Microsoft has reported a reduction of up to 90% in fake partner account openings after rolling out an automated identity validation system across its global partner ecosystem.
The figures were shared with Expert Insights by identity verification firm AU10TIX and illustrate an increasing trend toward more-secure, high-assurance digital identity controls within the industry.
With tens of thousands of partners worldwide, Microsoft is constantly exposed to risks from attacks such as impersonation, unauthorized access, and Account Takeover (ATO) attempts. Fraudulent partner accounts can be abused to distribute malware, access sensitive systems, or move laterally across trusted environments.
Traditional onboarding approaches, such as manually reviewing applications or checking static documentation, are struggling to deal with increasing levels of automation in fraud attacks.
In order to address this challenge, Microsoft said it implemented a solution called OneVet. The system integrates Microsoft Azure infrastructure with verifiable credentials, a method of confirming identity using cryptography instead of static documentation, and automated identity intelligence. This allows partner identities to be checked quickly and reused securely across workflows.
According to AU10TIX, OneVet significantly reduced the number of ways attackers could create new accounts utilizing stolen/fabricated identities.
Why Fake Accounts Create Disproportionate Risk
Fake and synthetic accounts are a well-established entry point for broader cyberattacks. Industry research shows that organized fraud groups routinely generate thousands of false onboarding attempts using AI-generated documents, manipulated selfies, and deepfake video.
Once approved, these accounts typically blend-in with the legitimate users, making detection much more difficult.
Security teams warn that partner ecosystems are especially attractive targets. A single compromised partner account can bypass perimeter defenses and provide access to internal tools, data, or customer environments. This makes prevention at the identity verification stage critical.
Microsoft’s decision to implement OneVet illustrates growing acceptance of verifiable credentials that can be reverified without revealing any sensitive Personal Identifiable Information (PII), thereby supporting both security and privacy objectives.
For CISOs and identity leaders, the tech giant’s move provides a real-world example of how the use of automated, credential-based verification can greatly reduce the amount of fraudulent activity and facilitate the existence of complex partner ecosystems.
