The modern trust economy was built to eliminate ambiguity. Instead, it’s producing more of it.
Consider two stories circulating through technology and compliance circles. In the first, biometric age-verification systems reportedly failed to distinguish adults from children who had drawn fake mustaches on their faces, a crude workaround that fooled algorithms engineered for precision.
The second failure ran in the opposite direction. Pope Leo XIV, calling from Rome to update the phone number at his financial institution, was allegedly disconnected by his Chicago-based bank. Standard fraud protocols made it impossible to authenticate him.
Both stories spread fast because they feel true. Together, they expose a deepening paradox at the center of digital commerce and financial services: systems designed to reduce uncertainty have become so rigid, fragmented and automated that they fail both when fraudsters are obviously fake and when legitimate users are obviously real.
Read more: Why Identity Silos Are Failing in the AI Era
Digital Identity Verification Is Becoming a Scale Problem
Verification has traditionally relied heavily on contextual human judgment. A bank manager recognized a client. A cashier evaluated an ID. A customer service representative noticed inconsistencies in a caller’s story. These systems were imperfect and biased, but they operated within environments small enough for humans to remain central to the trust loop.
Advertisement: Scroll to Continue
Digital scale changed that equation. Global platforms now process millions of transactions, logins, and account creations every hour. Financial institutions face relentless pressure from regulators to prevent money laundering, sanctions violations, identity theft, and synthetic fraud. Simultaneously, consumers expect instant onboarding and frictionless access.
In response, financial institutions and security-critical enterprises have invested billions into biometric authentication, artificial intelligence, and know-your-customer compliance systems designed to verify identity with machine precision.
The trouble is that most verification systems were designed for an internet that no longer exists. They emerged in an era when digital identities were relatively stable and human-generated content could generally be assumed authentic. Today, AI systems can generate photorealistic faces, clone voices in seconds, simulate liveness in video verification checks, and create convincing synthetic identities stitched together from fragments of real data.
The outcome can be surreal. A child with crude facial augmentation may occasionally satisfy an algorithm trained on simplistic age markers, while an elderly customer with unusual speech patterns or inconsistent device behavior gets flagged as suspicious.
As Veriff Chief Technology Officer Hubert Behaghel told PYMNTS in March, today’s identity systems need to answer three questions continuously: “Are you who you say you are? Can you be trusted? And are you still the same person related to the account?”
It’s the “continuously” part that is potentially emerging as the most important, and which is increasingly changing everything that firms thought they knew about fraud prevention and detection.
See also: The Cyber Insecurity List: Why Hackers Are Logging in, Not Breaking In
The Two-Directional Failure of Trust
Historically, fraud prevention focused on a single risk: false positives for legitimacy. The question was whether a fraudulent actor could sneak past defenses. Now institutions face a second, equally dangerous problem, that of false negatives for authenticity. Legitimate users increasingly cannot prove who they are to the systems meant to protect them, and at the same time bad actors are getting better at spoofing those systems with sophisticated technology like AI agents and other digital tactics.
The result is a kind of epistemological inflation. Signals that once carried high trust value are becoming cheap and reproducible.
“If you start to have bots that don’t look like bots and actually do look like humans, they’re typing with human-like cadence, maintaining long live sessions, that’s where the real fraud starts to come in,” Tim Joslyn, chief technology officer at Paymentology, told PYMNTS in a conversation posted earlier this spring.
“Fake normal behavior worries me the most,” he added.
In financial services, this dynamic is especially dangerous because trust is the product itself. Banks do not merely hold assets; they mediate confidence in identity, legitimacy, and transactional integrity. When customers begin to feel that systems cannot reliably distinguish between obvious fraud and obvious authenticity, institutional credibility weakens.
“Identity at Scale: Where KYC/KYB Touchpoints Create (or Contain) Agent Risk,” a collaboration between PYMNTS Intelligence and Trulioo, shows how companies are adapting to that shift. On average, firms now use digital identity checks in 4.4 different workflows, reflecting how deeply verification is embedded in day-to-day operations.
