In 2022, a North Korean operative applied for a software engineering role at a Fortune 500 company. Immaculate CV. Good interviews. Clean background check. Offer extended. The person who showed up was not the person who interviewed. The U.S. Department of Justice has documented coordinated campaigns where North Korean IT workers infiltrated over 300 American companies using fabricated identities and deepfake video.
This is no longer a nation-state problem. Deepfake video that convincingly swaps a face during a live video call is now accessible to anyone. Gartner predicts that by 2028, one in four candidate profiles worldwide could be fake.
Workforce identity proofing applies the same customer-grade verification that financial services has used for years — document checks, liveness detection, biometric matching — to hiring and onboarding. It’s one component of a modern identity proofing stack, and understanding the broader architecture will help you see where these hiring-stage controls fit in.
Why is a background check no longer sufficient for remote hiring?
Background checks verify claims about identity, not physical identity itself. They confirm a name matches a credential, a reference answers a call, a record comes back clean. None of that confirms the physical person on camera is who those records describe.
Synthetic identities — combinations of real and fabricated data — can pass every claim-based verification step. A legitimate degree obtained by a different person. A fabricated employment history. A clean record attached to a persona that doesn’t correspond to the person doing the work.
In a remote-first environment, that gap is the one background checks cannot close. The in-person meeting that previously served as an implicit identity check no longer exists. Financial losses from employment scams increased from $90 million in 2020 to more than $501 million in 2024. Workforce hiring is facing the same reckoning that financial services faced a decade ago with KYC.
Background checks verify claims. Identity proofing verifies presence. Workforce identity proofing closes the gap.
How does deepfake interview fraud actually work?
Deepfake interview fraud uses AI-generated video to impersonate a different person during a live remote interview. Virtual camera software intercepts the webcam feed and replaces it with a real-time deepfake stream — the fraudster speaks and responds naturally while presenting a different face. Human detection is unreliable: studies show people identify AI-generated content correctly about 50% of the time. No better than a coin flip.
Proxy fraud is a simpler variant that doesn’t need deepfakes at all — a different person just sits the interview. Pindrop found that 6-8% of candidates advancing to second-round technical interviews are engaged in some form of proxy fraud.
Things to watch for in remote interviews:
- Lighting inconsistencies — the face appears lit differently from the background
- Microphone-video sync gaps — audio latency relative to lip movement
- Virtual camera in the source list — a virtual camera rather than a physical webcam is a meaningful signal
- Unnatural eye movement and blinking — deepfake models struggle with natural eye behaviour
- Edge artefacts — imprecise rendering around the jawline or hairline
Add controlled unpredictability: ask candidates to adjust their camera, show their environment, or read a randomly generated sentence aloud. Deepfake systems struggle with spontaneous physical prompts.
Detection alone is not a reliable defence, though. The more reliable solution is identity proofing — which confirms physical identity rather than trying to identify synthetic media.
What is the Know Your Actor concept and why does it matter for workforce security?
Know Your Actor (KYA) is a 2026 framework coined by Microblink that extends identity verification beyond the onboarding event. Where traditional verification is a one-time check at the point of hire, KYA establishes ongoing confirmation that the verified individual is actually the person behind each privileged action.
The KYC analogy is direct: banks verify a customer at account opening and continuously monitor for suspicious activity. KYA applies that same thinking to your workforce. A verified employee could hand off credentials. A contractor could substitute a different person after initial engagement. Most companies treat onboarding verification as a point-in-time event and never revisit it. KYA challenges that.
If you come from a developer background, this maps directly to Zero Trust. Never trust, always verify — applied to people rather than network requests. That shifts workforce identity from an HR administrative task to a security architecture concern.
For the full picture, see our continuous identity verification across the employee lifecycle guide.
What does IAL2-level identity proofing look like in a hiring workflow?
IAL2 (Identity Assurance Level 2, defined in NIST SP 800-63A) requires three things for remote identity verification:
- Document verification — the government-issued ID is authentic, unexpired, and untampered with
- Liveness detection — a real human is present in real time, not a photograph, pre-recorded video, or deepfake stream
- Biometric matching — the live face matches the photo on the verified document
IAL1, by contrast, permits self-asserted identity — no verification of physical identity occurs. For low-risk roles, IAL1 with supplementary screening may be adequate. For roles with production access, financial authority, or customer data handling, IAL2 is the right standard.
IAL2 is triggered at the conditional offer stage. The sequence: conditional offer → candidate completes verification via the vendor platform (such as HYPR Affirm) → scans government ID → platform validates document authenticity → live selfie or video capture → liveness detection and biometric matching → pass/fail result returned to your ATS.
You don’t need to build any of this. You use a service provider — HYPR Affirm, Proof.com, 1Kosmos, or equivalent — that integrates into your existing ATS workflow. The identity signals used in workforce proofing are covered in our signal architecture guide, and the full architecture guide covers the complete identity proofing stack.
How do you tier verification requirements across your workforce?
Not every role requires IAL2. Applying maximum verification to every hire creates unnecessary cost and friction. The answer is role-based tiering. The decision attaches to the role, not the candidate — ensuring consistency and avoiding any perception of selective application.
High-privilege roles — IAL2 required. Engineers with production access, finance team members with payment authority, anyone with direct access to customer PII, executives with administrative privileges. Full document verification, liveness detection, and biometric matching at the conditional offer stage.
Standard roles — enhanced IAL1. Operations, marketing, support staff without direct system access. Digital footprint analysis plus a basic document check. The risk profile doesn’t justify the full IAL2 cost.
Contractor and temporary roles — assess by access level. Employment classification is irrelevant. A contractor with production access requires IAL2. A temporary marketing hire may not.
