Smile ID, an identity verification company, has released its 2026 Digital Identity Fraud Report, “From Selfies to Signals: Identity Enters the Security Era.”
The report finds that AI has rapidly reduced the cost, while increasing the scalability and quality of deepfake fraud.
In addition, as identity becomes part of the fabric of many essential applications, fraudsters increasingly attack the online ID capture pipeline itself, manipulating devices, operating systems, and verification sessions to try and bypass verification technology.
In 2025, nearly 90% of fraud blocked by Smile ID was triggered by mobile SDK signals rather than image analysis alone.
This reflects a decisive shift away from pure visual deception toward capture integrity.
How and where an identity is verified now matters as much as the image presented. In 2025, Smile ID saw more than 100,000 injection-style fraud attempts per month linked to emulators, virtual cameras, and manipulated environments, showing a shift from visual spoofing toward systematic interference with the ID verification process.
Authentication-related fraud attempts now exceed onboarding fraud by more than five times, confirming that identity risk has moved towards authentication.
Attackers are no longer focused on breaking in; they are operating within verified accounts, targeting login flows, account recovery, device changes, and high-value transactions.
AI-enabled automations allow attackers to reuse verified biometrics, take over accounts mid-journey, and move funds across platforms at scale.
This shift has transformed digital fraud from isolated cases of document manipulation into more sophisticated attacks by criminal networks abusing the structural vulnerabilities of mobile-first digital systems.
The findings are based on anonymised data from more than 200 million identity verification checks conducted in 2025 by Smile ID, spanning 37 industries in over 35 countries.
As shared infrastructure, Smile ID identifies systemic fraud patterns that transcend individual institutions. As it identifies risk and fraud signals, its machines and analysts add signals to its dynamic defense network, creating a network defence that protects all of its clients.
By leveraging a combination of traditional algorithms, controlled capture methods, and internally tuned LLMs, Smile ID’s privacy-preserving metadata surfaced hundreds of thousands of examples of coordinated abuse that otherwise may appear legitimate in isolation.
Key findings from the 2026 Digital Identity Fraud Report also include:
- Authentication fraud attempts are now 5x more common than at onboarding
- Nearly 90% of fraud blocked by Smile ID in 2025 was triggered by mobile SDK signals, up from 68% in 2024
- Duplicate attempts those re-using stolen or fraudulent identity data, more than doubled year over year, and nearly tripled the combined prior 2023 & 2024 total.
- Deepfake-driven fraud is rising, with AI-generated biometric attacks appearing across multiple markets and industries, enabled by radically affordable tooling
- Injection attacks which bypass the camera entirely using synthetic or pre-recorded media, have been elevated to a central threat category in 2026
Mark Straub, CEO of Smile ID, said,
“Fraud is no longer a ‘KYC’ problem, it is a continuous cybersecurity challenge. AI enables fraudsters to operate at unprecedented scale and sophistication. Effective defence now requires network intelligence: By leveraging these privacy-preserving indicators throughout the customer lifecycle, we enable real-time adaptation. Identity has entered the security era, where ecosystem-wide protection is essential to safeguarding the individual.”
The Report can be found here.
