Jean is 79 and lives alone in a ground-floor flat in Nottingham. Last October, two men arrived at her door wearing branded polo shirts and carrying clipboards. They told her the council had contracted them to inspect her guttering after recent storms. They looked professional. They used her name. They quoted a reference number.
Jean let them in. Over the next two hours, they "discovered" urgent roof damage, quoted £3,800 for emergency repairs, and pressured her into a bank transfer on the spot. The work they did — if it can be called that — consisted of removing tiles they'd loosened themselves.
It took Jean's daughter three weeks to discover what had happened. By then, the money was gone and the "company" had vanished.
Jean's story is not unusual. It is the daily reality of doorstep fraud in the UK.
The scale of the problem
Doorstep crime costs UK victims an estimated £57 million annually, according to data from the National Trading Standards rapid response teams. But this figure represents only reported cases. Age UK estimates that as few as 5% of doorstep crimes against older people are reported. The real figure may be closer to £1 billion.
The demographics are stark. The average victim of doorstep fraud is over 75. Over 60% live alone. Many have cognitive impairments — early-stage dementia is a particular vulnerability, as it affects the ability to assess unfamiliar situations while leaving the person capable enough to answer the door and engage in conversation.
Action Fraud data shows that doorstep crime reports have remained stubbornly consistent over the past decade, even as online fraud has surged. The reason is simple: the method works, the targets are predictable, and the conviction rate sits below 5%.
How doorstep fraud works against vulnerable people
The mechanics of doorstep fraud targeting vulnerable adults follow a predictable pattern, refined over decades.
The impersonation. The criminal presents as someone the victim would expect to see — a utility worker, a council employee, a tradesperson responding to a reported problem. They carry props: high-vis jackets, lanyards, branded clothing, clipboards, printed work orders. Some carry fake ID cards that look official at a glance. The presentation is convincing enough to satisfy a brief doorstep interaction.
The fabricated urgency. The criminal creates a reason for immediate action: a gas leak detected on the street, a water pipe issue that could flood the property, storm damage that needs emergency repair, or a council inspection that must happen today. The urgency serves two purposes — it overrides the victim's instinct to verify, and it compresses the decision-making window so there is no time to call a relative or check with the real organisation.
The distraction and theft. In many cases, the "inspection" is cover for burglary. While one person engages the householder in conversation, another moves through the property. They target cash, jewellery, bank cards, and — increasingly — personal documents that enable identity theft.
The rogue trading. In other cases, the work itself is the fraud. Unnecessary repairs are sold at inflated prices. Shoddy work is presented as essential. Deposits are taken for work that never happens. The Office for Product Safety and Standards estimates that rogue trading costs UK consumers over £680 million annually, with elderly homeowners disproportionately affected.
Why telling vulnerable people to "be careful" does not work
The standard advice from police and consumer protection bodies is well-intentioned but structurally inadequate. "Don't open the door to strangers." "Always check ID." "Call the company to verify." "Use a door chain."
This advice places the entire verification burden on the person least equipped to perform it. Consider what "call the company to verify" actually requires of a vulnerable adult:
- Refuse entry to someone who appears official and is claiming urgency
- Take down their name and the organisation they claim to represent
- Close the door and find the correct phone number for that organisation (not a number the caller provides)
- Call the number, navigate a phone menu, reach someone who can confirm or deny the visit
- Return to the door and either admit or refuse the caller
This process takes 15-20 minutes if everything goes smoothly. It requires confidence, assertiveness, cognitive clarity, and access to a phone with internet or a phone book. For an 82-year-old with hearing difficulties living alone, it is functionally impossible.
The result is that the advice gets ignored. Not because vulnerable people are careless, but because the verification process asks them to do something they cannot realistically do.
The duty on legitimate service providers
There is a second dimension to this problem that rarely gets discussed. Every legitimate organisation that sends workers to people's homes — utility companies, councils, housing associations, care providers, tradespeople — has a direct interest in solving doorstep verification. Here is why.
Trust erosion damages their business. Every time a criminal impersonates a gas engineer, the real gas company loses trust. Every rogue trader who claims to be from the council makes the next legitimate council visit harder. The organisations being impersonated pay the reputational cost of crimes they did not commit.
Workers face hostility and risk. Legitimate home visitors — district nurses, meter readers, social workers, charity volunteers — report increasing hostility at the door. Residents who have been warned about doorstep crime now distrust everyone. Workers are refused entry, subjected to aggressive questioning, or have doors slammed in their faces. This makes their jobs harder and, in care settings, can delay essential services.
