Article 3 min

Harmonizing identity proofing and authentication for gold standard identity

GDPR subject access request
Verifying ID documents effectively

Both consumers and the companies that serve them have a vested interest in strong identity verification for account opening, to protect them from the financial costs and administrative hassle of fraud.

As personally identifiable information (PII) has become more available (the ID Theft Center reports that almost 1.7 billion records have been exposed since 2005), certain types of identity theft and fraud are on the rise.

Stolen PII can be used to open new accounts online, particularly accounts that enable financial gain through fraud or money laundering.

The Identity Fraud Study from Javelin Strategy & Research found that losses from new account fraud in the U.S. rose to $3.4 billion in 2018. Fraudsters are branching out to target different types of accounts, such as student loans and car loans, loyalty and rewards programs, and retirement accounts.

The highest protection for consumers and companies

Given the number of different ways to perform due diligence on customers who are opening new accounts in order to comply with regulations and reduce fraud, it can be challenging to sort through the options. Companies taking a risk-based approach will need to identify what inherent and residual risks they’re exposed to, analyze those risks and determine the appropriate risk controls to reduce those risks to an acceptable level.

Industries that are more often targets of fraud include financial institutions, eCommerce sites and online marketplaces. Organizations that are looking for the highest level of compliance and risk reduction should definitely consider a layered combination of identity proofing and authentication.

Corroborating identity data and authentication methods offers gold standard identity verification that answers two questions:

  • Are you a real person? Identity proofing determines whether the identity being submitted represents a legitimate and trustworthy person
  • Are you who you say you are? Authentication establishes whether the person presenting the identity data or document is actually the holder of that identity

With reliable answers to these questions, organizations can take action when data and ID documents can’t be corroborated and conduct enhanced due diligence to prevent fraud.

How to combine identity proofing and authentication

Identity proofing can be performed by verifying identity data, ID documents or both. In the case of identity data, information such as name, address, mobile phone number and date of birth is compared to trusted data sources to determine whether there’s a match.

With ID documents, digital images of the ID document (usually captured with a mobile phone camera) are analyzed by humans or software to determine whether the ID is authentic and valid.

Authentication on account opening can be done by comparing a selfie of the person’s face to the photo on their ID document. This facial comparison is carried out by visual inspection or via facial recognition algorithms.

Combining identity proofing and authentication during account opening helps identify fraud before bad actors get through the front gates.  As a result, companies are safer and their customers are protected.