[INFOGRAPHIC] The History of ID Verification
Identity verification has been around for thousands of years. It can be as simple as remembering your friend’s face and picking them out from a crowd to something as complex as verifying a stranger’s identity based on the blood vessel patterns on the back of their hands. This timeline and infographic illustrate how far we’ve come in the evolution of ID verification.
In the beginning, the most common method was to rely on one’s memory to identify the various features and physical details of another person. However, while simple, this method did have its failings due to human error. Thus, new identification methods were born.
One alternative was the physical display of jewelry or other decorative goods. The oldest pieces of jewelry found for identity purposes were beads that were recently discovered in South Africa, Algeria and Israel; the oldest dating back to approximately 100,000 years ago. In terms of identification, these beads communicated a variety of information to others including wealth, familial ties, and personal identity. Even now, jewellery is still being used in the military in the form of dog tags, and for medical purposes as medical alert bracelets to help identify and classify individuals.
Another historic alternative to sole memory was tattooing. The earliest records of identity tattoos date back to approximately 2000 BC in Ancient Egypt. They were used to help distinguish various clans from each other and later to dictate a person’s place in society, from their membership to a specific family to whether they were of high birth or low.
With advances in the written language and record-keeping technologies, identification evolved from physical symbols and skin markings to the written word. The earliest mention of a census or of a government collecting citizen’s personal information began in 3800 BC during the Babylonian empire where records state it was undertaken every 6 -7 years and contained detailed counts of both people and resources. Unfortunately, the Babylonians had yet to discover the usefulness of numbers and so were forced to rely upon manual identification techniques. As time progressed, the Roman Empire further developed data collection techniques and grew to have need of more personalized information from citizens and so a variety of documents were introduced. These included many that are still common today such as birth certificates, land title deeds, and citizenship records.
As for passports, the credit for their invention can go to King Henry V of England in 1414 where he created the documents for English citizens who needed to prove their identity while in foreign countries. These papers were then referred to as “safe conduct” documents and ensured a citizen’s safety in a neighboring country when gifted by the monarch.
In 1829, the British Parliament enacted the reforms of Prime Minister Robert Peel to place more emphasis on printed police records. Due to this new focus, data could be stored in a personal document file and linked back to individuals using a unique numerical value. This would be the precursor to more modern government databases that link to ID cards.
Building upon Prime Minister Robert Peel’s reforms, the Netherlands started their own decentralized Personal Number (PN) system in 1849, but only moved on to issue personal ID cards to each citizen in 1940. By this time the United States had also begun rolling out their Social Security Number cards, the first batch distributed in 1936. Other countries followed suit as electronic data processing continued to permeate countries and governments around the world.
In 1840, William Henry Fox Talbot pioneered the negative-positive photographic system. This would revolutionize the identification industry, although it was not until after WWII that photo IDs would become widespread.
In the late 1870’s Sir William Herschel made a biometric breakthrough. Successfully using ink fingerprints as manual signatures on wills and deeds, making it a means of precise identification. This evolved into Scotland Yard’s Galton-Henry system of fingerprint classification and would later be automated by the Japanese in the 1980’s with their Automated Fingerprint Identification System (AFIS) and further improved by the Americans with their Integrated AFIS.
However, these records were still mainly in paper form. It wasn’t until 1977 that the USA computerized its paper records and had established a matching program capable of cross-referencing between various banking and governmental bodies. This eventually became commonplace and citizens were more easily monitored to determine if they were being taxed appropriately or if they had received welfare funds.
This would pave the way for what many would now recognize as “smart cards”, which were first popularized by governments’ usage as national identity cards. Among the first countries to use smart cards include Germany, Singapore, the Czech Republic and Spain beginning in the late 1980’s. The aim of these cards was to amalgamate a number of necessary public services into one place, including: citizenship, health care and finances. The card contained a variety of information ranging from date of birth and digital signatures to biometric data such as fingerprints.
Biometric data took a huge leap when companies and governments began using new methods to identify people. In 2004, the US deployed its first statewide automated palm print database. This database was primarily utilized by law enforcement to match unidentified palm prints to the list of known offenders. In addition to this technology, other improvements in the area of biometrics include advancements in speech recognition, iris recognition, facial recognition, DNA sequencing, hand geometry, and vascular pattern recognition, which rely on blood vessel patterns in the hands.
With the advent of the Internet and e-commerce, the introduction of multi-factor verification started with two-factor or two-step verification. It involves two different steps to verify a user’s identity, usually comprising of something only the user possesses and something only the user knows. One common physical example would be an ATM where customers need both a bankcard and a PIN to access it a technology that dates back to the beginning of the 1960’s. However, it wasn’t until 2011 that Internet companies began capitalizing on the new verification approach starting with Google. The main issue was that physical objects are less common for Internet and software companies so the “something that only the user has” factor needed to piggyback off the user’s existing hardware such as their cellphone. Thus, in a Google service, one is first prompted for their username and password and after must choose whether to opt to run and install Google’s own authentication program, which generates a unique code for the user or to receive a unique number via text message to key in. The latter method proliferated what many commonly know now as SMS verification and is a technology being used by other companies and services globally. However, SMS technology is not new, the concept was invented in 1984 and the first message was sent in 1992. But, the innovative usage is still spreading with Apple only implementing two-factor verification with SMS just last year in March 2013.
Due to the widespread accessibility and usage of the Internet, an individual’s cyber identity or Internet Life data has become increasingly important. This view became prevalent with the expansion of social media and the trend of digitization. Thus, in 2004 Janrain pioneered social login, allowing users for the first time to login to other sites and programs using their social media accounts and cyber identities. Social login was further advanced in 2009 when Trulioo created TruDetect, the first program of its kind to verify social accounts as either machine generated, fraudulent, or authentic. This SaaS product added a much-needed layer of trust to the social web while simultaneously ushering in the legitimacy and effectiveness of one’s cyber footprint for the use of identity verification.
Due to the increase uptake of e-commerce and the steady climb of online fraud, identity verification has increasingly become a legislated requirement. While both terms are similar, Know Your Customer (KYC) comprises of different policies enacted in order to identify customers, helping to prevent fraud. Anti-Money Laundering (AML) describes the legal controls that organizations within the financial and legal industry must enact with due diligence to prevent, detect and report money laundering activities.
Trulioo recognized that the direction of global identity verification was undeniably headed towards a fusion between online and offline verification methods by combining Internet Life Verification (ILV) and Anti-Money Laundering compliance and risk mitigation services, and as a result launched Global Gateway in 2014, the most comprehensive AML/KYC identity verification provider covering over 3 billion people worldwide.
“Identity is the history that has gone into bone and blood and reshaped the flesh. Identity is not what we were but what we have become what we are at this moment.” ― Nick Joaquín