RESTON, Va., July 01, 2026 (GLOBE NEWSWIRE) — While most organizations have tools to verify human presence, only 48% fully trust them. The latest Regula survey, The New Shapes of Identity Threats 2026, highlights that AI-assisted automation, deepfakes, and generated identity evidence are changing what businesses need from identity verification. Now it is not just a pass-or-fail result, but proof that a real person was present and the evidence was authentic.
The findings come as businesses prepare for a new phase of digital identity risk, where AI agents, automated systems, deepfakes, and human users can all move through the same onboarding, authentication, and account recovery flows. AI is becoming an active participant in digital interactions, making it increasingly difficult for organizations to determine who — or what — is behind an identity verification attempt.
Human presence becomes a critical trust signal
Regula’s research reveals a significant confidence gap in organizations’ ability to verify that a real person is present during remote identity checks.
While 76% of organizations report having technical controls designed to verify human presence, only 48% consider these controls reliable.
Regula survey states that more than half of organizations cannot confidently prove that a real person is behind an online identity check
The survey findings suggest that many organizations can verify identity evidence but remain uncertain whether that evidence was submitted by a genuine human. In practice, systems built to verify people increasingly encounter activity that behaves like a user, submits identity evidence like a user, and moves through digital journeys like a user — without necessarily involving a real person.
Face matching alone is no longer enough
Regula’s study also highlights growing concerns around biometric authenticity and liveness assurance.
More than half of organizations (52%) cannot fully verify that biometric data was captured live from a real person. Meanwhile, 41% cannot always detect when identity data or signals have been manipulated.
These findings reflect a fundamental shift in identity verification. A face match may demonstrate similarity, but it does not necessarily prove that biometric data originated from a real person in real time. Deepfakes, synthetic identities, injected camera feeds, and replay attacks increasingly challenge traditional verification approaches.
The challenge is not detecting fakes — it is managing trust
Organizations are entering an environment where interactions may be initiated by humans, authorized AI agents, automated systems, or fraudsters using the same technologies. In this reality, the challenge extends beyond detecting fake documents, deepfakes, or synthetic identities. Businesses must determine who — or what — is behind an interaction and whether that entity can be trusted.
This requires a broader approach to identity assurance that combines multiple identity signals, validates the integrity and origin of those signals, continuously reassesses risk, and maintains trust throughout the entire customer lifecycle.
“Identity verification was built for a world where every interaction involved a human being. That assumption no longer holds. Today, organizations must verify not only identity signals but also the interaction itself. They need to understand whether biometric data was captured live, whether identity evidence is authentic, and ultimately whether a real person is actually behind the session. The future of identity verification is not a single check performed during onboarding. Trust can no longer be established once and assumed forever,” says Henry Patishman, Executive Vice President of Identity Verification Solutions at Regula.
Expert commentary available at GITEX Europe 2026
Regula will discuss these findings at GITEX Europe 2026 during the TechTalk session, “Operationally Normal Fraud: How AI Is Changing Identity Risk,” on June 30, 2026. The session will explore how AI is reshaping digital interactions, why organizations increasingly struggle to distinguish between legitimate users and AI-driven actors, and what it takes to build trust when identity verification must extend beyond onboarding to the entire customer lifecycle.
About The New Shape of Identity Threats 2026 study
The New Shapes of Identity Threat 2026 is a global study conducted by Sapio Research in March 2026 among 850 decision-makers responsible for fraud prevention and financial crime across the UK, US, Germany, Singapore, UAE, Brazil, and Mexico. Respondents represent banking, financial services, crypto, telecommunications, government, and gaming sectors.
The report is released in two parts. The first examines how AI-assisted actors, deepfakes, and synthetic identities are reshaping identity threats. The second explores how organizations are adapting their identity systems, where confidence gaps remain, and what capabilities are needed to establish trust in an environment increasingly influenced by AI-driven interactions.
About Regula
Regula is a global developer of identity verification (IDV) solutions and forensic devices, trusted by over 2,000 organizations across regulated industries worldwide. Regula IDV solutions deliver end-to-end document verification, biometric authentication, and identity lifecycle management. They enable organizations to prevent fraud by ensuring the integrity of every signal behind each decision. Built on 34 years of document forensics expertise, fully proprietary technology, and an in-house forensic laboratory, Regula maintains the world’s largest template library of 16,000+ ID templates from 254 countries and territories. The company’s technologies are deployed at 80+ border control authorities worldwide. Recognized in the 2025 Gartner® Magic Quadrant™ for Identity Verification.
Learn more at www.regulaforensics.com.
A photo accompanying this announcement is available at https://www.globenewswire.com/NewsRoom/AttachmentNg/b2771ecd-9297-4442-af39-5ae11039ef96