The process of customer identity verification is painful for everybody. The first few questions usually aren’t so bad — name, date of birth, address — easy stuff. However, if a company is trying to mitigate financial fraud, the questions may get more ridiculous. Customers are asked about all kinds of things — the name of their kindergarten teacher (“don’t remember”), their childhood nickname (“didn’t have one”), their first car (“how specific should I be?”), etc. — it can be very frustrating.
Building levels of anger ultimately reach their peak when they finally persevere to the end and click the submit button, only to see the following red error message glowing on their screen: Verification Failed. You just lost a customer.
This is the most formidable enemy to your bottom line. It’s not an outdated web design, boring web copy, or even software bugs but instead the lengthy, confusing, and tremendously irritating process of customer identity verification. But wait! Not everyone hates having their identity verified. There’s one group of people who adore the current process — cybercriminals. To understand why, we must look at the fragile foundations currently supporting most identity verification strategies.
Knowledge-Based Authentication (KBA): The Muddy Foundation Slowly Devouring Your Business
Think back to the last time you had to verify your identity online. What types of questions were you asked? Perhaps you were asked for your city of birth, your residence history, or even the classic name of your first pet question. The problem with this verification process is that it challenges the information you know about yourself, which is often difficult to remember, and asks for data that can easily be stolen. In fact, there’s a fair chance it has already been compromised.
Since the pandemic began, cybercriminals have doubled down on their data breach efforts, taking advantage of the major security challenges accompanying remote work operations. In just the first six months of 2019, before the pandemic, 4.1 billion records were exposed in data breaches. When the pandemic began just a year later, 36 billion records were breached. This concerning trend suggests that most of us have already been unknowingly impacted by a data breach, which means cybercriminals likely have access to personal data that could be used to confirm our identities online.
Fraud usually falls into two categories: first-party fraud and third-party fraud. Third-party fraud happens when a cybercriminal uses stolen identity information to access a victim’s accounts. First-party fraud occurs when a real person makes a charge and then contacts the seller to dispute the transaction, claiming they didn’t initiate the purchase. Without any way of proving the purchaser’s identity, targeted companies are usually forced to refund these transactions. Because of this, first-party fraud is taking a severe bite out of profit margins.
MORE FOR YOU
- The Road to Fraud Protection Doesn’t Have To Be Scary – Here’s How You Can Navigate It
- The Solution to Passwords Is Staring Us in the Face
- Andrei Komarov Explains Why DNA Will Become a Key Target for Cyber Attacks
- The Biggest Security Flaw That Exists Today With Distributed Teams
- How NOT to Respond to a Data Breach
A Nation Divided
The standard response of companies aiming to mitigate fraud is to make KBA more complicated, but this doesn’t solve the problem of fraud. The verification process is still based on information stored in an online database that can readily be stolen in a data breach. Instead, two highly detrimental outcomes occur. Firstly, the convoluted questions are frustrating and push away legitimate customers that may have a lifetime value of tens of thousands of dollars. Secondly, because these questions usually delve deep into the history of prospective customers, people without a paper trail cannot be verified.
This is a huge problem that is seldom discussed. KBA processes don’t know which questions to ask immigrants — a group that accounts for almost 30 percent of the entire U.S population — or millennials who generally don’t embrace the traditional banking ecosystem. These people end up getting blocked from the digital financial ecosystem. When you’re excluded from the digital economy, you can only get paid with paychecks, and each paycheck is tagged with a 10 to 20 percent fee when cashed. On top of having their income reduced, this population must also contend with the predatory tactics of businesses in their community. Grocery stores often purposely inflate their prices, and car dealers shamelessly charge exorbitant interest rates knowing applicants would get denied a car loan within the traditional financial ecosystem.
Biometrics: The Perfect Marriage Between Fraud Prevention and Customer Satisfaction
To protect your company and make customers’ lives easier, consider switching from a verification system based on what you have to one based on what you are — assets that can never be replicated, stolen, or misplaced.
Your eyes, your fingerprint, your winning smile — these are entirely unique to you. No two people in the world have the exact same features, and since this technology has become incredibly advanced, reliable security is ensured. Today, you can be identified by just the network of ridges in your ears with almost 99.6 percent accuracy in just 0.02 milliseconds!
Identities can be verified faster and more accurately than ever before, even if you grow a beard, start wearing glasses, or lose a ton of weight. It’s still you.
A Poetic Solution to the Problem of Fraud
The limitations of KBA have long been an area of concern in the cybersecurity sector. Since 2016, the National Institute for Standards and Technology (NIST) has strongly advised against the use of KBA. Despite this, organizations are still heavily reliant on the outdated process, primarily because they’re unaware of modern verification alternatives. Biometric verification masterfully protects the gaping security exposures created by KBA, and it does so in a way that makes every party in the verification equation happy.
The improved experience of not having to navigate through multiple invasive security questions translates to higher customer conversions. Organizations not only increase their profit margins but also instantly extinguish fraudulent purchases. Additionally, since identification isn’t dependent upon the length of one’s paper trail, 30 percent of the U.S population experiences a significant improvement in their quality of life.
The impact of this solution is not limited to just the corporate world. It enhances the consumer experience, protects people’s safety, and makes for a much more inclusive society. Every area of life can be improved within the framework supporting this approach to identify verification — a deep appreciation of what makes each of us uniquely human.