Identity has always revolved around trust. For decades, organizations have invested heavily in securing customer and partner identities. But this year, the spotlight will turn inward.
The next frontier in digital identity will center on the workforce itself, confirming who people are, how they are verified, and how trust extends to the emerging ecosystem of non-human, agentic identities working alongside them.
Chief Customer Officer at Ping Identity.
Why? The acceleration of AI and digital transformation has reshaped how organizations think about identity. Since the COVID-19 pandemic, hiring and workforce operations have moved away from in-person verification and toward remote, distributed processes.
At the same time, AI-driven impersonation, deepfakes, and synthetic identities have made it cheap and easy to create convincing fake worker identities and permissions.
This has introduced new pressures that have made the once-static notion of verifying employees at onboarding insufficient. Organizations can no longer assume that the person who was hired is the same person accessing systems today.
They also cannot assume that every digital interaction originates from a trusted, verified source. This is the environment in which verified workforce identity and agentic trust will need to rise to the forefront.
Why reverification must become standard practice in workforce operations
In the years to come, verified workforce identity will move from a compliance task to a core operational discipline. Recent real-world incidents have made the need for this shift clear across industries, from retail, hospitality, finance, insurance, and telecommunications, to technology and others.
Many companies have suffered multimillion-dollar losses and shutdowns after attackers impersonated employees during routine digital interactions, like the IT help desk. For example, a large casino group was disrupted after an attacker pretended to be an employee and convinced help desk staff to reset credentials.
In this case, operations halted for over a week. A major retailer had to send hundreds of employees home and suspend digital operations after a similar cyberattack, and a global automotive manufacturer was forced to pause production for months after a bad actor gained fraudulent privileged access.
Fraudulent hiring is now also a persistent risk. Many organizations are discovering that some individuals who passed manual hiring processes were never the people they claimed to be.
At the same time, many teams have uncovered applicants who turned out to be state-sponsored actors impersonating recent graduates, successfully navigating interviews, video calls, and paperwork. In fact, Gartner recently reported that by 2028, 1 in 4 job candidate profiles will be fake.
It’s never been clearer that workforce identities must be validated not only at onboarding, but also throughout employment. Every moment in which an employee requests a credential reset or declares a lost device becomes an identity checkpoint.
Yet frontline employees are often encouraged to prioritize quick approvals rather than careful identity validation, increasing systemic risk. As these risks compound, enterprises are beginning to recognize that identity must be managed as an ongoing discipline, similar to cybersecurity or compliance.
How the past year set the stage for the future
2025 was the year of experimentation in this regard. Early adopters learned how to operationalize enterprise-wide reverification programs and digital credential systems.
They proved that ongoing workforce verification, when done right, could be operationalized without overwhelming teams or disrupting business performance or productivity.
I’ve seen several large organizations reverify thousands of employees in waves. These programs were completed within typical business cycles and had no material impact on productivity, customer experience, or employee satisfaction.
Banks in particular are already reverifying their workforces in structured, continuous cycles. Technology firms and other regulated industries are following similar models.
This practice will continue to mature. The playbooks and technology created over the past year will help make reverification part of standard identity operations across businesses.
More organizations will implement continuous verification cycles that prioritize high-impact roles, manage complex name and record mismatches, and account for workforce fluctuations like leaves or short-term contractors.
Digital credentials will sit at the center of this evolution. When issued and maintained within the business’s identity fabric, they reduce the need for repeated verification and create a trusted foundation for long-term identity assurance.
Whether operated by internal teams or in partnership with third-party providers, these programs will help organizations maintain confidence in their people, no matter where or how they work.
Building a foundation of trusted interaction
The convergence of these trends marks a defining moment for digital identity. Enterprises are shifting from verifying identities for the sake of compliance or convenience to building an operational foundation for a hybrid workforce of humans and intelligent agents, where trust is dynamic, ongoing, and embedded in every transaction.
For Chief Information Security Officers, Chief Digital Officers, and Chief Customer Officers alike, this evolution represents a cultural shift. Verified identity will be viewed as a catalyst of speed, innovation, and responsible AI adoption rather than a barrier to them.
Leading organizations will move beyond treating identity as a security boundary and start using it as a trust engine that powers every human and digital connection. Trust has always been the currency of business. Verified identity, human and non-human alike, will be its foundation.
We've featured the best endpoint protection software.
This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.
The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit
English (US) ·