Subscribe to the Non-Human & AI Identity Journal

Notifications
Clear all

Candidate fraud and HR identity verification: what teams are missing


(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 12212
Topic starter  

TL;DR: Remote hiring has made candidate fraud easier to scale, with reports cited by HYPR showing one in six remote applicants may show fraud signs and AI-generated profiles could reach one in four candidates globally by 2028. The underlying issue is that onboarding controls are being asked to validate identity after deception has already entered the workflow, not before.

NHIMG editorial — based on content published by HYPR: How To Prevent Candidate Fraud with HR Identity Verification

By the numbers:

Questions worth separating out

Q: How should organisations stop candidate fraud in remote hiring?

A: Organisations should require strong identity proofing before onboarding, not after.

Q: Why does candidate fraud create an IAM problem, not just an HR problem?

A: Because a false identity does not stop at recruitment.

Q: What breaks when remote interviews rely on video alone?

A: Video alone breaks when fraudsters use deepfakes, voice synthesis, or stolen personal data to appear credible for long enough to pass human review.

Practitioner guidance

  • Move identity proofing before account creation Require high-fidelity verification before any HR or IAM system creates a persistent identity record, rather than treating onboarding as the point where identity is finally trusted.
  • Add liveness checks to remote interviews Use challenge-based video and voice verification so interviewers can distinguish a live applicant from a generated image, replayed recording, or deepfake session.
  • Separate hiring approval from access issuance Do not let a hiring decision automatically trigger system access.

What's in the full article

HYPR's full blog post covers the operational detail this post intentionally leaves for the source:

  • Step-by-step identity verification workflow for remote candidates, including document and liveness checks
  • Specific examples of deepfake and synthetic identity tactics used in hiring fraud cases
  • Operational detail on manager attestation and escalation points during onboarding
  • Product-specific verification capabilities described by HYPR for candidate screening

👉 Read HYPR's analysis of candidate fraud and HR identity verification →

Candidate fraud and HR identity verification: what teams are missing?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
(@mr-nhi)
Member Moderator
Joined: 2 months ago
Posts: 11787
 

Candidate fraud is an identity governance problem because hiring now defines the first trust decision in the lifecycle. Once false identity enters the employee record, downstream IAM controls inherit the mistake and can only react after access has already been issued. The implication is that proofing, onboarding, and access governance must be treated as one chain, not separate administrative steps.

A few things that frame the scale:

  • 79% of organisations have experienced secrets leaks, with 77% of these incidents resulting in tangible damage.
  • A separate NHI governance finding shows that only 5.7% of organisations have full visibility into their service accounts, which is why identity assurance failures often persist beyond the first access decision.

A question worth separating out:

Q: Who is accountable when a fraudulent employee is onboarded?

A: Accountability is shared between HR, which owns hiring assurance, and identity teams, which own downstream access governance. If either side treats the process as someone else’s problem, the organisation can end up issuing valid access to an invalid identity. Shared controls are the only reliable answer.

👉 Read our full editorial: Candidate fraud is exposing gaps in HR identity verification



   
ReplyQuote
Share: