February 12, 2025

Introducing VerifiedHire™: Secure Employee Onboarding to Combat North Korean Fake IT Workers

by
Nametag Team
North Korea Blog Post Header
press@nametag.co

Get in touch with our PR team.

Download media kit

Logos and graphics to help you cover Nametag.

Nametag console showing a successful verification result

Enable Self-Service Account Recovery

Nametag sends MFA and password resets to self-service while protecting your helpdesk against social engineering.

Five stars in a line
Learn how

Today we’re thrilled to introduce Nametag VerifiedHire™, a groundbreaking solution for secure employee onboarding that prevents North Korean IT workers and other bad actors from impersonating legitimate new hires to infiltrate your company. VerifiedHire replaces outdated manual credentialing processes with streamlined self-service and robust Deepfake Defense™ identity verification. Read the press release, then read on to learn more about secure onboarding with Nametag VerifiedHire!

“VerifiedHire has transformed our onboarding process. The ability for new hires to set up their own accounts without IT intervention is a game-changer.” – Senior IT Director at a leading biotech firm

Employee Onboarding is a Major Gap in IT Security

Getting new employees set up with their work accounts is a huge time sink, both for the employees and for the IT department supporting them. But beyond the costs involved, account credentialing is also a critical security risk. Think of it this way: a bad actor who successfully sets their password with your identity provider is “in the door” and can now move laterally, steal data, or deploy ransomware. Or, as with North Korean IT workers, they just start collecting paychecks in violation of international sanctions.

“Employee onboarding is a major gap in IT security that nobody has been able to figure out—except Nametag. VerifiedHire is the only solution for initial credentialing that creates the level of identity assurance we require.” – Senior IT Director at a leading biotech firm

The various checks that new employees undergo were built for compliance, not security. Most background checks simply look up a Social Security Number against various criminal records, which does nothing to stop a North Korean IT worker with a stolen identity. The small number of background check companies that offer document verification services use antiquated, consumer-grade technology that is easily fooled by today's AI-generated deepfake documents. I-9 verification ("right to work") is similarly low-assurance, with imposters easily able to provide a deepfake ID that passes validation.

In fact, account provisioning is your last chance to stop a bad actor from getting into your networks. But all of the ways that IT departments have traditionally had to verify new hires are easy to exploit. They’re also tedious and mostly manual, creating a frustrating, impersonal new hire experience.

  1. Manually send a temporary password to a new employee's personal phone number or email address. This offers little to no assurance that the receiver isn't an imposter.
  1. Coordinate an in-person meeting to communicate initial credentials. Bad actors target remote or outsourced roles that don't have this expectation, or provide a range of excuses.
  1. Use a software tool to automate initial password delivery. All of these products ultimately boil down to sending a temporary password to someone's personal email or phone number.

Introducing Nametag Verified Hire: Ensure That Only Verified Hires Gain Access to Your Networks

VerifiedHire is Nametag's new solution for secure employee onboarding. It replaces outdated, insecure initial credentialing procedures with streamlined self-service account provisioning, backed by robust identity assurance. VerifiedHire surrounds your existing identity providers (Okta, Microsoft Entra Duo, Cisco Duo, etc.) to transform a frustrating, impersonal process into a fast, delightful experience.

Simply direct new hires to your branded onboarding microsite, powered by Nametag. New hires navigate guided workflows to verify their identity with our Deepfake Defense identity verification engine. Verified hires can then set their passwords and enroll in multi-factor authentication (MFA) with your identity providers, all on their own, without requiring IT support or intervention.

By replacing pre-signed URLs and temporary passwords with Nametag, IT and security teams eliminate a critical security risk. IT departments save 30+ minutes per new hire. And enterprise risk teams gain crucial visibility into potential insider threats such as North Korean IT workers.

  • Prevent Infiltration: VerifiedHire is the first onboarding solution that combats sophisticated remote worker fraud schemes, including deepfake-wielding North Korean threat actors.
  • Stop Contractor Fraud: Enterprises can use Nametag to quickly verify their extended workforce at scale, uncovering imposters and potential insider threats.
  • Eliminate Temporary Passwords: VerifiedHire replaces outdated, insecure temporary password delivery systems with an initial credentialing experience that’s modern, secure, and streamlined.
  • Powered by Deepfake Defense: VerifiedHire is built on Deepfake Defense, the only identity verification engine proven effective against modern, AI-powered impersonation threats.
  • IT Cost Savings: By deflecting new employee verification and initial credentialing to self-service, VerifiedHire creates substantial time and cost savings for IT and Human Resources teams.
"VerifiedHire has transformed our employee onboarding experience. The ability for new hires to set up their own accounts without IT intervention is a game-changer." - Senior IT Director at a leading biotech firm

Example Onboarding Flow with Nametag VerifiedHire

Onboarding with Nametag VerifiedHire is fast and easy for legitimate employees, while creating a high barrier of identity assurance that imposters can’t surmount.