Start by identifying the 10-20% of roles that genuinely require IAL2. Once the workflow is established, extending it to additional categories is a configuration change, not a rebuild.
For more on connecting HR identity with IT identity architecture, the cross-system integration guide covers this boundary in depth.
What role does digital footprint analysis play before the formal proofing step?
Digital footprint analysis is a lightweight pre-interview screening technique that catches obvious synthetic identities early — before your team has invested interview time or the cost of a full IAL2 sequence.
What to look at:
- Email address age — recently created addresses are a meaningful flag
- Phone number type — VoIP numbers as a primary contact are disproportionately associated with fraud
- LinkedIn and social media consistency — a profile created three months ago with 500+ connections and a perfect work history is a synthetic profile pattern
- Portfolio corroboration — GitHub histories are harder to fabricate than a CV
- Resume polish — AI-generated resumes are often perfectly written and perfectly aligned to the job description. Treat that as a signal to validate, not a reason to trust
This doesn’t replace formal identity proofing — it filters the candidate pool so the cost of full IAL2 isn’t incurred for applicants who would fail basic consistency checks. A recruiter with a checklist can cover this in 15-20 minutes at the shortlist stage. For vendor options, see our workforce identity proofing vendors comparison.
How do you add identity proofing to hiring without creating friction for good candidates?
This is the concern HR leaders raise every time workforce identity proofing is proposed. The evidence from companies that have implemented it: friction is largely a function of timing and framing, not the verification step itself.
Timing. Trigger at the conditional offer stage. The candidate has decided they want the role. You’ve decided you want them. Verification is a final mutual step, not a gatekeeping mechanism.
Framing. “We verify everyone at this level because we take security seriously — this protects you as much as it protects us” lands very differently from “we need to confirm you are who you say you are.” The first is a procedural standard. The second feels accusatory. Companies that have normalised this report that framing it as standard practice removes resistance almost entirely.
Speed. Modern platforms complete document verification, liveness, and biometric matching in under five minutes on a mobile device. Candidates have done this for their banking apps.
Transparency on biometric data. Select a vendor that operates on a data minimisation model. Explain that biometric data is processed in real time and not retained — candidates who understand this are much less concerned about providing it.
Implementation requires joint ownership. You own the architecture decisions — which roles require what level, what vendor to use, how it integrates with IT systems. HR owns the candidate experience, communication, legal compliance, and recruiter training. Neither owns this alone.
FAQ
Is deepfake detection software reliable enough to use in hiring decisions?
Not as the sole mechanism. NIST evaluations show detection varies significantly by deepfake type and conditions. The recommended approach is layered: combine interviewer detection signals with formal identity proofing. Liveness detection is more reliable because it confirms real human presence rather than trying to identify synthetic media. It sidesteps the detection arms race entirely.
Does IAL2 mean we have to collect and store biometric data permanently?
No. IAL2 defines the assurance level of verification, not data retention policy. Many vendors operate on a data minimisation model: the biometric comparison runs in real time, a result is returned, and the data is deleted. Select a vendor whose practices align with your privacy obligations.
What is the difference between IAL1 and IAL2 for hiring?
IAL1 permits self-asserted identity — credentials provided, no physical verification. IAL2 requires document verification, liveness detection, and biometric matching. For high-privilege roles, IAL2 is the appropriate standard. For lower-risk roles, IAL1 with digital footprint analysis is typically sufficient.
How much does workforce identity proofing cost for a small company?
Identity verification vendors typically charge per verification. For a business hiring 50-100 people per year with role-based tiering, the tooling cost is modest relative to the cost of a compromised hire. The greater effort is internal process change: updating ATS workflows, training recruiters, and establishing candidate communication protocols.
Can a candidate refuse identity proofing and still be hired?
That’s a policy decision for your organisation. If identity proofing is documented as a condition of employment for high-privilege roles, a candidate who refuses is declining a condition of the offer. Apply the same requirements across the role category. Selective application creates discrimination exposure.
What happens if identity proofing reveals a mismatch?
A mismatch should trigger an escalation process, not an automatic rejection. Legitimate candidates can fail verification due to poor lighting, an expired document, or system errors. Allow a second attempt, and if the mismatch persists, a human review before disqualification. Document the process and communicate it to recruiters before you go live.
How do I integrate identity verification with our existing ATS?
Most vendors offer no-code or low-code integrations with major ATS platforms. HYPR Affirm provides connectors for Greenhouse and Lever. The ATS sends a verification request at the offer stage, the candidate completes it on their mobile device, and the result comes back as a pass/fail status on the candidate record. No custom development required.
Do we need identity proofing for contractors and freelancers too?
Access determines the requirement, not employment type. A contractor with production system access presents the same identity risk as a full-time employee in the same role. Apply your tiering model to all workforce members based on access level, not employment classification.
Is workforce identity proofing legally required?
For most SMBs, no — workforce identity proofing beyond right-to-work verification is not currently a legal requirement. The stronger driver is risk management: the cost of a compromised hire significantly exceeds the cost of verification.
What is the CTO’s role versus HR’s role in workforce identity proofing?
The CTO owns the security architecture decisions: which roles require what verification level, what vendor to use, how it integrates with IT systems. HR owns the candidate experience, communication, legal compliance, and recruiter training. Implementation works when both co-own the policy.
Can existing employees be retroactively verified?
Yes, but with careful change management. Frame it as a security posture improvement that applies to everyone, provide a reasonable timeline, and route it through normal HR channels rather than as a security-team mandate. The framing matters as much as the timing.
Workforce identity proofing is one piece of a larger security architecture. For a complete view of how hiring-stage controls fit alongside customer proofing, continuous verification, and identity governance, see the modern identity proofing stack.
