Entrust Inc. - Experts & Thought Leaders

Entrust, a global pioneer in identity-centric security solutions, released its seventh annual Identity Fraud Report for 2026. The report examines global trends, tactics, and techniques used in identity fraud over the past year, providing actionable insights to help businesses protect their customers and operations. Deepfakes and injection attacks on the rise     New data reveals deepfakes account for one in five biometric fraud attempts, and instances of deepfaked selfies increased by 58% in 2025. Other fraud tactics across biometric systems include photo of a screen, photo of a printout, 2D and 3D masks, video of a video on screen, and video of photo on screen. This rise in deepfakes is part of a broader trend of increasingly sophisticated attacks driven by injection attacks, which surged 40% year-over-year. Injection attacks enable fraudsters to bypass live capture processes by feeding manipulated images or videos directly into verification systems. When combined with deepfakes, these sophisticated techniques can convincingly mimic users and live capture experiences, making detection difficult without robust, multi-layered fraud prevention. Fraud across the customer lifecycle The report also highlights trends in when fraud happens during the customer lifecycle and how it varies by industry and business models. Sectors offering sign-up bonuses, such as cryptocurrency, face the highest rates of onboarding fraud, accounting for 67% of fraud attempts. Meanwhile, industries with valuable, long-standing accounts, such as payments and digital-first banks, experience higher rates of account takeover (ATO) fraud, accounting for 82% and 55% of fraud attempts targetting the authentication process, respectively. ATO fraud involves hijacking existing user accounts, typically through stolen credentials, phishing, malware, or social engineering, to steal funds or harvest sensitive data. Social engineering and psychological manipulation     Building on the technical threats, the report also reveals how fraudsters are increasingly targetting individuals through psychological manipulation. By using tactics such as phishing, impersonation, and coercion, fraudsters are convincing victims to use their genuine identity, hand over sensitive data, or transfer funds. Additional key findings from the 2026 Identity Fraud Report include: Physical and digital document fraud: In 2025, digital forgeries made up 35% of document fraud – up from a 29% average between 2022 and 2024. Overall, there’s a higher volume of physical counterfeits (47%), but typically the sophistication of digital forgeries is higher, driven by the online availability of AI tools.  National ID cards most exploited: National ID cards accounted for nearly half (46%) of all fraudulent document submissions globally. Fraudulent national IDs are most prevalent in EMEA (45%) and APAC (60%), whereas AMER experiences more fraudulent driver’s licenses (37%).  Peak activity after hours: Modern fraud operations are highly organised and global in scale, making fraud a 24/7 business. Data from Entrust reveals that fraud attempts peak between 2:00 am and 4:00 am UTC, when defenses in many regions are offline. Fraud on repeat: Fraudsters often use a “rinse and repeat” strategy, recycling fake details across multiple fraudulent identity documents. Commonly used elements include names such as Jon Doe, document numbers like A12345678, and birthdates including October 16, 1986. Protecting identity from evolving threats “As detection improves, fraud rings evolve, becoming faster, more organised, and commercially driven,” said Simon Horswell, Senior Fraud Specialist Manager at Entrust. “Generative AI and shared tactics fuel volumes and sophistication, targetting people, credentials, and systems. Identity is now the front line, and protecting it with trusted, verified identity across the customer lifecycle is essential to staying ahead of adaptive threats.” Unparalleled insights “With over 1 billion identity verifications conducted across 195 countries and more than 30 industries, Entrust offers unparalleled insights into how fraud operates and how to help mitigate it,” said Tony Ball, President of Payments & Identity and Incoming CEO at Entrust. "Our global reach and deep fraud intelligence mean we’re uniquely placed to drive continuous innovation and share meaningful insights for customers. The future of digital trust lies in layered, identity-centric strategies powered by AI, delivering fraud prevention and seamless user experiences.”

As the cybersecurity landscape rapidly evolves, Entrust announced a landmark achievement: The Entrust nShield Hardware Security Module’s (HSMs) implementation of three NIST standardised post-quantum algorithms have been validated by NIST’s Cryptographic Algorithm Validation Program (CAVP). This milestone empowers enterprises to secure their sensitive data against the looming threats of quantum computing with confidence, backed by the credibility of NIST-validated, production-ready cryptographic solutions. With native nShield HSM firmware (v13.8.0) support for ML-DSA, ML-KEM, and SLH-DSA, organisations have a path to quantum-safe security.  Quantum computing advancements Organisations must urgently secure cryptographic keys and maintain compliance, as quantum computing advancements threaten established security protocols. Choosing the right hardware security module is critical; Entrust nShield HSMs are purpose-built to not only meet current standards but also scale with the organisation’s future needs, providing reassurance for the transition to post-quantum cryptography. Robust cryptographic implementations Entrust nShield HSMs have met these stringent needs for ML-DSA, ML-KEM, and SLH-DSA algorithms NIST’s Cryptographic Algorithm Validation Program (CAVP) enforces rigorous standards, ensuring only the most robust cryptographic implementations are validated. Entrust nShield HSMs have met these stringent requirements for ML-DSA, ML-KEM, and SLH-DSA algorithms.  Entrust has submitted the nShield HSM firmware – featuring these three quantum-safe algorithms –for updated FIPS 140-3 Level 3 certification through the Cryptographic Module Validation Program (CMVP), reinforcing Entrust’s commitment to advanced, standards-based security.  NIST validation for the post-quantum algorithms “Our achievement in obtaining NIST validation for the post-quantum algorithms in production-ready Entrust HSMs is a key differentiator for our customers. This certification gives organisations the confidence that their nShield HSMs are post-quantum ready and recognised by the world’s pioneering standards body, NIST,” said Mike Baxter, Chief Technology and Product Officer at Entrust.  Entrust nShield HSMs deliver state-of-the-art, tamper-resistant protection for the organisation’s most sensitive keys, allowing organisations to generate and safeguard cryptographic keys with confidence, flexibility, and scalability.

