Your IT help desk just reset a password for someone who doesn't work at your company. 90% of ransomware incidents begin with stolen credentials, and most come through help desk password resets. Multi-factor authentication won't save you when the chain of trust is already broken.

Aarti Samani speaks with Hubert Behaghel, CPO of Veriff, about why identity, not authentication, is the real weak link in enterprise security, and why the help desk has become one of the most exploited attack surfaces in the organisation.

They unpack why fake worker fraud as a nation-state level threat and what Veriff's "infrastructure of trust" looks like in practice. It's a multi-layered approach cross-validating biometric liveness, behavioural signals and device data across the entire employee and customer lifecycle.

🔑 Key takeaways:

1. The line between insider and outsider is now porous, deepfakes and synthetic identities mean someone can gain full employee access without ever being who they claim to be.

2. MFA protects the wrong moment. If identity was never confirmed at the point of request, every layer built on that broken trust is irrelevant.

3. Employee verification should be treated with the same rigour as customer KYC. Verify not just at onboarding, but continuously.

4. If you don't test it, you don't know if you have a solution. Red teaming and social engineering testing should be on every executive's agenda.

Guest: Hubert Behaghel, CPO at Veriff🔗 veriff.com🔗 linkedin.com/in/behaghel

Host: Aarti Samani, Founder of Shreem Growth Partners🔗 aartisamani.com🔗 linkedin.com/in/aartisamani

#InsiderThreats #DeepfakeFraud #IdentityVerification #SocialEngineering #BeyondTheAlgorithm