IANs are the digital fraud protection overhaul the US needs: Liminal
Digital identity authorization networks do not exist as products or services that can be purchased today, but Liminal sees major profit potential in the idea, at least within America.
The market research and consultancy firm presented a webinar on “Solving for Trust by Design: The Identity Authorization Network Opportunity” this week to flesh out the concept. Liminal made the case in a November report that Identity authorization networks (IANs) will be a $15.5 billion market opportunity just in the U.S. by 2028.
Liminal MD Will St. Clair describes IANs as “a new approach and framework in which user identity is established to a high degree of confidence and assurance initially, digital identities are created, and then those credentials can be used across organizations and use cases to enable higher assurance, higher trust and lower fraud, but crucially with lower friction.” They go beyond establishing that a user is a real person, or what their risk level is, to attest that they have agreed to something, created something, or are authorizing something.
Technologies like generative AI and rapid translation are enabling new fraud vectors and capabilities, which in turn is driving demand in IANs, he says.
The situation does not apply the same way in markets outside the U.S., however, as other jurisdictions have more internet-ready ID systems, like Sweden’s BankID, can serve similar roles.
St. Clair reviewed the U.S. fraud landscape, and the staggering dollar figures involved, both in losses for consumers and relying parties. The market by and large recognizes the changes in the threat landscape, Liminal has found.
eCommerce vendors using the top 10 anti-fraud technology vendors tell Liminal that their collective fraud prevention rate is around 46 percent. Customer experience is the biggest factor in the decisions ecommerce executives make about what fraud prevention tools to use.
Senior Principal Cameron D’Ambrosi then outlined America’s identity landscape, which is defined largely, he says, by “a centralized point of failure” in the form of unsecure PII.
Step-ups to biometrics and liveness checks address the problem, but also increase friction and cost. “We have thrown friction at the problem,” D’Ambrosi says, with obvious consequences to user experience.
Attacks are becoming more sophisticated with AI’s help, and D’Ambrosi suggests they can defeat the defenses that are commonly deployed today.
A number of observers, most recently including Centana Partner Eric Byunn, have told Biometric Update that the conventional wisdom is underestimating the effectiveness of liveness detection and injection attack detection technologies at spotting fraud attempts using generative AI, but if less than half of attempts are being stopped, improvement is clearly needed.
The barriers to fraud entry are low, and the costs support attacks at scale. “The speed at which this can be done is a matter of hours” with the help of AI services available online, D’Ambrosi says.
In an environment of rising fraud, widely shared personal data and limited visibility of customers, St. Clair argues that higher levels of assurance are needed, in the form of identities that can be reused across platforms, and checked against fraud signals gathered by a network.
High assurance, at least when needed, is characteristic of an IAN, along with reusability and network-backed security. Liminal identified 9 characteristics of IANs, three under each of the above headings.
If present, identity verification can be tailored by the IAN to fit the needs of the transaction.
St. Clair differentiates IANs from reusable identity more generally as being applicable to steps beyond a login, like transaction monitoring and ongoing engagement.
Liminal is keeping an eye on Big Tech platforms, payment networks, reusable identity vendors, backend identity solutions and esignature platforms as players that could pursue the massive opportunity of IANs.
Article Topics
digital identity | fraud prevention | identity assurance | Identity Authorization Networks | identity verification | Liminal | reusable identity | user experience
Comments