Entrust, a pioneer in identity-centric security solutions, announced an expanded partnership with Mastercard to enhance fraud prevention by integrating Mastercard Identity insights (powered by Ekata) into the Entrust Identity Verification Security Platform. The collaboration empowers organisations to strengthen fraud detection and prevention, reduce time and costs associated with manual intervention, and streamline end-users' digital onboarding experience. Digital First and Identity programs Entrust is the first Engage qualified partner to offer both the Digital First and Identity programs, a significant milestone in the growing partnership.  As fraud tactics grow in scale and sophistication, from deepfakes to synthetic identities, institutions face mounting pressure to deliver efficient fraud protection while providing a frictionless user experience. Identity fraud prevention Entrust and Mastercard are combating these challenges head-on by delivering intelligent pre-screening According to the Entrust Future of Global Identity Verification report, 66% of organisations say that identity fraud prevention and customer experience are competing priorities.  Entrust and Mastercard are combating these challenges head-on by delivering intelligent pre-screening that leverages real-time risk insights from Mastercard Identity's network to identify threats early and automate remote onboarding for customers.   Mastercard Identity’s insights “By combining Mastercard Identity’s insights with the Entrust Identity Security Platform, we’re helping enterprises move beyond reactive fraud detection,” said Dennis Gamiello, Executive Vice President, Global Head of Identity at Mastercard. “This partnership expansion enables a proactive, personalised approach that strengthens security while keeping the user experience seamless.” Challenges in regulated and non-regulated sectors Entrust Identity Verification directly addresses the most urgent challenges in regulated and non-regulated sectors through an innovative, multi-layered approach, including:   Smarter, earlier fraud prevention: Mastercard Identity insights enable organisations to separate bad actors from good users during the application process with machine learning-powered data analytics based on essential user information, such as name, phone number, address, and email address. These signals help surface inconsistencies and suspicious patterns, helping organisations detect and block threats early.  Faster onboarding for legitimate users: Entrust Identity Verification adapts to each user’s risk profile, allowing low-risk individuals to progress while applying additional checks only when needed. This helps to reduce drop-off rates, improving end-user conversion and satisfaction.  Cost-effective, risk-based verification: By automating identity verification based on real-time fraud scores, organisations can minimise manual reviews and allocate resources more efficiently. One Buy Now Pay Later provider reported a 50% reduction in application abandonment and a 60% increase in passive identity verification using Mastercard’s signals1. How it works During the onboarding process, users input their essential information such as name, phone number, address, and email address. Entrust Identity Verification securely processes this data and connects with the Mastercard Identity network to generate a fraud risk score. Unlike other solutions that rely solely on authoritative data, Mastercard Identity applies a multi-layered approach that contextualises data from authoritative sources, and historical usage and applies machine learning to deliver a more comprehensive analysis. This enables the detection of unusual behavioural patterns and anomalies that signal potential fraud.  Entrust Identity Verification routes Based on the insights, Entrust Identity Verification routes users through the appropriate onboarding journey Based on the insights, Entrust Identity Verification routes users through the appropriate onboarding journey. Those with low-risk scores proceed with minimal friction, while users flagged as higher risk are prompted to complete an additional identity verification step, such as a document or biometric verification.  Businesses can customise these workflows to treat low-risk, medium-risk, and high-risk verification attempts differently, helping to automate onboarding while proactively detecting and sidelining fraudsters early in the process. High costs and rising customer expectations “As identity fraud is on the rise, along with high costs and rising customer expectations, collaboration is crucial,” said Minh Nguyen, Vice President of Product, Identity Verification at Entrust. “Organisations have to adapt faster than ever, and this partnership helps ensure that they can leverage Mastercard’s insights through our platform to stay ahead of emerging threats. Together, we’re helping businesses combat fraud, reduce manual reviews, and onboard more customers with confidence – delivering both stronger protection and measurable business results.”

Emphasising proactive rather than reactive security shifts the focus from dealing with crises and damage control to prevention. Advantages of a proactive approach include cost efficiency, better business continuity, and fewer crises that draw attention away from strategic improvements. Staying ahead of threats is a core mission of the security department, and technology has evolved to enable security professionals to deliver on that mission better than ever. We asked our Expert Panel Roundtable: How are security systems transitioning from reactive to proactive, and what is the benefit?

Future-proofing your skillset is about embracing continuous learning and developing a versatile set of competencies that remain valuable regardless of technological shifts or industry changes. In the security marketplace, it is not about predicting the exact jobs of the future, but rather equipping yourself to adapt and thrive in the uncertain security landscape. But where to begin? The emerging technology shifts in the security industry provide clues, such as the growing importance of cybersecurity and artificial intelligence (AI). We asked our Expert Panel Roundtable: How can physical security professionals “future-proof” their skillsets to prepare for emerging technologies?

In the physical security marketplace, artificial intelligence (AI) has evolved beyond the novelty phase. The emphasis has now shifted to the more practical aspects of implementing AI technology. That a system implements AI is no longer impressive in and of itself. The question becomes: What can this AI system do for me? How can it improve my physical security stance? We asked our Expert Panel Roundtable: How is artificial intelligence (AI) transforming physical security?