By Neville Pattinson
According to the Breach Level Index, identity theft accounted for 59 percent of data breaches in 2016, proving that stolen identities are a hot commodity. To protect against fraud and cyber-attacks within the ongoing shift to the digital world, it’s vital that businesses and government agencies verify that their customers are who they say they are and aren’t pretending to be someone else.
The first step that banks, governments and enterprises usually take when verifying identities is asking to see an identity document like a driver’s license or passport. Verification typically consists of a quick visual inspection of the doc, and then a subjective comparison of the person’s face to the photo on the document.
But with more and more services moving online – banking, check-in for flights, visa applications – it no longer makes sense or is adequate to rely on a face-to-face encounter. Plus, visual verification is flawed. The U.S. alone has more than 1000 state and federal IDs. How is any employee supposed to master them all?
Reliable verification is fundamental to combating identity fraud and related criminal activities, and increasing regulatory pressure only heightens the need for a robust strategy. The challenge now is to develop an effective identity verification process that balances emergent security requirements while maintaining end user convenience.
These policies and procedures, widely referred to as Know Your Customer (KYC), are used by public and private sector institutions to combat identity or financial fraud as well as to comply with international regulations against money laundering and terrorist financing.
By updating the identity verification process with software, weaknesses such as human error or inconsistency are eliminated, leading to a stronger, more convenient and trustworthy verification process that’s applicable across sectors.
Stakes are extremely high for governments
Governments were among the first entities to adopt more advanced, software-based solutions for both document verification (verifying that an ID document is neither expired nor fake) and biometric identity verification (using biometrics to verify the person presenting the document is its rightful owner). Why? Because with decisions like who can cross a border or board a plane, assurance levels need to match the high stakes.
Migration to electronic passports (or ePassports) has been in progress since 2005, and more than 120 countries have started issuing this type of travel document. Unlike conventional passports, the electronic passport has a microprocessor that stores a digital version of the ID photo plus all of the data found on the first page of the paper passport. The data from the ePassport can also be stored on the holder’s smartphone to create a secure companion for travelers’ physical passport.
By incorporating security features into the passport itself and enabling secure communication with biometrics scanners and automated border control gates, these solutions can prevent identity fraud by both verifying the validity of the document and the rightful owner.
Keeping in line with the U.S. government’s plans to gather and leverage biometric records for verifying passport-holders and non-citizens alike, airlines and airports are also embracing technologies like fingerprint scanning and facial recognition to improve the passenger travel experience. Many are introducing these technologies to improve check-in, self-bag check and boarding as well as the airside leisure experience.
What’s good for government is good for banks
While software-based identify verification has been implemented and used by governments for years, it’s just recently begun to migrate into the private sector.
Younger generations of consumers prefer to handle the vast majority of their banking needs on digital and unattended channels, so that any interaction is frictionless and fast. As a result, banks are consistently seeking avenues to increase their reach, engage their customers and meet them on the digital platform of their choice. Cost reduction is a secondary motivation, as in-branch services prove to be ten times more expensive than remote channels.
Utilizing the same document and biometric identity verification technology used in government programs worldwide, financial institutions can now easily, efficiently and cost-effectively protect both themselves and their customers from fraud while enjoying the benefits of digital advancement.
With biometric recognition (in the form of a selfie taken on a tablet or phone), real-time forensics and automatic form fill-out, a new customer can open an account, procure a new card or sign up for new services from the comfort of their couch. Meanwhile, existing customers can trust in the staunchest level of security for high-value, sensitive transactions such as fund transfers and loans.
Banks can also put intelligent systems into place, including self-service banking kiosks or fingerprint scanning on mobile apps, to step up authentication and biometric identity verification requirements.
Telecom operators are prime targets
Just like banks, mobile network operators (MNOs) are facing a growing threat from identity fraud, with the Federal Trade Commission reporting a 156 percent increase in mobile account identity theft from 2013 to 2016. For MNOs, the critical moment is often when customers open an account, either in-store or online. Fraudulent users can use a fake identity to get a brand new, highly-subsidized phone and then open another account with a different operator using their real ID, never honoring the first contract.
Other scammers use fake IDs to gain access to the SIM card of a legitimate user, which they then use to authenticate transactions with the legitimate user’s bank, running up huge costs in the user’s name and perpetrating so-called SIM-swap fraud. These incidents can result in hefty financial burden and damaged brand reputation for the operator.
Not only does a reliable ID verification process and technology decrease those risks, it also means MNOs can monetize their assets and work with other industries to offer additional mobile-based services to their customers. Examples include mobile banking, digital driver’s licenses, virtual car keys and many more valuable options.
As we move more and more of our interactions into the digital world, the need to create and verify trusted identities is heightened as well. To learn more about implementing a multi-faceted approach to identity verification, check out this video: