Identity and verification (ID&V) are two closely linked concepts that play an increasingly critical role in consumers’ day-to-day lives.
Identification systems use a trusted ledger, process or token to identify a person or entity. Verification is answering the question “is this person who they say they are?”
They are familiar to us in our everyday lives. From showing our passports when entering a country to showing proof of address and identity when applying for a financial product, it’s something we all do.
All of these methods of identification and verification rely on the presentation of a physical document. And, of course, up until the digital commerce revolution, when the vast majority of transactions were carried out face to face, it was a tried and tested method that worked
These processes are something we are all familiar with. From boarding a flight to collecting a parcel from the Post Office, identifying and verifying ourselves has been commonplace for generations.
However, these methods rely on the possession and production of hard copies of various forms of accepted ID, and in the digital economy, face-to-face interactions are increasingly less common.
The Digital Economy
The internet changed how we shop forever. With an estimated 1.61bn online shoppers[1] globally, and £52.25bn spent via e-commerce in the UK in 2015[2], the last decade and a half has seen e-commerce grow into a well-established, even dominant, method for business and commerce.
Mobile (i.e. unsecured touchscreen devices such as mobile phones and tablets) is rapidly winning the race to become the dominant platform. The ability to shop and carry out transactions on the go is now something we almost take for granted.
Yet all this convenience has come at a cost, and that cost is the challenge of managing ID&V online.
Digital transactions all require ID&V to a greater or lesser extent. Online shopping often requires a password and email address, while financial products, bound by a need to comply with know-your-customer and anti-money laundering legislation, require much greater levels of ID&V.
The problem is that ID&V is more challenging for remote transactions due to a lack of face-to-face interaction.
ID&V in the Digital Age
Remote ID&V is nothing new. Consumers have carried out transactions by mail or telephone (MOTO) for decades. However, these all relied on forms of ID&V such as address and date of birth. Yet, as such information is now readily available online, they can no longer be considered sufficiently robust.
This has driven a need to develop and accept new methods of ID&V with both customers and businesses having to adapt to the new business realities.
The most obvious of this is the password, which comes with its own drawbacks. Having to come up with a secure, eight-character password which includes a capital, a symbol and a number can be a challenge, especially if you can’t use the last five variations. .
This can lead to fundamental problem with digital ID&V if it is time consuming and challenging then it significantly detracts from the very convenience digital commerce is supposed to bring.
This is why the industry is continually looking for new ways to improve the ID&V experience without it impacting negatively on the user experience. Currently, the hot talking point is biometrics which have the advantage of convenience but as they are seldom independently verified they should not be relied upon solely. However they can form part of a multi-factor, strong authentication alongside something you are and something you know.
Biometrics
Biometrics are, quite simply, using a human characteristics for ID&V. There are a variety of different forms being currently trialled.
- Voice recognition – Voice recognition can verify someone in around 15 seconds, quicker than passwords.[3] Yet questions remain about the accuracy of this method. What if someone is in a crowded room or restaurant? Could the technology cancel out the background noise?
- Facial recognition – Also known as “selfie” authentication. For this to work, the lighting of the photograph will need to be of sufficient quality which isn’t always guaranteed.
- Fingerprint recognition –It’s widely used, it’s trusted, it’s easy, but it is not perfect. Fingerprints can be copied by fraudsters using easily obtained chemicals. If a fraudster has your phone and wants access to it, they can.
Where to now?
ID&V is part of our lives and while there might be complaints about the inconvenience that obtrusive security plays in digital commerce, it is still an improvement on how things used to be.
The good news is that it is going to become even more suited for the dominant mobile platform. Despite some issues around biometrics, they will become an integral part of ID&V although it is likely that they will be part of a wider, multifactor ID&V process, incorporating factors such as PIN to give further security.
[1] Statistica, 2016
[2] Retail Research, 2016
[3] China News