Daon has launched a workforce identity fraud prevention product aimed at the employee lifecycle.
The offering combines several of Daon's existing identity tools, including TrustX, xProof, xAuth and xFace. It is intended for use across candidate screening, remote onboarding, credential recovery, step-up authentication and ongoing account maintenance.
The launch comes as employers face rising fraud linked to artificial intelligence, including deepfake job interviews, synthetic identities and phishing attacks created with generative tools. Businesses are also dealing with greater risks of account takeover and impersonation in remote and hybrid working environments.
The product can verify candidate and employee identities during interviews and onboarding, generate passkey-based authentication from the verification process, apply extra checks for higher-risk actions and support reverification during employment. It is designed to work with existing identity and access management systems through standards-based application programming interfaces and OpenID Connect protocols.
Analysts and companies have warned that AI is changing the scale and speed of workforce fraud. Daon cited a Gartner forecast that by 2028 one in four job candidates could be fake, and findings from IBM and Microsoft that an AI-generated phishing attack created in five minutes with five prompts was more than four times as effective as one created by a human.
Recent incidents have underlined those concerns. Daon pointed to widely reported cases involving deepfake video interviews used to obtain jobs and manipulated calls or video interactions linked to fraudulent transfers. In one case, a deepfake-enabled video call led to losses of USD $25 million at engineering firm Arup.
Broader shift
Daon framed the launch as part of a wider move away from one-time login checks toward more continuous identity verification. That approach focuses on monitoring signals and applying checks at different points, rather than relying only on an employee's initial authentication.
The product supports use cases including contractor access, privileged access changes, payroll update requests and helpdesk recovery, all of which can become targets for social engineering or impersonation. Those functions have become more sensitive as workforces have spread across locations and organizations have grown more dependent on remote hiring and digital support channels.
Bob Long, President of the Americas at Daon, said the problem starts before an employee formally joins a business.
"Workforce onboarding no longer begins on day one of the job, but at the very first interaction," Long said. "Organisations now have to think much more carefully about the authenticity of the resume, the face appearing on camera, the email or phone call requesting access, and whether each employee identity remains trustworthy over time. Point solutions for verification and authentication create gaps, and that's where the fraud occurs. Businesses need a continuous model of identity assurance that follows each individual across the employment lifecycle."
His comments reflect growing concern among employers that identity checks built for earlier digital workflows are no longer enough to counter synthetic media and automated impersonation. Hiring teams, service desks and managers responsible for access rights are now exposed to a wider range of deception techniques than in previous years.
Target sectors
Daon said the product is relevant for businesses with distributed workforces, large contractor populations, regulated onboarding rules or greater exposure to helpdesk and account recovery fraud. It identified financial services, healthcare, retail, telecoms and cryptocurrency among the sectors where workforce identity controls are closely tied to fraud prevention, compliance and secure access.
The company also linked the product to what it calls an identity continuity approach, in which verification, authentication, recovery and reverification are connected in one framework. In practice, that means applying identity checks at recruitment, during access changes and when accounts need to be restored or updated.
Long said older authentication methods were developed for a different level of threat.
"Most forms of authentication deployed by businesses today were built for a very different threat environment," he said. "Today, the risk doesn't end once an employee logs on in the morning. Organisations need assurance that every employee action is made by an employee authorized to take that action. That's where continuous, layered identity becomes so important."