  1. Generate IT ticket.
    Human Resources creates a ticket for IT with a new employee’s start date.

  2. Create an account.
    IT creates accounts for the new employee in the relevant identity directories (e.g. Okta, Cisco Duo, Microsoft Entra), including their legal name and birthdate.

  3. Send to self-service.
    On the new employee’s start date, instead of sending a temporary password, IT sends a link to your self-service onboarding microsite, powered by Nametag.
  1. Verify their identity.
    The employee scans their photo ID and takes a selfie. Nametag’s Deepfake Defense engine verifies that they really are who they claim to be.
  1. Bind to their account.
    Nametag ensures that the employee is the right person by matching the info on their ID to the legal name and birthdate in the corresponding directory account.

  2. Set initial credentials.
    Verified hires can proceed to set passwords and enroll in MFA. Meanwhile, imposters are detected, surfaced, and prevented from gaining access.

Enhance Employee Onboarding with Nametag Solutions

VerifiedHire fits seamlessly into your existing onboarding workflows through our plug-and-play integrations to identity providers like Microsoft Entra, Cisco Duo, Okta and OneLogin. You can deploy VerifiedHire in as little as 10 minutes, immediately protecting your organization against bad actors impersonating new employees. On the back end, we've built an unprecedented level of configurability into our platform, ensuring a custom fit to your company's unique requirements and infrastructure.

  • Nametag VerifiedHire: Deploy self-service account provisioning in as little as 10 minutes with plug-and-play integrations with identity providers and IT service management (ITSM) tools.
  • Helpdesk-Supported: Add Nametag to your HR onboarding checklist, using our intuitive helpdesk console to quickly verify new employees on their first day or even before.
  • API Integration: Build your own custom onboarding workflows with Deepfake Defense identity verification at the core, connecting Nametag to your HRIS and other tools.

Employee Onboarding with Deepfake Defense™

VerifiedHire is built on Deepfake Defense, Nametag’s proprietary identity verification (IDV) engine. It combines advanced cryptography, biometrics, AI and a raft of other innovative technologies to quickly and accurately verify a person’s identity using only their smartphone and government-issued photo ID.

Deepfake Defense is the first and only IDV engine that actively prevents injection attacks and the use of AI-generated IDs and selfies, which are increasingly able to fool other IDV systems, including retrofitted Know Your Customer (KYC) compliance tools.

“Nametag's Deepfake Defense engine is the first scalable solution for remote identity verification that's capable of blocking the AI deepfake attacks plaguing enterprises.” - Bruce Schneier, Internationally-Renowned Security Technologist

End-to-End Workforce Account Protection

VerifiedHire builds upon our solutions for Helpdesk Verification, Self-Service Account Recovery, and Nametag’s availability as an MFA factor for Microsoft Entra and Okta. Nametag’s integrated platform protects and streamlines the entire workforce account lifecycle, from employee onboarding through account recovery and your IT helpdesk. Our solutions work out-of-the-box for rapid deployment and time to value, with deep configurability to support complex enterprise infrastructure and requirements.

“Nametag’s launch of VerifiedHire underscores our continued commitment to creating end-to-end workforce account protection. Since every organization employs a unique approach to employee onboarding, we developed an out-of-the-box-solution that is easily customized to each enterprise’s workflows, software environments, and business requirements.” - Aaron Painter, CEO at Nametag

Get Started: Secure Onboarding with VerifiedHire

Onboarding new employees with Nametag VerifiedHire closes a critical IT security gap while saving thousands of hours for your IT department annually. Self-service account provisioning improves experiences for (legitimate) new hires, while risk teams gain a new level of visibility into insider threats.

VerifiedHire is a ready-to-use solution: deployment can take less than 10 minutes thanks to our plug-and-play integrations with your identity providers. Contact sales to request a live demo today!

Secure your helpdesk against social engineering and impersonators.
Learn more about Nametag
Right Arrow Blue
We use cookies to provide, improve, and promote our services. By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage and assist in our marketing efforts. Visit our Privacy Policy to learn more.
Decline
Accept All Cookies