STOCKHOLM, Sweden — April 13, 2026 — Specops, an Outpost24 company, today launched Specops Verified ID, an identity verification product that enables organizations to confirm user identity using government-issued identity documents combined with biometric liveness validation and fraud detection, delivering a higher level of assurance against the social engineering attacks that increasingly target enterprise service desks and account recovery workflows.
According to the Palo Alto Networks Unit 42 Global Incident Response Report (2025), social engineering is the top initial access vector, accounting for 36% of all cyber incidents. The MGM Resorts breach in 2023, which began with a single social engineering phone call to the IT help desk, resulted in more than $100 million in losses. The 2025 Marks & Spencer ransomware attack cost the business £324 million ($436 million) in lost sales, demonstrating that even established enterprises with mature security programs remain vulnerable to identity-based intrusion at the service desk.
The verification methods most organizations rely on today are fundamentally vulnerable. Knowledge-based questions are guessable or exposed in data breaches, callback and SMS-based verification are defeated by SIM-swapping, and many service desk agents rely entirely on their own judgment with no structured process at all.
Specops Verified ID replaces these methods with government-issued document scanning combined with biometric liveness validation, supporting more than 16,000 document types across more than 200 countries and territories. Once verification passes, the originating workflow continues: the calling user is genuine, the first-day credential is issued, or account access is restored.
Specops Verified ID addresses any service desk interaction where identity must be confirmed, preventing the impersonation attacks that represent the most common social engineering entry point. For new employee onboarding through First Day Password, it eliminates the security risk of distributing initial credentials through insecure channels. These capabilities are particularly relevant for organizations operating under NIS2, DORA, HIPAA, and NIST frameworks.
“Attackers increasingly exploit weaknesses in identity verification processes, using social engineering and stolen credentials to impersonate legitimate users and gain access to sensitive systems. Too many verification methods were designed for convenience, not security, leaving organizations exposed in the workflows where secure access is critical. Specops Verified ID brings high-assurance identity verification into the points of highest risk, helping organizations reduce impersonation risk and close security gaps that traditional methods have failed to address,” said Omri Kletter, Chief Product Officer at Outpost24.
Specops Verified ID integrates natively into Specops Secure Service Desk, uReset, and First Day Password, meaning users complete identity verification within the same process they are already using. With the launch of Specops Verified ID, Specops extends its security capabilities to address both user authentication and identity verification, enabling organizations not only to check whether a user has the right credentials but also to confirm that the person requesting access is the legitimate account holder. For more information, visit specopssoft.com
