In the age of AI agents and synthetic identities, the biggest risk to corporate security may be complacency. Most firms think their digital identity systems are working, and that misplaced confidence is costing them real money.
According to “The Hidden Costs of ‘Good Enough’: Identity Verification in the Age of Bots and Agents,” global companies lose an average of 3.1% of annual revenue to verification failures — roughly $95 billion in aggregate across the 350 firms surveyed.
Yet nearly every company in the study (96%) expressed confidence in its ability to spot harmful bots, even as 9 in 10 reported being harmed by them.
The contradiction points to a subtler danger than fraud itself: a false sense of security that blindsides firms to how outdated systems are quietly draining revenue, customers and trust.
The report, part of the October 2025 Digital Identity Framework series, surveyed companies spanning financial services, retail, software, gig and travel platforms.
While many firms have invested heavily in know your customer (KYC) and know your business (KYB) tools, the study found that a surprising number remain mired in manual reviews, friction-filled onboarding and inconsistent results.
Advertisement: Scroll to Continue
The cost isn’t just operational, it’s strategic. Identity verification has become the front door to every digital interaction, determining who gets in, how fast and at what risk.
Key Data Points Indicate:
- 58.6% of businesses report struggling with bot-driven fraud — even as nearly all claim to be “confident” in their defenses.
- 52.9% of firms lose prospective customers to onboarding drop-off, and 44% admit their systems generate false positives that wrongly flag legitimate users.
- Firms using global identity platforms show measurable advantages: 79% cite improved verification quality, and 63% report lower false positive rates year over year.
Those figures suggest that the “hidden cost” of good-enough identity verification isn’t only measured in fraud losses. It’s also in the customers who abandon sign-ups after too many digital checks, in the legitimate businesses blocked from onboarding, and in the friction that erodes brand trust. Nearly two-thirds of firms say verification weaknesses keep them from expanding into new markets, a self-inflicted drag on growth in an economy that increasingly runs on instant global connections.
The overconfidence gap is especially sharp in financial services, where 60.6% of firms have seen bot traffic rise in the past year. Many assume their fraud controls are mature because they’ve passed compliance audits or updated authentication steps.
But the report’s findings show that fraudsters’ use of artificial intelligence — from deepfakes to credential stuffing — is evolving faster than those defenses. What looks compliant may, in practice, be porous.
The study also highlights a second blind spot: identity’s dual role as both risk control and growth engine. When verification is treated purely as compliance, firms miss the chance to turn it into a revenue driver.
Global identity platforms, which unify verification across markets and data sources, help firms reduce false declines, speed onboarding and lower regulatory burdens. More than 8 in 10 companies using such systems call them “high performing,” and 94% say they simplify AML and KYC compliance.
For companies still patching together regional tools and manual reviews, the message is clear: the danger isn’t failing to detect every fraud attempt. It’s believing that “good enough” already does. In an economy where bots, agents and real customers increasingly look alike, confidence without accuracy is its own form of risk.