Regulatory obligations are tightening. The Care Quality Commission already requires care providers to have safeguarding processes that protect service users from abuse. Trading Standards bodies increasingly expect trade platforms and service providers to demonstrate that their workers can be identified and verified. The direction of travel is clear: organisations will be expected to provide verification, not leave it to the person answering the door.
What two-way verification looks like in practice
The fundamental problem is asymmetry. The person at the door knows who they are. The person answering the door has no way to confirm it. All existing verification methods — ID cards, uniforms, phone calls — can be faked or are too difficult for vulnerable people to use.
Two-way verification inverts this dynamic. Instead of asking the householder to verify the caller, the system works like this:
Before the visit. The organisation schedules the visit and assigns it to a verified worker. The householder — or their family member, carer, or designated contact — receives a notification that a visit is scheduled, including the name and verified identity of the person who will attend.
At the door. The worker presents a verification that the householder (or their family, remotely) can confirm with a simple action. No app installation required. No complex process. The verification is tied to the specific visit, the specific worker, and the specific time window.
After the visit. A timestamped record is created showing who visited, when they arrived, and that their identity was verified. This record is available to the householder, their family, the organisation, and — if needed — law enforcement.
The key design principle is that verification should require minimal effort from the most vulnerable party. The organisation does the work of verifying its workers. The householder simply confirms that the person at their door matches the expected visit. If nobody expected a visit, the absence of verification is itself the warning signal.
Who needs to act
This is not solely a policing problem. Several parties have both the means and the motivation to implement doorstep verification.
Utility companies and housing associations. These organisations send thousands of workers to homes daily. They already manage worker identity internally. Extending that verification to the point of arrival is a natural progression, and the customer trust benefits alone would justify the investment.
Local authorities. Councils send social workers, housing inspectors, environmental health officers, and contractors to vulnerable residents. They have safeguarding duties. Providing verifiable identity for every home visit is a practical expression of those duties.
Home care providers. Care workers visiting vulnerable adults are already subject to DBS checks and Regulation 19 requirements. But those checks happen at recruitment, not at the door. A care worker arriving at 7am to help someone dress and take medication should be verifiable in real time, every visit.
Trade platforms and directories. When a homeowner books a plumber through Checkatrade or Bark, the platform has verified the tradesperson at registration. But when someone knocks on the door claiming to be from Checkatrade, there is no way to confirm that in the moment. Platforms that close this verification gap will differentiate themselves in a market where trust is the primary currency.
The evidence trail that enforcement needs
One of the reasons doorstep crime has such a low conviction rate is the absence of evidence. Victims often cannot describe the perpetrator accurately. There is no record of who was at the property. The criminal uses a fake name, a disposable phone number, and a van with no markings. By the time police investigate, there is nothing to investigate.
Verified visits create the opposite condition. Every legitimate visit is documented. When a visit is not documented — when someone arrives at a vulnerable person's door with no verifiable identity — that absence of verification becomes evidence. It draws a bright line between legitimate and illegitimate callers.
For Trading Standards teams and police fraud units, a database of verified visits transforms investigations. Instead of asking "who was at Mrs. Williams' door on Thursday?", they can say "we have verified visits from the gas company at 10am and the district nurse at 2pm. The person who arrived at 4pm was not verified by any organisation. That is where the investigation starts."
The cost of doing nothing
The financial cost of doorstep fraud is well documented. But the human cost is harder to quantify and far more damaging.
Victims of doorstep crime often experience lasting psychological harm. They become afraid to answer their own door. They lose trust in legitimate services they need — refusing home care visits, ignoring utility engineers, not opening the door to the district nurse. In extreme cases, vulnerable people have died from conditions that went untreated because they were too frightened to let anyone in.
The isolation that makes people vulnerable to doorstep crime is compounded by the crime itself. Each incident pushes the victim further from the services and human contact they need.
This is not a problem that will solve itself. The criminals are not going to stop. The vulnerable population is growing as the UK ages. And the current approach — telling elderly people to be more careful — has demonstrably failed for fifty years.
Certifyd's two-way verification enables any organisation sending workers to homes — utilities, councils, care providers, tradespeople — to give vulnerable residents and their families a simple, instant way to confirm who is at the door. No app required from the resident, no complex process. Just a verified identity that protects both the person answering the door and the worker standing outside it. Learn how it works for home services.