Try boarding a flight without ID. You can't. Try opening a bank account without proof of address. Impossible. Now try walking into a job interview, a construction site, or a care home as agency staff. In most cases, nobody checks. Nobody can.
This is the identity verification gap: the growing distance between what we verify and what we should verify. And it is costing businesses billions.
The Numbers Are Stark
Cybercrime costs the global economy an estimated $10.5 trillion annually. According to the Verizon Data Breach Investigations Report, 68% of breaches involve a human element — social engineering, stolen credentials, or simple human error. The weak link isn't the firewall. It's the person.
But here is the part most businesses miss: the majority of identity-related risk doesn't start with a sophisticated cyberattack. It starts with an unverified person walking through a door, joining a video call, or entering a hiring pipeline with a name and a smile and nothing else.
We've built identity verification into the most transactional parts of our lives — banking, travel, age-restricted purchases — while leaving the highest-risk interactions completely unprotected.
Where the Gap Is Widest
Consider the places where unverified identity creates the most exposure:
Recruitment. A candidate applies for a role. They claim the right to work in the UK. The recruiter takes them at their word and invests three weeks of interviews, assessments, and internal alignment. The offer goes out. Then the compliance check reveals a visa issue. The process starts over. The cost — in time, money, and opportunity — is absorbed silently.
Trades and home services. A homeowner books a plumber through a platform. The platform verified the business. But the person who shows up at the door? Nobody verified them. The homeowner lets a stranger into their home based on a logo on a van and a first name.
Care homes and healthcare. Rotating agency staff cover nights and weekends across dozens of facilities. Residents' families assume every person in a uniform has been checked. Many have — at some point, by some agency, against some database. But whether the person standing in the room right now is the person on that record? Nobody knows. There is no real-time link between the credential and the human.
Workforce compliance. Contractors arrive on site. They have lanyards, high-vis jackets, sometimes an induction card from months ago. But continuous verification — confirming that the right person, with the right clearance, is in the right place at the right time — barely exists outside of the most heavily regulated environments.
Why the Gap Persists
The gap isn't caused by a lack of technology. It persists because of three deeply embedded assumptions:
"Verification is too expensive for low-value interactions." Historically, identity verification meant expensive KYC checks, manual document reviews, and specialist compliance teams. That made it viable for banking and impossible for a recruitment agency processing hundreds of candidates a month.
"Trust is assumed once, not maintained." Most systems treat identity as a one-time gate. You verify at onboarding and never again. But identity risk is dynamic. Visas expire. Certifications lapse. People change. A check from six months ago tells you nothing about today.
"It's someone else's problem." Recruiters assume the client will check. The client assumes the agency checked. Platforms assume the tradesperson is who they say they are. Nobody owns the verification moment — the point where an actual human interacts with another human and both parties need to know who they're dealing with.
What Closing the Gap Looks Like
Closing the identity verification gap doesn't require overhauling your systems or hiring a compliance team. It requires inserting verification at the moments that matter — the points where unverified identity creates real risk.
That means:
- At application stage in hiring — confirming right-to-work status before you invest time in interviews, not after
- At the point of service in trades — verifying the person at the door is the person you booked
- At shift start in care and healthcare — linking the human in the room to their verified credentials, in real time
- At site access for contractors — continuous confirmation, not a one-time badge check
This is exactly what Certifyd is built for. Two-way, real-time verification via QR code in 30 seconds. Platform agnostic. Works in person, on video, on a voice call. Creates an auditable record every time.
The gap between what we verify and what we should verify is where fraud, liability, and harm live. Closing it isn't optional anymore.
See how Certifyd verifies the person, not just the paperwork.