If you work for a financial institution, you’ve likely heard of the phrase, “Online Identity Verification.” Online identify verification allows companies to identify customers from anywhere in the world in a matter of seconds. Online identity verification technology has come a long way over the past couple of years and is incredibly relevant thanks to new initiatives like the European Union’s Fifth Anti-Money Laundering Directive.
If you need to abide by Anti-Money Laundering or Know Your Customer regulations, you’ll want to learn more about online identity verification. Below, we’ve provided an overview of online identify verification, including a look at some of the methods companies currently use and challenges companies face when doing so.
Online Identify Verification Methods
Online identify verification is a broad term representative of a wide array of methods. Five of the most common online identification verification methods are:
• Knowledge-Based Authentication
• Two-Factor Authentication
• Credit Bureau-Based Solutions
• Database Solutions
• Identification Recognition
Knowledge-based authentication requires customers to answer security questions before partaking in online activities. The questions are tailored from 30 years of data. It is easy for users to understand the questions being asked of them. These methods often contain a time limit, which prevents fraudulent identities from researching the answers to questions.
Unfortunately, this method may not be the most reliable. Hackers could potentially find the answers to these questions on social networking sites. They could also purchase the answers on the black market. These methods also rely on data provided from credit bureaus. In some instances, the legitimate user may not know the answer to the question. Many customers also find the line of questioning intrusive.
Two-factor authentication requires users to log-in twice before accessing sensitive information. The first login is a username and password, which is relatively standard. The second login is sent to the user by:
• Phone call
Users will receive a numeric code or token, which they enter into the requested field. This method is useful because it provides an independent channel. Even if a hacker steals a username and identity, they won’t be able to access the sensitive information. This method has become increasingly popular recently thanks to regulations such as the Revised Payment Service Directive. This is a useful measure when someone is opening an account or changing a passcode.
Although this method is more secure than knowledge-based authentication, it still has its downfalls. Two-factor authentication is vulnerable to SMS-spoofing and keylogging attacks. It could also prove to be very difficult for customers if they lose one of the authentication factors. Many customers also find the experience slow and tedious.
Credit Bureau-based solutions occur when a financial institution solicits information from one of the big three credit bureaus, which are:
These bureaus of an abundance of sensitive financial information. They can locate an identity match with a search through their databases. These databases provide a wealth of information that extends much further than names, addresses, and social security numbers. This method is also easy to implement from an API standpoint. Financial institutions can achieve a final match instantly without intruding on the customer.
Unfortunately, this method does not work well if people do not have an extensive credit file. This can include recent immigrants, young adults, and others who have not taken out lines of credit. Furthermore, hackers can provide accurate information to pass these verification tests. The tests may also not be as reliable when using common names – think “John Smith,” for example. Lastly, this verification method could harm an individual’s credit score.
Database solutions are one of the more useful online identify verification methods. These solutions use a combination of behavioral patterns, social media data, online data, and offline data to determine whether an identification is valid. This method is API-based and cross-checks multiple sources. It can also expedite the process and save financial institutions money because a manual review is not necessary. This solution is often used to monitor risk.
One of the most significant problems with this method is that experienced hackers could create fake online identities that would spoof the system. Much like the credit bureau-based solutions, there’s no way for online institutions to verify that the individual providing the information is legitimate. Additionally, this method often does not meet regulatory requirements. It could be a useful tool to have in place to provide assistance, but it likely won’t be an end-all be-all.
Identification recognition is perhaps the most excellent method available. This method combines computer vision, artificial intelligence, and verification experts to validate a government-issued ID. Facial recognition software confirms that the individual pictured in the ID is the same person providing the ID. This method features a high verification assurance. Financial institutions receive a highly-definitive “Yes” or “No” answer, usually within minutes.
The Challenges Of Online Verification
As new regulations unfold, financial institutions have had to update their systems to remain compliant quickly. Doing so has created a lot of friction between financial institutions and consumers. Many consumers don’t understand why, all of a sudden, they’re being asked to provide such sensitive information to access their accounts. Many customers wonder how financial institutions obtained this information in the first place.
Financial institutions should explain to their consumers the reasoning behind new online identity verification techniques. Highlight the fact that these methods ensure the banks remain compliant and operational, and that doing so helps protect sensitive information online. Additionally, financial institutions should seek to streamline the process and make it as simple as possible for consumers.
Which Verification Solution Is Best For Your Institution?
There are pros and cons to each online identify verification method. The most accurate, however, is the facial recognition software, especially when it’s combined with other methods. Part of this technology is already in place. For instance, users can change the settings in their smartphone apps so that sensitive data will not open until a facial recognition match is confirmed.
Implementing this technology is the best way to protect financial institutions and customers. Combining it with other methods can go a long way toward reducing online identity theft and fraudulent activity.