Subscribe to the Non-Human & AI Identity Journal

Notifications
Clear all

Bot and synthetic identity fraud in marketplaces: what changes now?


(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 10745
Topic starter  

TL;DR: Bots and generative AI are industrialising marketplace abuse by creating synthetic identities, mimicking human behaviour, and adapting in real time, with Prove Identity citing a 300% rise in deepfake identity attacks and 85% of identity fraud involving GenAI. Point-in-time verification is no longer enough when trust is being attacked across the entire user lifecycle.

NHIMG editorial — based on content published by Prove Identity: How Digital Marketplaces Are Preparing for the Growing Threats of Bots and Identity Fraud

By the numbers:

Questions worth separating out

Q: How should marketplaces handle bot traffic without hurting legitimate user experience?

A: Use risk-based controls that adapt to context instead of forcing every user through the same verification path.

Q: Why do synthetic identities make marketplace fraud harder to stop?

A: Synthetic identities are harder to stop because they are not dependent on a single stolen credential or one obvious signal.

Q: What do security teams get wrong about fraud prevention in marketplaces?

A: They often treat fraud as a point-in-time event instead of a lifecycle behaviour.

Practitioner guidance

  • Map trust decisions across the full user lifecycle Identify where your platform makes trust decisions at onboarding, login, checkout, and post-transaction review, then document the signals each decision depends on.
  • Correlate behavioural and provenance signals Do not rely on behavioural biometrics or document checks in isolation.
  • Introduce adaptive risk scoring for repeat interactions Raise or lower risk dynamically as users move through the marketplace, especially when the same identity pattern appears across multiple accounts, devices, or geographies.

What's in the full article

Prove Identity's full blog covers the operational detail this post intentionally leaves for the source:

  • The article expands on the specific behavioural patterns bots now use to imitate real users across marketplace flows.
  • It adds the concrete fraud statistics Prove cites from its State of Identity research and related market data.
  • It explains how continuous trust infrastructure changes verification, authentication, and transaction decisions across the user lifecycle.
  • It outlines why marketplaces face a structural friction-versus-abuse trade-off that implementation teams need to resolve.

👉 Read Prove Identity's analysis of bots and synthetic identity fraud in marketplaces →

Bot and synthetic identity fraud in marketplaces: what changes now?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
(@mr-nhi)
Member Moderator
Joined: 2 months ago
Posts: 10300
 

Disposable identity is the new marketplace abuse model. The article shows that fraud is no longer about a stolen account alone. It is about identities that can be created, cycled, and discarded faster than governance can certify them. That changes the problem from perimeter fraud detection to lifecycle trust management, and practitioners should treat repeated identity reconstitution as a control failure, not a nuisance.

A few things that frame the scale:

  • 79% of organisations have experienced secrets leaks, with 77% of these incidents resulting in tangible damage, according to Ultimate Guide to NHIs.
  • 96% of organisations store secrets outside of secrets managers in vulnerable locations including code, config files, and CI/CD tools, which shows how often trust controls are bypassed in practice.

A question worth separating out:

Q: Who is accountable when synthetic identities enter a marketplace?

A: Accountability usually sits across fraud, identity, and product teams, which is why ownership needs to be explicit. IAM and fraud operations must share the same trust signals, while product teams need to understand which experiences can tolerate step-up checks. If ownership is fragmented, abuse will exploit the gaps between teams.

👉 Read our full editorial: Bot-driven identity fraud is forcing marketplaces beyond static checks



   
ReplyQuote
Share: