Sumsub, an all-in-one, AI-powered verification platform, is seeing a significant increase in AI-driven fraud, with attackers using multi-step methods, deepfakes, and artificial identities to breach financial platforms.
In its Identity Fraud Report for 2025-2026, Sumsub found that high-quality attacks increased by 180 percent year over year.
“We see this sophistication and increase of multi steps or attacks,” Andrew Sever, co-founder and CEO of Sumsub, said during a media interview.
The company said fraud is no longer carried out by isolated individuals but by organized, cross-border networks. These groups use stolen identity data, often sourced from the dark web, to create artificial profiles and repeatedly attempt to bypass verification systems.
“Imagine a bad actor trying to penetrate the system using a deepfake or some kind of synthetic identity. If it fails, they try again in two minutes, then again in three minutes, repeating the attack multiple times,” Sever said.
Crypto exchanges remain a major target. Onboarding attempts on some platforms could be fraudulent, highlighting the scale of the issue in digital asset markets.
“About eight out of 10 crypto exchanges are our customers, and that’s why we see all this kind of fraud landscape,” Sever said.
The surge of “fraud-as-a-service” is also accelerating attacks, enabling criminals to share tools, techniques, and infrastructure globally. This has made fraud detection more complex and pushed regulators to tighten requirements around identity verification, anti-money laundering (AML), and transaction monitoring.
“We have fraud as a service, and all of these are coming upstream,” said Penny Chai, vice president for Asia-Pacific (APAC) at Sumsub.
At the same time, businesses face pressure to balance stricter compliance with user experience, especially in cross-border payments and fintech platforms.
“How do I make sure that I can onboard my customers, safely trust me, and also be able to prevent fraud?” Chai said.
Sumsub said one-time identity checks are no longer sufficient. Continuous, real-time monitoring across the entire customer lifecycle is becoming important to detect patterns such as repeated login attempts, shared devices, and coordinated fraud networks.
“One-time verification is not enough. It should be like real time, continuous monitoring,” Sever said.
In the Philippines, identity verification presents more challenges, including fragmented ID systems, shared devices, and low-quality capture tools. These factors can make legitimate users appear suspicious without proper context.
“Filipinos share devices, so you know, and if they share devices, the device intelligence will pick up (that) everybody is using the same device,” Chai said.
To address this, Sumsub uses machine learning (ML) models trained on global fraud patterns to distinguish between legitimate behavior and coordinated attacks. The company also promotes other digital identity systems to reduce friction while maintaining compliance.
