Off-platform migration is the point at which a conversation or relationship is pushed away from the controlled platform into a channel the operator cannot monitor as closely. Fraudsters often use this move to reduce scrutiny and increase leverage. It is a key escalation marker in consumer trust abuse.
Expanded Definition
Off-platform migration describes a trust-abuse pattern where a conversation, transaction, or relationship is moved from a monitored environment into a channel the operator cannot observe or govern as effectively. In consumer trust abuse, that shift is often deliberate: it reduces platform controls, weakens moderation, and creates room for impersonation, coercion, or payment fraud.
In NHI security, the same pattern appears when an agent, service, or workflow is redirected from governed tooling into unmanaged chat, email, personal devices, or unaudited automation paths. That matters because identity assurance, logging, retention, and policy enforcement typically degrade once the interaction leaves the original control plane. The concept overlaps with social engineering, but it is broader than phishing because the harm comes from control loss, not just message content. Industry usage is still evolving, and no single standard governs this yet, so practitioners should treat the term as an escalation signal rather than a formal protocol state. For related governance context, see NIST Cybersecurity Framework 2.0 and NHIMG's Ultimate Guide to NHIs.
The most common misapplication is treating any off-channel message as off-platform migration, which occurs when organisations fail to confirm that the relationship has actually moved beyond enforceable platform controls.
Examples and Use Cases
Implementing off-platform migration detection rigorously often introduces privacy and workflow friction, requiring organisations to weigh user convenience against the cost of losing policy visibility.
- A marketplace buyer is asked to continue negotiation over encrypted messaging after a disputed listing is flagged, removing the platform’s ability to review context or intervene.
- An AI agent begins a support interaction in a governed portal, then the operator is directed to a personal email thread where identity validation and audit retention are weaker.
- A fraudster requests payment updates in a direct message after initial contact in an app, a classic move that mirrors the control-loss patterns discussed in NHIMG research on the NHI market.
- A service account owner is told to share secrets in an external collaboration tool instead of a managed secrets workflow, creating an unmanaged handoff that bypasses standard controls. For identity assurance context, NIST CSF 2.0 remains a useful control reference.
- A customer support case is moved from the ticketing system to SMS after a refund dispute begins, making evidence collection and supervision materially harder.
Why It Matters in NHI Security
Off-platform migration matters because control boundaries are where NHI governance succeeds or fails. Once a conversation exits the managed environment, organisations often lose the ability to verify who is participating, preserve evidence, enforce least privilege, or detect attempts to harvest credentials and tokens. That makes the term highly relevant to agentic workflows, delegated actions, and any workflow where a human or agent can be steered into an unaudited channel. It also intersects with secret handling, because attackers frequently use trust-building outside the platform to induce disclosure.
NHIMG notes that 80% of identity breaches involved compromised non-human identities such as service accounts and API keys, and 79% of organisations have experienced secrets leaks, with 77% of those incidents causing tangible damage, according to Ultimate Guide to NHIs. Those figures show why a seemingly simple channel shift can become a major security event. When this pattern appears, governance teams should treat it as a containment issue, not just a communications preference. Organisations typically encounter the operational cost only after a dispute, fraud loss, or secrets exposure, at which point off-platform migration becomes operationally unavoidable to address.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10 and OWASP Agentic AI Top 10 address the attack and risk surface, while NIST CSF 2.0 set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| NIST CSF 2.0 | PR.AA | Off-platform migration undermines identity assurance and traceability. |
| OWASP Non-Human Identity Top 10 | NHI-02 | Channel shifts often precede secret exposure and unauthorized NHI use. |
| OWASP Agentic AI Top 10 | AGENT-03 | Agent-driven interactions can be redirected off-platform to evade oversight. |
Limit sensitive interactions to governed channels and preserve identity proofing and auditability.
Related resources from NHI Mgmt Group
- How should security teams govern AI platform access from day one?
- When does a cloud identity platform create more governance risk than it reduces?
- Should organisations consolidate secret management and privileged access into one platform?
- How should security teams decide between native ERP controls and a separate governance platform?
Deepen Your Knowledge
Reviewed and updated by the NHIMG editorial team on June 10, 2026.
NHI Mgmt Group — the #1 independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org
