Persona graduates with candidate verification for job identity control
Identity is everything.
From our own personal perspective as human beings, our identity matters more than at any time in the past… as we now enter a world where human digital identities can be used to approve our status and can even be maliciously compromised.
Identity is also of crucial importance throughout the enterprise software development stack; security firms are now investing more heavily in this space and acquisitions (and organic internal reinventions) are apace across the industry.
Firmly planted and established in the identity platform for businesses space is appropriately named Persona.
The company has this month detailed new technologies, including a candidate verification solution to confirm job applicants’ real-world identities at critical hiring stages.
The new solution brings workforce identity verification to the hiring stage, helping talent and security teams confirm who’s really in the pipeline before access is ever granted.
Integration situation
Persona offers integrations into Ashby (described as an all-in-one recruiting platform designed for high-growth hiring teams), Greenhouse (a structured hiring platform focused on data-driven, equitable recruitment workflows) and Workday (the widely known human resources and financial management platform company) and the offering enables talent acquisition, HR and security teams to verify candidate identity as a natural part of their existing workflow.
Rending us that the hiring landscape has fundamentally shifted, the company says that recruiting teams are managing significantly higher application volumes, making it harder to scrutinise each candidate carefully.
At the same time, AI tools have made it easier to fabricate job profiles and deploy deepfakes during interviews. The combination creates ideal conditions for bad actors: more applicants to hide among and less time reviewing a candidate.
Analyst house Gartner estimates that one in four candidate profiles worldwide will be fake by 2028. Cybersecurity firms report that hundreds of Fortune 500 companies have unknowingly hired North Korean operatives posing as remote workers since 2020.
Hiring pipeline blind spot
For talent teams already stretched thin, the added burden of fraud detection isn’t sustainable. For security teams, the hiring pipeline has become a blind spot; a vulnerable entry point that exists before traditional IT controls take effect.
“With application volume on the rise and a lean talent team, we can’t afford to spend time questioning whether a candidate is real or is who they say they are,” said Natalie Disraeli, head of talent at Persona. “Our time belongs in real conversations with hiring teams – and hiring real people.”
Disraeli further states that Persona’s candidate verification solution addresses a challenge that sits at the intersection of talent acquisition and security: confirming the person applying is real present and the same person throughout the hiring process.
Legitimate candidates complete verification via a mobile-friendly flow. Persona confirms identity by matching a government-issued ID to a live selfie, enhanced with device, behavioural and network signals to detect anomalies in real time. Verification flows adapt automatically based on session risk and geography. Recruiters receive verification status and context to support their hiring decisions, delivered directly in their Applicant Tracking System (ATS).
There is global ID coverage here i.e. government ID verification works across 200+ countries and territories, with support for 40+ languages.
Features and functions
Deeper into the service mechanics on offer here, Persona also has multi-signal detection functionality also find multi-signal detection functionality. This means that document verification and real-time liveness checks are backed by device intelligence, behavioural analysis and network signals to catch impersonation and deepfakes.
Adaptive verification enables flows that automatically adjust based on risk level and candidate location. A privacy-first design enables configurable retention, redaction and data management controls built for HR compliance standards.
Employee lifecycle
According to Persona, most identity verification solutions stop or start at onboarding. The company’s candidate verification extends identity assurance into the hiring process and throughout the employee lifecycle. The identity confirmed before an offer is extended becomes the same identity used to provision access on day one, authenticate into systems and verify throughout employment.
“Application volumes have surged while AI makes impersonation easier,” said Christie Kim, COO at Persona. “We already have strong success in mitigating fraud in using our candidate verification solution in our own hiring and the market response shows this is a widespread challenge. As adoption grows, identity verification will move from edge case to standard practice across the employee lifecycle.”
Candidate Verification is part of Persona’s unified Workforce Identity platform, which already integrates with leading identity and access management (IAM) providers like Okta and Cisco Duo, HRIS systems and IT infrastructure tools.
Deep dive Q&A
The Computer Weekly Developer Network (CWDN) wanted to know more on this story.
CWDN: How much work does it take software application developers to onboard with your platform and get it into “live deployed production” status?
Persona: We’ve already built and deployed solutions specifically for candidate fraud, so the technical integration isn’t the bottleneck. The real work is collaborating with security and talent teams to understand your hiring flow, security requirements and where verification fits without disrupting the candidate experience. Once we align on that, deployment moves fast. Most teams go from kickoff to production in days, not weeks or months.
CWDN: How is Persona evolving its liveness and spoof detection capabilities to address modern deepfake threats and why is a multi-signal or “ensemble” approach necessary?
Persona: Deepfakes have increased 50x in recent years and they’re getting more sophisticated. Visual detection alone doesn’t work; some spoofs leave no visual trace.
That’s why we use an ensemble model: visual artefact analysis, non-visual hardware signals, behavioural patterns across submissions and continuous threat monitoring. We’ve identified over 50 distinct classes of AI-based face spoofs and our research team continues developing detection capabilities as threats evolve.
CWDN: How concerned should organisations be? That is to say, what company touchpoints could a fake hire typically access and is it access to internal Slack, GitHub and database resources?
Persona: Concerned. We are not trying to be alarmist, but the data backs it up. In a recent survey, we found 85% of CISOs told us they aren’t confident handling GenAI-enabled fraud. We’re seeing bad actors target roles with elevated permissions — engineers, data science, IT — because day one access includes Slack, GitHub, production databases and cloud infrastructure. CrowdStrike estimates 79% of initial access incidents are now malware-free. Bad actors are not hacking into companies; they are logging in.
CWDN: Your platform works beyond onboarding and extends throughout the employee lifecycle. Is this for ease of identification at a general level (building passes and so on), or are further identity compromises (or alerts, such as a new hire logging in from a suspicious IP) possible even after a person is employed?
Persona: Organisations establish identity trust at hiring, but the real challenge is maintaining that trust over time. Companies can trigger step-up verification when risk changes—like a suspicious login, new device, or privilege escalation – to confirm the same verified person is still behind the account. That way, identity assurance continues well beyond day one.
