Nearly one in four identity verification attempts rejected in East Africa last year were flagged for suspected fraud, according to new data from digital identity company Smile ID. Out of these, document manipulation emerged as the dominant threat.
The company’s 2026 Digital Identity Fraud Report, based on more than 200 million identity verification checks conducted in 2025 across more than 35 countries, found that 24% of rejected verifications in East Africa were linked to suspected fraudulent activity. Of those, nearly 60% were a result of document integrity issues. These include portrait manipulation, face swaps and inserted photographs that preserve the original document layout.
With the findings, it is clear that AI-enabled fraud is on the rise globally and East Africa’s reliance on document-based verification systems is creating distinct regional risk profile.
Document Fraud is a Primary Threat
Across East Africa, document-driven verification is still the norm. National ID cards are widely used across the region and consistent real-time biometric checks against authoritative national databases are not always available across all platforms and use cases.
This makes many onboarding and authentication flows rely on document image capture and textual cross-referencing, and in some cases, without biometric confirmation that the person presenting the document is its legitimate owner.
“Verification in much of East Africa remains largely document-driven,” said Dustin Strydom, VP Commercial at Smile ID. “Without biometric binding that confirms the person presenting the document is the rightful owner, the system becomes structurally vulnerable to manipulation.”
Smile ID’s data shows that portrait anomalies that include face swaps and inserted images account for roughly one-third of document-related rejection cases in the region. Other attempts include screen-based manipulation, photocopies and forged documents.
Infrastructure Constraints
The structural challenges facing institutions in East Africa are not purely technical decisions made at the bank or fintech level.
National ID systems are widely adopted in markets such as Kenya and Uganda, but real-time remote biometric verification, where a submitted selfie can be directly matched against a government-held photo database, is not always consistently enabled across all institutions.
Verification is limited to textual data cross-checks without access to stored biometric images. This limits the ability to perform “biometric binding”, the process of confirming that the individual submitting a document is physically present and matches the original ID record.
“It’s a combination of infrastructure and design,” Strydom said. “Institutions can only build controls within the constraints of the systems they operate in. But there are also design choices that can strengthen or weaken those controls.”
Verification design choices, including integrating advanced document forensics, machine-learning-based anomaly detection and stronger liveness checks, are more immediately addressable compared to infrastructure gaps, which are harder to resolve quickly.
Biometric Markets Have Different Fraud Profiles
The report draws a contrast between East Africa and markets where biometric database integration is more mature.
Fraud patterns shift away from document manipulation toward biometric spoofing attempts in those markets. Data shows that fraud rejection rates in biometric-dominant markets were comparatively lower than in document-heavy environments. This is true even as spoofing and deepfake-style attacks are on the rise.
“We see a strong correlation between document-based verification environments and higher fraud rejection rates,” Strydom said. “Where biometric verification is more consistently enforced, the fraud profile changes.”
Fraud is Beyond Onboarding
Authentication-related fraud attempts that target logins, password resets, device changes and high-value transactions now exceed onboarding fraud by more than five times, according to the report.
The shift reflects what Smile ID describes as the collapse of the “checkpoint model” of identity verification, where confirming a user’s identity once at sign-up was considered sufficient.
“Fraud is no longer just a KYC problem,” said Strydom. “It’s a continuous cybersecurity challenge that spans the entire customer lifecycle.”
Verified accounts are often more valuable targets than new ones. They have transaction histories, higher limits and established trust within a platform. Fraudsters increasingly attempt to take over these accounts rather than create new ones from scratch.
Security Vs Inclusion
Overly restrictive controls can undermine user experience and limit financial inclusion. “The goal isn’t maximum friction,” Strydom said. “It’s proportionate friction at high-risk moments.”
Those moments may include a first login from a new device, a password reset, the addition of a new payment beneficiary or a large withdrawal request. This risk-based approach allows institutions to preserve user convenience while strengthening controls where value is at stake.
Smile ID reported a surge in “injection-style” attacks that attempt to bypass camera capture entirely using emulators, virtual cameras or synthetic media as well as a sharp increase in AI-generated biometric manipulation.
“The tools available to attackers are evolving rapidly. Institutions need multilayered approaches, continuous monitoring and the ability to adapt as threats change,” concluded Strydom.
The full 2026 Digital Identity Fraud Report can be downloaded for free here
For these and more stories, follow us on X (Formerly Twitter), Facebook, LinkedIn and Telegram. You can also send us tips or reach out at info@techarena.co.ke.
Also Read: Mastercard, Smile ID Partner to Scale Digital Identity in Africa