October 30, 2015 -
Mitek recently enhanced its instant ID document verification solution, Photo Verify, by adding facial recognition capabilities.
The end result is a strong two-factor authentication process that helps businesses benefit from the mobile channel to ultimately acquire more customers and payments while lowering security risk.
The company acquired the technology last May in its purchase of IDchecker, a Dutch firm which provides cloud-based identity document verification and facial recognition tools.
Using facial recognition technology, Photo Verify verifies that the document being used in a mobile transaction is an authentic, undoctored, government issued document.
BiometricUpdate.com recently had the opportunity to discuss Mitek’s Photo Verify solution, its new facial recognition capabilities, and how the technology is able to alleviate privacy concerns, with Mitek’s VP of products, Sarah Clark.
How does Mitek’s new facial recognition technology work?
Sarah Clark: The new Mitek facial recognition product adds a biometric second factor of authentication to our Photo Verify product. Photo Verify Advanced can instantly evaluate the authenticity of an Identity document from a smartphone and provide a definite response with no false positives. This provides a strong “what you have” identity factor. The user experience leverages the MiSnap auto capture user experience which is used by 4 out of the 5 largest banks in the US today – a very market tested user experience. For FI’s and other customers who have a risk based approach where a second “who you are” factor is desired they can then use Mitek’s facial recognition product to capture a selfie of the mobile device user–the product includes strong “liveness” algorithms to ensure they are a real person as well as prompts to ensure they line up their face just as they would be asked to at the DMV. We then take the selfie and run a facial comparison algorithm of it with the image on the identity document and render a match or no match result.
How does this technology mitigate synthetic identity fraud in the mobile channel?
Synthetic identity fraud by definition is using an identity that does not exist to set up an account, build up a credit line then “bust out” costing at times very large losses. These types of fraudsters leverage fake IDs or weak digital application processes where they can enter fake identities with just enough real elements to pass traditional data based IDV checks. The key to mitigating this is a very robust check of the ID document – the Mitek Photo Verify Advanced product is the strongest check of identity document authenticity that is on the market and eliminating synthetic identity fraud is one big benefit that is has to offer.
There are often privacy concerns regarding facial recognition technology. How are facial images retained with Mitek’s platform?
The Mitek platform, in general, gives a choice to our customers for all captured images and facial is no exception. We have delivery models that include both on premise as well as cloud. In both models if our customers want to retain captured images for downstream value purposes our platform offers fully encrypted storage options. For those who prefer not to that is also an option. The comparison algorithm uses a mathematical representation of the faces to operate so storage of that is not needed at all to get the value of the product’s capabilities.
Can you discuss some of the more popular applications for Mitek’s facial recognition technology?
Our facial product is an additional option to our Photo Verify ID document authenticity validation product. Together these provide a powerful solution to customer acquisition or account opening for all types of financial services where KYC regulations are in place or where trust and fraud prevention are goals. We also see a need to verify high risk transactions with improved mobile identity verification that uses strong “what you have” and “who you are” factors – these include very high risk card not present purchases, provisioning a credit card to a mobile wallet.
In your own view, what are some of the emerging trends in mobile authentication space?
The emerging trend we see is a movement beyond data as the means to verify or authenticate a user. “Kill the password” is the trend that is relevant to authenticating existing customers where this is being replaced by a variety of biometric methods that have emerged as ready for prime time, and “just say no to know” is the trend that is relevant to identity verification – this refers to setting aside relying solely on asking for information or answers to questions in order to validate identity and instead look at scanning ID documents and facial recognition. This movement is in part fueled by rampant data breaches that have diminished the effectiveness of data as a secure way to verify an identity and it is in part fueled by the innovation in mobile devices – the camera can act as a very sufficient input for biometrics such as facial as well as capturing identity documents such that instant deep forensics can be provided of them. The device itself is also its own identification element.
All of this converges such that we see a transformation in terms of identity verification that becomes driven off of identity documents and facial verification – this is more secure, has better user experience and ends up more inclusive since its not relying on having bank or credit data. Because of this transformation we will see more people globally have access to accounts and services from their mobile devices.