Bridging the Gap with Enterprise Security to Solve AI Hiring Fraud

Looking back on our key research themes over the past year, hiring fraud has been a leading topic in 2025. TTL has approached this topic from multiple angles: we analyzed how candidates are using AI tools like ChatGPT and AI bots that auto-complete thousands of job applications a day. We’ve also dug into current solutions in the HR tech space, like assessment providers that mitigate fraud with AI proctoring and advanced detection features such as facial recognition and ID verification prior to taking a test.

This past quarter, we’ve been exploring providers of enterprise fraud detection and security solutions that are expanding their products into HR use cases, as opposed to HR tech providers that are expanding their fraud detection capabilities.

Fraud detection software is a well-established security practice in industries like banking and healthcare, where companies seek to protect their customers’ information and assets. About 6 months ago, we started looking into these solutions about six months ago, when some of our clients who hire large volumes of remote contractors were expressing concern about worker fraud – beyond just cheating of plagiarizing with ChatGPT, but defrauding employers by faking their identity. While this may be a less frequent issue, it has a much greater impact on enterprise security and integrity.

Detection Strategies and Technologies

These are the basic techniques that fraud detection and identity verification (IDV) solution providers can offer in HR and hiring use cases:

• Multifactor authentication at the point of scheduling: Require candidates to verify a mobile number or a trusted email address — or even a passive voice analysis check— then proceed to photo-ID validation linked to the live interview slot.
  ​
• Real-time behavioral and signal analysis: Integrate solutions that can flag anomalies like micro-latency between audio and lip movement, unexpected pitch plateaus, or codec artefacts that don’t appear in genuine webcams into videoconferencing APIs.
  ​
• Verify identity documents in a second channel: Ask candidates to upload high-resolution IDs through a secure portal.

We wanted to highlight two of these providers that have recently released worker fraud solutions in the last year. They each focus on a different approach to ID verification but use a combination of the strategies above. While these are very well-known providers in the fraud prevention space, their solutions for candidate and workforce fraud detection are much newer, and we are excited to share them with our readers.

Pindrop

Pindrop’s video conferencing security product suite is used by hiring organizations to detect fraudulent workers. Pindrop started 14 years ago as a fraud detection solution for contact centers, offering what is known as call provenance. Today, it uses 1380 audio signals, carrier signals, metadata, voice and device data, and caller behavior to perform authentication. Pindrop has been widely used in banks, insurance providers, and investment brokerages to protect their customers’ accounts, processing about 1.5 billion calls per year.

As AI voice and video clones emerged as a new threat to these organizations, Pindrop released their deepfake detection product in February, which is currently being used by roughly half of their customers. Soon after, they expanded their product from phone calls into video conferencing, which is commonly used in private banking and wealth management. This is where Pindrop got the idea to develop fraud solutions for HR use cases, where video conferencing is a common form of real-time remote communications.

To test this hypothesis, Pindrop started running experiments with the product in their own talent acquisition team, since it is a fully remote company and typically receives around 800 applicants per role, mostly sourced from LinkedIn or Indeed. Recruiters will manually review applicants until they’ve narrowed down the top 40-50 candidates. The experiment found that one of these top candidates was a deep-fake. And the video conferencing product was able to confirm this through four detection points: audio deepfake, video deepfake, geolocation, and voice similarity.

The last point on voice similarity is critical to verify that it’s the same candidate on each interview, and they’re the same person who does the background check, and who joins the onboarding call after they’ve been hired. Pindrop essentially brought its contact center voice biometric technology into an application that can follow candidates from their first interview to their last onboarding meeting, and it passively analyzes these meetings.

For HR use cases, these four detection points (audio deepfake, video deepfake, geolocation, and voice similarity) are packaged into a virtual participant, which they call the Security Assistant. The Assistant can join meetings on Teams, Zoom, or Webex, and it can also integrate with hiring platforms including HireVue, Talview, and BrightHire.

Pinpoint is also working on integration with major ATS providers, which is one of the demands coming from their customers and is expected to come early next year.

Persona

Founded in 2018, Persona is headquartered in San Francisco and is available in 200+ countries and territories and 20 different languages. The company offers Workforce IDV as part of their core solutions, and has been actively investing in it for several years. The processes start at the onboarding process, where it has built seamless processes for managing identity during first-time enrollment. Persona has a native integration with Okta that runs re-verification of employees when they attempt to access sensitive information or sensitive applications.

For initial verification, the worker will take a selfie with Persona’s mobile app which performs a number of checks, including liveness and virtual camera detection, and then the worker will scan a photo ID. Workers only have to take a selfie for re-verifications by comparing their face to prior transactions and accounts.

In this use case, the goal is to catch worker ID fraud before any equipment is provisioned, or access is granted to the employee. About 80% of Persona’s customers using Workforce IDV are able to catch worker fraud at this stage. The second use case is account recovery, which is the continuous verification mechanism that is triggered by password reset requests, and through MFA or authenticator enrollment. Persona will also monitor unusual behavior patterns that will trigger re-verification.

What’s new at Persona is pre-verification that’s integrated into the hiring process. Customers are able to design any desired process with Persona’s suite of different verifications, with as few or as many checkpoints and passive signals as desired. In this use case, Persona will typically come in as the first gatekeeper to perform candidate IDV prior to a live meeting with a recruiter or hiring manager. The second hiring checkpoint comes at the offer stage; for example, if there’s a Docusign integration for the offer letter signing process, it would initiate a re-verification to maintain continuity.

Persona can also automatically collect passive signals from candidates during the hiring process, including behavioral signals, like flow completion time and spoof events, and network and device signals, like IP address and location. Many of Persona’s customers prefer to use passive signals at the beginning of the interview cycle because it creates less friction.

Passive ID verification is another popular method, in which Persona will use the information that’s already been information that’s already been collected from the candidate (name, email, phone number, address, and sometimes a social security number) and run silent database verification.

Conclusion

It’s worth noting that while these fraud solutions providers are very mature, their HR and hiring use cases are still relatively new. Both Pinpoint and Persona are working on strengthening their integration partnerships with ATS providers to support clean, frictionless workflows and automation, which we’re expecting to see in the first part of next year. Yet, so far, we think these providers are offering a promising solution for mid-sized to very large enterprise organizations that we haven’t seen in HR and TA tech products.

The key advantages we found in these types of solutions were:

• They plug into your existing systems: video conferencing platforms, call systems, and HR systems. Some can also integrate with recruitment platforms like Hirevue, Talview, and Brighthire.
  ​
• They are using top-of-the-line enterprise security technologies that are trusted by cybersec and infosec leaders at the largest companies.
  ​
• The candidate’s PII and biometric data never touch any HR systems and is only stored within the security system, where it’s encrypted in transit and at rest.
  ​
• These kinds of fraud and security tools may already be in use at your company for IDV, MFA, or AML +KYC compliance.

Providers like Pindrop and Persona are still figuring out the best way to present their technology to the HR market and communicate with HR leaders. It is often beneficial to have collaboration between HR and IT or security teams when going into conversations with these types of providers to bridge the gap in domain knowledge and establish a partnership in their future management and ownership.

If you would like to learn more about how Talent Tech Labs can support your talent technology strategy, join the Talent Tech Labs’ community or contact us at hello@talenttechlabs.com. Also follow us on LinkedIn to stay informed on the latest talent technology insights and updates.