5 minute read
Identity proofing, identity verification and fraud prevention
CAROL CHRIS
IDENTITY PROOFING, IDENTITY
VERIFICATION AND FRAUD PREVENTION
by Carol Chris, Regional General Manager for Australia and New Zealand, GBG
Identity theft and fraud cause some of the biggest business challenges and financial losses in Australia. According to the Australian Cyber Security Centre (ACSC), cybercrime is now so commonplace that Australians are being targeted by cybercriminals every seven minutes. Fraud was the most frequently reported online crime, accounting for 27 percent of incidents.
Online fraud is often the result of a stolen online or digital identity being used to illegitimately access funds, purchase products, open accounts, connect with someone’s network, conduct scams and more. Identity proofing and identity verification are critical parts of any digital onboarding process—particularly for financial institutions—to help prevent fraud and mitigate the risk of fraud.
However, with technology and fraud evolving rapidly, it can be difficult to keep up with the latest solutions and prevention methods. Business leaders need to ensure they are getting the foundations of their fraud prevention approaches right, and this process starts with understanding the importance and role of each step in the process.
IDENTITY PROOFING VERSUS IDENTITY VERIFICATION
Identity verification is the entire process of confirming an identity genuinely matches the person claiming to be linked to that identity. This process can involve taking and verifying personal information such as a name, date of birth, addresses and other relevant factors specific to the individual. This is also referred to as ‘know your customer’. It comprises a range of compliance and regulatory requirements in certain industries, particularly the financial services industry.
Identity proofing is one part of the identity verification process. While it was once common for a customer
to bring their passport or driver’s license for in-person verification to start the process of opening a bank account or taking out a home loan, the increasing digital nature of consumer and business interactions has led to digital identity proofing now becoming the more common and trusted form of verifying someone’s identity.
This trend, rapidly accelerated by the pandemic, has also caught the attention of identity thieves and fraudsters around the world. Consequently, it is now critical for businesses, particularly those handling personal information and data, to take proactive measures to ensure digital identity documents are thoroughly examined for potential fakes or fraudulent behaviour and securely collected, managed and stored.
DIGITAL IDENTITY PROOFING AND THE SECURITY BENEFITS OF BIOMETRICS
Take the example of a customer needing to remotely prove their identity to open a new bank account via their mobile app. The most secure and reliable ways of verifying this customer’s identity will use multiple steps and the latest technology to make this process as smooth and fast for the customer as possible. In fact, identity verification processes that are too lengthy and complex could deter customers from applying for a product or service in favour of one offered by a competitor.
The first step is to share a document scan. Optical character recognition (OCR) technology that can automatically analyse a document against a range of anti-tampering checks and ensure it has not been altered will ensure this process is fast and accurate.
In the second step a simple selfie, which consumers today are all too familiar and comfortable with taking, will help the organisation conduct a face match. This uses biometric technology to match someone’s physical characteristics with their digital information. Face matches are critical to ensuring the person providing the documents is the person presented in the digital documents. This online form of face matching has also been proven to be more accurate than human beings conducting cross checks at, for example, an in-branch bank counter.
The third step is a liveness check using biometric technology. Until this point, a fraudster could submit an identity document of someone else, followed by sharing someone else’s photo or recently taken selfie, without necessarily being caught out. A liveness check requires the individual to physically prove they are the person claiming to in front of the screen or phone.
Some liveness checks require the customer to make extravagant—and sometimes embarrassing— movements. These can deter customers looking for something fast, simple and non-invasive. The less demanding this stage of the liveness check is for customers, the more likely they are to swiftly move through it, enabling a business to quickly and accurately confirm someone is who they say they are.
Last, but not least, while the above three-step process is a best practice approach for identity proofing, every organisation will have different requirements. Some
businesses, for example, may have compliance or regulatory constraints while others may prioritise certain aspects of the customer experience and incorporate technologies to ensure the overall verification process fits with the flow of their product or service.
Consequently, it is important to recognise that businesses looking to design or implement their own digital proofing processes will need to take a customer-centric view and implement something that keeps customers secure during the customer journey without deterring them. Also, consumers need to be forewarned—and invested in completing the identity proofing and overall identity verification process—by it being made clear to them that the process is needed to protect their own data.
COMBATTING FINANCIAL FRAUD
Taking measured steps towards ensuring a customer, partner or business is who they say they are will produce a trusted record of every person and organisation being interacted with. If criminal behaviour takes place down the track it can be traced back to the person involved based on the verified identity data at hand. Simultaneously, certain products and services can be kept out of reach of known criminals. For example, banks can ensure known money launderers are not allowed to open new accounts or make certain types of transactions.
This is one of the most important steps towards proactively preventing fraud. Just as criminals often hide behind masks when conducting a crime, fraudsters regularly hide behind someone else’s stolen digital identity to conduct an online crime, such as money laundering or a scam. With Australian businesses losing millions of dollars to fraud every year the best action they can take to mitigate these losses is to implement proactive measures such as investing in digital identity proofing and verification processes.
www.linkedin.com/in/carol-chris-80a4772
