
AI Romance Scams Expose Dating Apps' Verification Failures
- UK victims of romance scams lose between £10,000 and £15,000 on average per case, according to Action Fraud
- BioCatch reports a 63% increase in romance scams between 2024 and 2025
- Fraudsters can now produce convincing profiles and pass liveness checks for as little as £15 monthly subscription
- The Online Safety Act places direct obligations on dating platforms to protect users from fraudulent accounts
The bill for AI-enabled romance fraud is coming due, and dating platforms are discovering their current defences amount to little more than a padlock on a glass door. Sumsub and the Online Dating and Discovery Association have published research confirming what trust and safety teams already know: the traditional selfie-check model of verification was built for a threat landscape that no longer exists. The white paper, titled 'Are You Real? How Dating Apps Must Re-Architect for the AI Fraud Era', maps out how deepfake technology, synthetic voice generators, and AI-created imagery have systematically dismantled the verification methods most platforms still rely on.
When the Baseline Becomes Inadequate
The mechanics of the problem are straightforward. Most dating platforms implement a single point of identity verification: upload a photo, take a selfie, match the two, you're approved. That model assumed the image being uploaded was created by a human being pointing a camera at their actual face.
AI image generators have eliminated that assumption. According to Sumsub's data cited in the research, fraudsters can now produce convincing profile images, pass liveness checks using deepfake video, and maintain the deception through AI-generated voice calls. The barrier to entry isn't technical sophistication—it's a £15 monthly subscription to the right software.
Create a free account
Unlock unlimited access and get the weekly briefing delivered to your inbox.
Platforms still running one-time photo verification as their primary defence mechanism are essentially asking fraudsters to please tick a box before committing fraud.
The paper identifies what it calls 'systematic blind spots' in current approaches: platforms verify identity once but rarely reassess; they moderate content reactively rather than monitoring behavioural patterns; they treat verification as a binary pass/fail rather than a continuous risk assessment. Those gaps were defensible when fraud required sustained human effort. They're liabilities when automation scales the attack surface.
The DATE Framework and Its Implementation Problem
ODDA and Sumsub propose a four-pillar response model they've labelled DATE: deterrence through risk-based verification, behavioural analysis to flag anomalies, triage systems for high-risk accounts, and empowerment features that give members tools to protect themselves. The framework itself is sensible. Deterrence would mean layered verification that adapts to risk signals—higher scrutiny for accounts exhibiting fraud indicators, lighter touch for established members with normal behavioural patterns.
Analysis would track messaging cadence, photo uploads, location consistency, and other signals that distinguish human patterns from bot-like activity. Triage would route suspicious accounts to manual review before they can initiate financial requests. Empowerment would surface verification status, account age, and other trust signals directly to members.
What the paper doesn't address: the operational cost of implementing this at scale, or evidence that any platform has successfully deployed a similar system without damaging user acquisition metrics. This is industry self-analysis rather than validated research. The recommendations come from a verification vendor and a trade body representing platforms that would need to buy those services.
That doesn't make the analysis wrong—Sumsub processes verification for multiple dating platforms and presumably sees the fraud patterns firsthand. But operators reading this will notice the absence of case studies showing a major platform rebuilt its verification architecture and maintained conversion rates.
The Regulatory Forcing Function
The Online Safety Act provides the stick that might make this happen regardless. The legislation places direct obligations on platforms to protect users from fraudulent content and accounts. Dating apps fall squarely within scope as user-to-user services.
Enforcement mechanisms remain undefined—Ofcom hasn't published final codes of practice—but the directional signal is clear. Platforms that experience systematic fraud losses and can't demonstrate robust prevention systems will face regulatory exposure. The paper cites the OSA repeatedly as context, and it's the right frame.
When Ofcom does publish enforcement guidance, will existing verification systems meet the standard? Almost certainly not, if those systems consist of a single selfie check performed at signup.
What matters for compliance teams is the question of adequacy. The white paper essentially argues that current industry baseline practices are already noncompliant with the spirit of the regulation, even if enforcement hasn't begun.
The Conversion Rate Calculus
The obvious counterargument from product teams: every additional verification step costs signups. Dating apps compete on friction reduction. Adding behavioural monitoring, risk-based triage, and layered identity checks makes the onboarding experience heavier.
The paper acknowledges this tension but doesn't resolve it. Sumsub's own data, referenced in the research, indicates that member attitudes toward verification are shifting—particularly among women, who report higher willingness to accept friction in exchange for safety signals. But 'willingness to accept' and 'no impact on conversion' are different claims.
The market will likely see divergence here. Premium platforms with strong unit economics—your Raya, your Inner Circle, your high-ACV white-label operators—can absorb verification costs and wear it as differentiation. Mainstream free-to-use apps operating at scale will struggle to justify the expense without clear evidence that trust signals improve retention enough to offset acquisition losses.
That's the real implementation challenge. The trust and safety case is unambiguous. The business case requires someone to go first and prove the economics work. Until then, this remains a white paper describing a problem everyone agrees exists, proposing solutions nobody's demonstrated at scale.
The next twelve months will clarify whether regulatory pressure, competitive differentiation, or a high-profile fraud incident forces a platform to commit. When that happens, the rest of the industry will have a case study. Until then, they have a framework and a countdown clock. Recent research from the Alan Turing Institute shows how deepfake technology is increasingly being deployed in romance scams, while BioCatch reports a 63% uptick in romance scams between 2024 and 2025, with fraud now spreading beyond traditional dating platforms to everyday apps.
- The Online Safety Act creates regulatory liability for platforms still relying on single-point photo verification, with enforcement guidance expected to make current baseline practices noncompliant
- Premium dating platforms with strong unit economics will likely move first on enhanced verification, using trust signals as competitive differentiation while mass-market apps wait for proven case studies
- The next twelve months will determine whether regulatory pressure, competitive advantage, or a major fraud incident forces industry-wide adoption of layered verification systems
Comments
Join the discussion
Industry professionals share insights, challenge assumptions, and connect with peers. Sign in to add your voice.
Your comment is reviewed before publishing. No spam, no self-promotion.
