The Veridas event in Madrid, entitled “Beyond Fraud: Real Identity as a Strategic Pillar in the AI Era,” brought together public and private‑sector leaders to discuss how AI has industrialised fraud and why Europe needs to reclaim control over its digital identity.
Last week in Madrid, Veridas gathered experts from banking, insurance, telecommunications, public administrations and technology to discuss one of the most urgent challenges of our digital age: identity fraud.
The consensus was unanimous. As Eduardo Azanza, CEO and Co‑Founder of Veridas, warned, “we have a pandemic of fraud generated and fueled by generative AI.” This technology didn’t create fraud—it industrialised it, enabling automatic, scalable and nearly invisible attacks.
The Veridas Identity Fraud Report 2025 confirms this trend:
- 1.4% of identity verifications show injection activity – fraud that hides inside systems.
- 1–6% of verifications are fraudulent.
- AI already drives 41% of attacks.
- $9.5 trillion is the global annual cost of cybercrime—equivalent to the third largest economy on the planet.
These figures demand not only specialised solutions, but also a robust and secure cloud infrastructure that acts as the foundation of that defence.
Google Cloud provides that technological base: a platform combining artificial intelligence, machine learning and anomaly‑detection capabilities that anticipate threats and protect the most critical systems. On this architecture, Veridas builds its identity and antifraud solutions, integrating innovation, sovereignty and security by design.
“The concern about identity has tripled in the past six months,” said Azanza. “Our challenge is to distinguish the real from the fake, ethically, responsibly and technologically.”
Biometrics as the frontier: “what you are”
Digital environments rely on three authentication factors: what you know (password), what you have (mobile or token) and what you are (biometrics). Of the three, biometrics is the only one that links the digital identity to the real person.
Mikel Sánchez explained how fraud has evolved from in‑person attacks to massive, automated campaigns, highlighting three essential defence types:
- PAD (Presentation Attack Detection): blocks attacks using photos, masks or videos.
- IAD (Injection Attack Detection): counters invisible attacks that inject false evidence directly into the system.
- MAD (Massive Attack Detection): detects industrial‑scale coordinated attacks.
Also innovative are the Renewable Biometric References (RBRs), which guarantee full privacy according to three principles: irreversibility, multiplicity and non‑interoperability.
Regulation, sovereignty and the new European framework
The event also addressed the geopolitical and regulatory dimensions of fraud. The concept of digital sovereignty—Europe’s ability to protect its own data and critical systems—was at the heart of the discussion.
Raquel Poncela (FNMT) delivered a master‑class on the European Digital Identity Wallet (EUDI Wallet), a key component of the new eIDAS 2.0 Regulation.
“By Christmas 2027, the private sector will be required to accept the European Digital Identity wallet as a means of identification.”
The principle is revolutionary: citizens will own their data. The “attributes” (such as degrees, policies or bank accounts) will be in the hands of the user and non‑transferable. Non‑compliance fines could reach 2% of global turnover.
The debate on Europe’s digital sovereignty cannot be separated from technological security. In this regard, José Carlos Térez (Google Cloud) reminded us that security must be “by default and by design,” emphasising that sovereignty is also built on the ability to operate and protect data from within Europe. Google invests billions every year in technology and talent to safeguard its services and those of its customers, based on four pillars: intelligence and incident response, security in any environment, regulatory compliance and AI‑integrated defence.
With this model, Google Cloud offers European organisations a real digital sovereignty framework, combining global scale with local control.
Market perspective: balancing security and experience
The panel featuring Trade Republic, ID Finance and Permiso offered the operational side of the financial and tech sectors. How can you maintain security without losing users?
Víctor de las Heras (ID Finance) shared a telling insight: moving antifraud verification to the end of the registration process led to a drastic drop in abandonment rates. Pablo López (Trade Republic) stressed that security should not feel like a burden, but like a protection the customer values. Álvaro Mancilla (Permiso) proposed adding more context to processes: “The more context you provide, the harder it is to fake.”
The consensus was clear: regulation is not an obstacle—it’s an opportunity. The goal is the same for everyone: the user owns their identity, and digital trust becomes a competitive advantage, not a liability.
Conclusion: technology and trust, one and the same battle
We must build fences and add layers of defence—but those fences must stop the bad actors, not the customer. Identity is the new security perimeter and trust will be the foundation of the digital future.
In Europe, the battle against fraud is not won through fear—it’s won through sovereignty, innovation and collaboration. At Veridas we believe that the fight against identity fraud is not won by technology alone, but through collaboration, sovereignty and real trust.
Discover how our solutions, together with technology partners like Google Cloud, help European organisations protect their digital identity and build a safer future.
Contact our expert team or consult the Veridas Identity Fraud Report 2025.
Access the full event recording here:
