Subscribe to the Non-Human & AI Identity Journal

Notifications
Clear all

Workforce identity verification and deepfake fraud: are controls keeping up?


(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 12212
Topic starter  

TL;DR: Workforce identity is shifting from productivity plumbing to a frontline security control as attackers exploit impersonation, synthetic identities, and credential-based fraud, according to 1Kosmos. Static credentials and repeat proofing are losing ground to attackers who can present convincing identity signals faster than legacy processes can validate them.

NHIMG editorial — based on content published by 1Kosmos: workforce identity verification, LiveID, and the frontline security case for identity proofing

By the numbers:

  • 1 in 5 organizations have already raised concerns about deepfake-driven fraud, synthetic identities, and credential-based attacks targeting their workforce.

Questions worth separating out

Q: How should organisations secure employee onboarding against impersonation attacks?

A: Organisations should treat onboarding as a trust-establishment process, not a paperwork step.

Q: Why do password reset workflows create disproportionate identity risk?

A: Password reset workflows often bypass the strongest login protections and rely on support staff, secondary channels, or loosely governed recovery steps.

Q: What do security teams get wrong about workforce identity verification?

A: Teams often assume verification is a one-time gate at onboarding.

Practitioner guidance

  • Map high-risk workforce identity moments Identify onboarding, password reset, device recovery, and helpdesk escalation steps where impersonation would create immediate access.
  • Harden recovery paths before login paths Review whether password reset and recovery workflows are easier to abuse than primary authentication.
  • Separate convenience metrics from assurance metrics Track onboarding speed and helpdesk volume separately from identity confidence, fraud attempts blocked, and failed impersonation rates.

What's in the full article

1Kosmos's full article covers the product and workflow detail this post intentionally leaves for the source:

  • The specific LiveID recovery flow and how biometric credential recovery works across laptop, mobile, and kiosk experiences.
  • The cited customer examples behind the onboarding and reset claims, including the workflow changes they report.
  • The roadmap details on AI-driven fraud detection, deepfake resistance, and natural language querying for identity data.
  • The SDK flexibility details that show how verification workflows can be customised for different enterprise processes.

👉 Read 1Kosmos's analysis of workforce identity verification and deepfake fraud →

Workforce identity verification and deepfake fraud: are controls keeping up?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
(@mr-nhi)
Member Moderator
Joined: 2 months ago
Posts: 11787
 

Workforce identity verification has become a security control, not just an onboarding step. The article reflects a broader shift in identity governance: proofing is now part of the security perimeter because attackers are targeting the moment trust is created. That means employee onboarding, recovery, and re-verification all need to be evaluated as access decisions, not administrative tasks. Practitioners should stop treating identity verification as a pre-access formality and start treating it as a live control surface.

A few things that frame the scale:

  • 80% of identity breaches involved compromised non-human identities such as service accounts and API keys, according to Ultimate Guide to NHIs.
  • 91.6% of secrets remain valid five days after the targeted organisation is notified, showing a critical gap in remediation procedures.

A question worth separating out:

Q: How can security teams balance frictionless access with stronger identity assurance?

A: Use stronger assurance only where the risk justifies it, such as onboarding, reset, and recovery flows. Keep low-risk access paths lightweight, but make high-risk identity events harder to impersonate. The goal is to reduce support burden without lowering the confidence that a real employee is behind the request.

👉 Read our full editorial: Workforce identity verification is becoming a frontline security control



   
ReplyQuote
Share: