Proof

What 2026 Market Conditions Say About the Future of Trust and Identity

By 2026, identity verification has evolved from a simple login step to a critical, large-scale infrastructure challenge, prompting governments like the IRS and Medicare.gov to invest billions in advanced, AI-resistant identity assurance systems that balance fraud prevention with user accessibility, while private investment and policy shifts further underscore identity's central role in security and trust.

For a while, “identity” was a background concern—just a login screen, a validation field, or a checkbox. Verification was a step organizations implemented and users accepted. That era is over.

Over the past year, identity has become one of the most important and complex security challenges. It now features prominently in areas with large budgets and high stakes: venture capital, private equity, M&A, federal procurement, and global assemblies like the 2026 World Economic Forum (WEF) Annual Meeting.

These investments are long-term bets that affect millions and set expectations for how organizations should approach identity and fraud prevention—without punishing legitimate users. Identity is now treated as core infrastructure, and the market is responding across three areas: government contracts, private investment, and state/federal policies.

Governments are awarding multi-billion dollar contracts

Governments are rethinking expectations around identity assurance, online safety, and privacy. AI-powered fraud is no longer theoretical, and the consequences of failed identity systems are real. This pressure is pushing identity programs beyond basic ID and biometric checks toward stronger, more defensible models that can keep up with AI-driven impersonation and synthetic identity tactics.

A billion-dollar identity agreement with the IRS

In January 2026, the IRS awarded ID.me a blanket purchase agreement valued at up to $1 billion for identity verification and authentication services. This is a visible example, but not unique—government agencies are investing in identity programs that must serve massive user populations, defend against modern fraud, and maintain access for legitimate users.

This is “identity at scale”: not a point solution, but a robust platform, network, and ecosystem of verification, authentication, and ongoing risk management solutions.

Medicare.gov is adding new identity options at US-national scale

The Centers for Medicare & Medicaid Services (CMS) are making a major identity update to address access, security, and user experience. Starting in early 2026, ID.me will be available as an identity verification and sign-in option for Medicare.gov. CLEAR also announced a CMS contract focused on enabling digital identities for Medicare.gov.

Medicare.gov will be a significant pressure test for modern identity frameworks, given its massive user scale, real fraud incentives, and low tolerance for friction.

Login.gov is modernizing its identity proofing and vendor ecosystem

Login.gov, a key identity platform for U.S. federal services, is evolving its capabilities and supplier landscape:

  • GSA announced passport-based identity verification for Login.gov, enabled through interagency partnerships and authoritative records.
  • IDEMIA announced a 10-year BPA from GSA tied to next-generation identity proofing for Login.gov.
  • Diamond Capture Associates and subcontractor Incode announced a contract award to support Login.gov’s next-generation identity proofing.

The trend is not that a single vendor wins, but that identity-based solutions are expanding, and organizations are modernizing to meet sophisticated threats—relying on multiple vendors for specialized capabilities.

Investors poured nearly $2 billion into identity solutions

The market for identity solutions is moving fast, with significant investment following. Over the past year, investors have poured capital into companies tackling identity governance, fraud prevention, AI agent identities, and new models for verifying users online. The problem is getting harder and more lucrative to solve.

Ten of the largest recent raises in the identity space:

  • Saviynt – $700M (Identity governance & administration)
  • Cyera – $400M (AI-powered data & identity security)
  • Veza – $108M (Identity search & posture management)
  • Adaptive Security – $81M (Adaptive authentication & real-time identity)
  • 1Kosmos – $57M (Biometric authentication & fraud prevention)
  • k-ID – $50.3M (Youth and age-based identity & safety)
  • Push Security – $49M (Browser-based SaaS identity security)
  • Aembit – $43M (Non-human identity & workload IAM)
  • Orchid Security – $36M (Identity hygiene & governance)
  • Descope – $35M (Identity for developers and AI-native apps)

Honorable mentions:

A growing wave of companies is raising money to address emerging issues like identity response, privacy, API identity security, and AI-agent governance. The identity ecosystem now includes:

  • Mitiga – SaaS and cloud-based identity response
  • Verisoul – digital identity and bot prevention
  • Prime Security – identity security for software delivery
  • Authologic – identity verification orchestration
  • Continuum ID – reusable digital identity
  • Proof – identity authorization infrastructure, backed in part by strategic investment from Visa

AI-powered fraud and scams are driving policy decisions

Identity news is also about the operational reality of fraud and the policy responses that follow. The landscape has shifted from traditional document checks to AI-governed frameworks and digital wallets. In 2025 and 2026, the focus has pivoted toward age-gating in the U.S. and wallet-first identification in the EU.

In the U.S., identity requirements are shaped by federal standards and state/local laws. In 2025, the Social Security Administration announced in-person identity checks for certain cases to curb direct deposit fraud. This signals that when fraud rises, policies shift from convenience-first to assurance-first.

REAL ID is now fully in effect for domestic air travel, NIST’s updated digital identity guidelines are raising the bar for identity proofing, and state laws are pushing age verification for adult content and social platforms. Biometric privacy rules like Illinois’ BIPA and similar legislation in other states are forcing companies to consider consent and data handling. National associations like AAMVA are signaling momentum toward mobile driver’s licenses.

In the EU, the approach is more unified and digital-wallet driven. eIDAS 2.0 requires every member state to provide a European Digital Identity Wallet by late 2026, enabling citizens to share verified attributes across borders without repeating manual checks. This is reinforced by the EU AI Act’s limits on biometric identification, GDPR’s stricter guidance on data minimization, and AML reforms increasing demand for high-assurance digital identity in high-risk transactions. While the U.S. tightens identity through fragmented, state-level rules, the EU is building a government-backed wallet model for reusable identity across services.

What all of this identity & security activity means

For digital service providers, the goalpost for trust has shifted due to the increased frequency and sophistication of fraud and impersonation attacks. Standards are tightening, and new laws are reshaping how organizations verify users, handle biometric data, and prove identity online.

Users are being trained by governments, banks, and healthcare providers to expect identity checks at critical moments, but have less patience for clunky, repetitive, or slow verification solutions.

The real challenge is not simply adding identity verification at different points, but building trust and reliability that works across the moments that matter most. That is where the market is heading.

Why you need Proof

Proof helps organizations verify identities and establish trust throughout any workflow, authorization, or customer lifecycle. Users can save their identities to the Authorization Network, creating a record of trust that’s reinforced over time and expedites future transactions. Fraudsters, deepfakes, and synthetic identities are caught and prevented quickly, while legitimate users enjoy a streamlined experience.

See how Proof addresses the biggest challenges in Identity and digital transactions.