Map the fraud kill chain end to end Trace how synthetic identity creation, liveness bypass, telemetry shaping, and downstream reuse connect across onboarding, recovery, and payments.
- Harden the integrity of verification telemetry Validate the provenance of device, session, and behavioural signals before they reach risk scoring.
- Separate document trust from identity trust Do not let a single successful document check or biometric pass create broad downstream trust.
What's in the full article
SumSub's full analysis covers the operational detail this post intentionally leaves for the source:
- Breakdowns of the most common fraud vectors by sector and geography for teams building detection roadmaps.
- Examples of how deepfakes, synthetic identities, and telemetry tampering are combined in real-world fraud chains.
- Discussion of the report methodology behind the 4 million fraud attempts analysed, useful for evaluating evidence quality.
- Practical examples of how fraud teams can tune defences against sophisticated, multi-step attacks.
👉 Read SumSub's annual identity fraud report on AI-powered fraud tactics →
AI fraud tactics and deepfakes: what identity teams need to know?
Explore further
11/06/2026 2:47 am
Professional fraud has become a systems problem, not a single-check problem. The report’s strongest signal is that attackers are no longer trying one weak point at a time. They combine synthetic identities, deepfakes, and telemetry manipulation to move across the verification stack as a coordinated chain. That means identity teams should stop thinking in terms of isolated control wins and start thinking in terms of attack-path resilience.
A few things that frame the scale:
- 91.6% of secrets remain valid five days after the targeted organisation is notified, showing a critical gap in remediation procedures, according to Ultimate Guide to NHIs.
- 96% of organisations store secrets outside of secrets managers in vulnerable locations including code, config files, and CI/CD tools, according to Ultimate Guide to NHIs.
A question worth separating out:
Q: How can organisations reduce fraud without creating excessive user friction?
A: By moving from single-check trust to layered evidence and risk-based escalation. Low-risk journeys can stay fast, but higher-risk actions should require stronger proof, additional context, or step-up review. That reduces blanket friction while making the most valuable trust decisions harder to fake.
👉 Read our full editorial: AI-powered fraud is outpacing identity verification controls
