Identity verification, the process by which financial institutions confirm your identity, has evolved over the years due to technological advancements, as well as our dependency on and the convenience of digital devices. This can be done through various channels, such as web browsers, apps, smartphones, personal computers, tablets, mobile devices or smartwatches. Financial institutions also are making it more convenient for their retail and business customers to access their accounts through these same digital devices. While these options have greatly improved user experiences, they may have introduced new vulnerabilities and opportunities for criminals to exploit.
In the past, identity verification (a process by which financial institutions confirm you are who you claim to be) relied heavily on in-person interactions and physical documents, such as driver's licenses and utility bills. Nowadays, digital-based identity verification processes offer a higher level of sophistication by using a combination of customer identity details and accepting digitized versions of the same physical documents (such as a driver’s license) during account opening. By using the same devices during the identity verification process, financial institutions can develop a more nuanced and risk-based view of customers by having a comfort level that the user of the device is also the authorized account holder. Additional authentication may be required if a new device not previously associated with the account attempts to access it.
Identity verification of customers by financial institutions has evolved from relying on in-person physical identities to digital onboarding.
By using multiple verification methods, such as an associated phone/mobile device and a biometric factor (i.e., a customer’s face), multi-factor authentication or MFA (Off-site) can reduce the risk of unauthorized access. A layered security approach helps protect accounts by adding multiple barriers, so even if one authentication factor is compromised, others remain in place.
Malicious actors continue to evolve their tactics and look for vulnerabilities in financial institution channels. Fraud detection solutions continue to advance and adapt in response. Some ways to improve fraud detection rates may include:
- Gathering internal signals from customer interactions to better detect unusual activity
- Monitoring external signals gathered from legitimate third-party sources, such as databases that can corroborate personal identity details and offer real-time analytics
- Layering in multiple risk detection methods
- Using newer forms of biometric technology — beyond just facial biometrics — such as camera “liveness detection” (ensuring the person presenting the facial image is in front of the camera), voice authentication and behavioral biometrics (e.g., how someone swipes on a device)
Adding more risk signals to fraud detection may prove successful in further identifying fraud trends and attack types. For example, fraud information sharing (Off-site) among financial institutions can help them understand other perspectives, amplify risk signals and improve internal fraud mitigation processes.
