Identity must be continuous, says Prove State of Identity Report 2026

Are you still you? It’s not a philosophical question or an episode of The Twilight Zone, but a key question for identity. IDV platform provider Prove believes the core question for organizations needs to evolve. It’s not just “who are you?” but “are you still you, right now?”

Prove’s State of Identity Report 2026 examines how identity systems should shift and adapt. The prior assumption — that once a user passes verification they could be trusted going forward — no longer holds, Prove argues.

Prove claims the static, point-in-time model is outdated. “Modern identity failures are not caused by a lack of verification, but by how trust is granted and maintained over time,” Prove’s blog post explains, highlighting a main finding from its report.

The analysis looks at five core “truths.” This ranges from deepfakes “breaking” visual verification to the AI industrialization of fraud, the way legacy authentication fails at protecting modern users; the development of stablecoins and other fast-finance ecosystems requiring evolution in identity assessment, and how every customer moment has become a fraud surface.

Prove identifies a single imperative from all this, especially as 62 percent of buyers cite MFA bypassing as a material and growing problem, according to the report. In addition, the 2026 report finds that 68 percent of organizations lack continuous authentication and that 70 percent lack behavioral or device risk signals during authentication.

Alarmingly, humans correctly identify deepfake videos only 40 percent of the time, and 88 percent of organizations expect GenAI fraud to surge in the next two years. But, on the other hand, 65 percent do not have a comprehensive plan to defend against the expected surge.

Just over a quarter – 28 percent – of buyers believe single-signal authentication (SSO) is sufficient, suggesting that SSO has lost credibility.

“This is a fundamental break in how ‘proof of identity’ works,” the Prove State of Identity Report says. GenAI has been cited by numerous reports as a danger area as the technology enables sophisticated attacks at scale, leading to an industrialized process. Prove’s report points to 50 to 75 percent of buyers lacking confidence in their ability to stop AI-powered attacks.

Usefully, the Prove State of Identity Report 2026 contains “capability maps” that show clearly the capabilities needed to achieve outcomes that help to solve the challenges identified. The report quotes an unnamed “head of identity solutions” from a “global AI platform.”

“The biggest problem we’ll need to figure out is verifying that an agent is still acting properly on behalf of the user that they’re supposed to and is a good one,” they said. “I think these verifications will need to confirm the identity of the individual and the agent.”

The report calls for the phasing out of legacy authentication. This includes passwords, OTPs, knowledge-based questions and traditional MFA, all of which attackers can steal, spoof or manipulate without too much difficulty. Fraudsters go after people since humans are an easier target than the systems. Prove believes this exposes authentication as the most vulnerable point in the identity lifecycle. Behavioral analytics and biometrics are attracting “strong investment” across sectors, the Prove analysis finds.

Since stablecoins and digital assets are growing, these are proving highly attractive to attackers. Fraud follows money and identity risk increases wherever transactions intensify. And Prove suggests building an identity infrastructure for stablecoin ecosystems. Stablecoins are a type of cryptocurrency that are pegged to a reserve asset, such as a fiat currency, to maintain a stable value.

New laws in the U.S. and the EU, such as the GENIUS Act and MiCA, are expected to legitimize stablecoins. Prove reports that 96 percent of buyers plan to invest in identity solutions for stablecoins within the next two years. That is obviously a very high percentage.

Threaded throughout the Prove State of Identity Report 2026 is a repeated mantra, what the company believes should be an imperative. “Identity must become continuous and adaptive, and it must persist across the full customer lifecycle so it can recalibrate trust in real time as context changes.”

In 2026’s landscape of persistent sessions and rapidly-moving users, and adaptive attackers, Prove argues that identity cannot be something you check just once. “It has to be something you continuously know.” The Prove State of Identity 2026 report can be downloaded here.

Biometric Update and Goode Intelligence’s fifty-page 2025 Digital Identity Verification Market Report and Buyers Guide details important trends, technologies, and considerations for organizations considering digital identity verification solutions.

Shufti and DevCode Identity partner on workflow-led onboarding

Identity verification provider Shufti has entered into a partnership with DevCode Identity, part of the DevCode Group, to integrate its verification services into DevCode’s orchestration platform.

The collaboration is aimed at supporting KYC, KYB and AML checks within workflow-managed onboarding environments.

“The future of digital identity is defined by trust, interoperability, and regulatory alignment, so our partnership with Shufti reinforces DevCode Identity’s commitment to supporting our global customers with the most secure, best-in-class, compliant identity verification solutions available today,” says Mark Knighton, chief business development officer — global alliances at DevCode Identity.

Digital onboarding is expanding across markets and regulatory regimes. Organizations must apply consistent identity controls while adapting to differing document standards, compliance frameworks and risk profiles.

Shufti’s services include biometric verification, liveness detection, deepfake detection, document and age verification, and AML/KYC screening. These capabilities will be available within DevCode Identity’s orchestration platform, which connects to more than 200 identity and KYC providers.

The platform provides workflow management, routing and reporting tools designed to help organizations oversee onboarding and compliance processes through a single integration.

Through the partnership, organizations using DevCode Identity will be able to incorporate Shufti as a verification provider within their onboarding journeys, combining orchestration and reporting with specialist verification capabilities.

“This partnership allows Shufti’s verification technology to be used within governed, workflow-based environments, supporting consistent identity controls across markets without sacrificing operational oversight,” says Roger Redfearn-Tyrzyk, chief commercial officer at Shufti.

Further details on implementation are expected to be shared directly with customers by the two companies.

Sumsub, SQR, GBG drive partnerships to transform compliance and customer trust

Financial infrastructure firm Noah has partnered with identity verification provider Sumsub to integrate automated KYC, KYB, AML and fraud prevention into its onboarding systems. The collaboration enables faster, cross-border onboarding for financial firms using Noah’s rails, wallets and payment platforms.

According to Noah, the integration has already improved onboarding speed by 63 percent, reduced abandonment rates by 56 percent, and nearly doubled monthly KYC capacity. Screening times have also shortened through Sumsub’s link with ComplyAdvantage, while reusable identity has reduced time-to-verify by up to 70 percent.

Isle of Man-based identity firm SQR has partnered with compliance provider Global RADAR to integrate biometrically secured, “verify-once, use-anywhere” identity with compliance infrastructure. The collaboration targets finance, insurance and wealth management sectors, aiming to reduce repeated KYC checks and support privacy-by-design.

Gumtree has partnered with identity tech firm GBG to strengthen its Home Services category. GBG’s Detected KYB solution will automate onboarding for service providers, verify businesses against global registries and conduct ongoing sanctions and PEP screening.

The integration aims to speed up onboarding, enhance marketplace safety and boost user confidence, while verified providers gain higher visibility and more opportunities.

Article Topics

AML  |  biometrics  |  continuous authentication  |  digital identity  |  GBG  |  identity orchestration  |  KYB  |  KYC  |  onboarding  |  Prove  |  selfie biometrics  |  Shufti  |  SQR Group  |  Sumsub