Smile ID has released its 2026 Digital Identity Fraud Report titled “From Selfies to Signals: Identity Enters the Security Era,” revealing a sharp rise in sophisticated digital identity fraud fueled by artificial intelligence and new attack techniques targeting online verification systems.
The report indicates that advances in AI have dramatically reduced the cost of producing deepfakes while increasing their scale and quality, enabling fraudsters to launch more convincing identity attacks.
As digital identity verification becomes embedded in banking, fintech, and other online services, criminals are increasingly targeting the identity capture process itself, manipulating devices, operating systems, and verification sessions to bypass security systems.
According to the findings, document fraud remains the leading cause of identity verification rejection in East Africa. Nearly three out of five rejected verifications stem from document integrity issues.
Portrait anomalies; such as face swaps and inserted photographs that preserve the original document layout—account for about one-third of the fraudulent cases detected.
The analysis is based on anonymised data drawn from more than 200 million identity verification checks conducted in 2025, covering 37 industries across over 35 countries.
The report also highlights a shift in the nature of digital fraud. In 2025, Smile ID detected more than 100,000 injection-style fraud attempts each month, linked to emulators, virtual cameras, and manipulated digital environments.
These attacks bypass the device camera entirely using synthetic or pre-recorded media, indicating a move away from simple visual spoofing toward deeper interference with the verification process.
Another major trend identified in the report is the surge in authentication-related fraud, which now exceeds onboarding fraud attempts by more than five times. This shift suggests that fraudsters are increasingly targeting already verified accounts rather than attempting to create new ones.
Attackers are focusing on login processes, account recovery procedures, device changes, and high-value transactions, often using automated AI tools to reuse stolen biometrics, hijack accounts mid-session, and transfer funds across platforms at scale.
The findings also show that duplicate identity attempts, where stolen or fraudulent identity data is reused, more than doubled in 2025, nearly tripling the combined totals recorded in 2023 and 2024.
Meanwhile, mobile-based signals are playing an increasingly critical role in detecting fraud. Nearly 90 percent of fraud blocked by Smile ID in 2025 was identified through mobile SDK signals, a significant increase from 68 percent recorded the previous year.
The company noted that AI-generated biometric attacks are emerging across multiple markets and industries as fraud tools become more accessible and affordable.
As a shared infrastructure platform serving multiple institutions, Smile ID says it is able to identify systemic fraud patterns that may not be visible to individual organizations.
The company uses a combination of traditional algorithms, controlled capture methods, and internally tuned large language models to detect coordinated abuse patterns across its network.
Commenting on the report, Mark Straub, Chief Executive Officer of Smile ID, said identity fraud is no longer confined to the customer onboarding stage.
“Fraud is no longer a KYC problem, it is a continuous cybersecurity challenge,” Straub said. “AI enables fraudsters to operate at unprecedented scale and sophistication.
Effective defence now requires network intelligence that allows organisations to adapt in real time throughout the customer lifecycle.”
He added that identity verification is entering a new phase where ecosystem-wide protection is necessary to safeguard users and digital platforms.
The report concludes that as digital identity becomes central to financial services and other online ecosystems, organisations must strengthen security measures beyond basic verification to include continuous monitoring and coordinated defence across the entire digital identity lifecycle.
The full 2026 Digital Identity Fraud Report can be downloaded for free here