Identity fraud: is a digital reshuffle needed as dangers increase?
By Lovro Persen, Director of Document Management and Fraud, IDnow
The process we call online identity verification involves the storage and use of data from sources such as physical identity documents, like passports, and the documentation of the face, via selfies or videos. Digital sources are at the forefront of identity verification, but their use brings with them new risks which mean new measures are needed to prevent fraud.
Ever since the catastrophic events of September 11th 2001, identity documents and their control are a key part of ensuring the safety and security of countries and citizens. Passports and other forms of identification have a role to play: to make sure that they prove the person who is in possession of them is who they say they are. To ensure the accuracy of this claim, increasing numbers of electronic and biometric elements of identity have been added onto the different forms of identification over time. However, identity fraud has never significantly reduced and during the COVID-19 pandemic it even increased by 45 percent. The simple question is: why?
The obligation to protect customers from fraudulent activity has drastically increased for companies which are frequent targets of it. Know your customer (KYC) processes are now seen as the basic level of protection for companies which want to help their customers avoid identity theft, tax fraud, money laundering and even financing terrorism.
Using technology against versatile and industrial fraud
At heart, identity theft is the act of collecting personal information from an individual and using it to carry out criminal acts by simulating their identity.
This could be in the form of document fraud, in which documents are forged, falsified or stolen and personalized. Deepfake identity theft, meanwhile, is the reproduction of the face or the voice of the intended target.
The world of digital has been a huge enabler to fraudsters. It’s no longer necessary to produce fake documents because everything they might need to undertake the fraud is available on the dark web. It was thanks to this that a rise in document fraud of 180 percent was recorded between March and June 2021.
Digital technology and identity verification
Face-to-face verification is seen as the standard that all digital suppliers must emulate, with the assistance of Artificial Intelligence (AI) and deep learning. This makes online verification more complex as it compares attributes like name and date of birth, as well as comparing photos with a digital scan rather than a comparative analysis of an image and a person’s face.
However, the job of a digital platform is to mimic verification in the physical world. Subsequently, they let users switch from one world to the other quickly and easily, but there’s always the issue of data extracted from physical sources and the risks that it’s then subject to.
To protect against document fraud, a common vision has been identified and the process of its creation begun by the European Commission. The European Telecommunications Standards Institute (ETSI) is working on standards of identity requirements for verification providers which will standardize the process across member states and provide security for everyone.
The bigger picture
Risks brought about by technology can also be mitigated by technology. This will be vital in the future as the user and their environment becomes the center of a verification process rather than their documents. Checking a document will be just one step; expect to see examination of the user’s digital behavior and verification of their electronic devices added to the checklist too.
Verification will therefore become much more holistic and detailed. The model of device used to access platforms, its screen size and resolution will all be checked against ‘usual’ behavior and anything abnormal flagged, as layers of security increase and are folded into one single process.
The concept of the standardized European Union ‘Wallet’ and its roll-out across member states will give its user a choice of selecting the data they need to prove their identity in one particular instance without disclosing any further data. The result will be an augmented citizen, master of all their data.
About the author
Lovro Persen is the Director of Document Management and Fraud at IDnow. He has almost 30 years’ of law enforcement experience at national and international level, in both the public and private sectors, with companies such as Thales and Gemalto. He has spent 17 years dedicated to counterfeit, stolen and lost security documents. He possesses a unique law enforcement background in identity and document fraud, with a focus on machine assisted document verification.
DISCLAIMER: Biometric Update’s Industry Insights are submitted content. The views expressed in this post are that of the author, and don’t necessarily reflect the views of Biometric Update.