Domantas Ciulde from iDenfy discusses Biometrics and digital ID.
It’s evident that the world today is not what it used to be just decades ago. The immense technological progress has transformed society in a way that’s hardly recognisable. Entire industries can now operate remotely, while the people can enjoy their services without setting a foot outside.
Even though it has made lives much easier for law-abiding citizens, operating in the digital world also gave birth to many new types of fraud, some more devious than ever before. The ability to commit fraudulent activities while hiding behind a screen has undoubtedly made it more appealing to various criminals.
As technology moves forward, so must the safeguards that ensure our safety and security.
As people transition to cyberspace, the need for reliable remote identity verification methods rises significantly. Government agencies worldwide recognised that fraudulent actors often exploit gaps in identity verification procedures. Thus, Know Your Customer (KYC) regulations now exist in the vast majority of developed countries.
Not long ago, many companies worldwide relied on strictly automated solutions: a person uploads a photo of their face and ID document, the computer algorithm processes the relevant information and confirms (or not) the identity of said person. As time went on, it became clear that automated solutions require human supervision – complete verification security is not feasible otherwise.
Today many industries requiring ID verification employ professionals to overview the process and minimise the risk of mistakes. The verification itself is still handled mainly by trained AI – it would be impossible to address every identity verification for a human due to the vast amounts of data involved and the sheer number of confirmations required.
Luckily, the machine algorithms are incredibly efficient at processing large quantities of data – they can extract the relevant information from ID documents in a fraction of a second and quickly run technical checks to detect any inconsistencies with the documents (passports, driver’s licenses, ID cards, etc.) provided.
To confirm one’s identity reliably, they must provide a photo of themselves in addition to ID documentation. It would be hard for a human to verify whether it’s the same person as in the ID document, especially if they have aged several years, changed their haircut, etc. That’s where AI algorithms come to the rescue yet again. Even though facial recognition technology was unreliable just a decade ago, it has a success rate approaching 100 % today. And the more it trains, the better it becomes at doing its job – that’s the beauty of AI algorithms. No human could ever beat that.
Fingerprints are also utilised at a growing pace. Many smartphones today have the necessary tools to scan one’s fingerprints in a matter of seconds, while the software solutions do the rest.
Another method of identifying a person is their behaviour. Even though the technology is still being developed, prototypes for behavioural pattern recognition exist today. In the near future, it will be possible to detect whether a fraudulent actor is using a person’s applications (internet banking services, for example) by recognising changes in behaviour, such as tapping on the screen, scrolling speed, etc. Certain behavioural recognitions are already utilised today, for example, in transaction monitoring – a person’s credit card may be blocked if an uncharacteristic purchase occurs and it is suspected that the credit card was stolen.
Requirements, regulations, and solutions
Confirming the identity of a person is only half the job. Different people require different amounts of attention as the risks they bring forth are not the same. Many developed countries have implemented various Anti-Money Laundering (AML), Counter-Terrorist Financing (CTF), and Know Your Customer (KYC) regulations to further fight the issues of today’s world.
In an ideal world, close attention should be paid to every customer in the digital space. However, this goal is not feasible due to the vast amount of time and resources required. Thus, risk assessment becomes a great tool in this regard.
It is expected of various industries, especially banking, to screen their customers against multiple lists, such as sanctions and Politically Exposed Persons (PEPs). Such people bear a higher risk to be involved with fraudulent activities and should be monitored more closely.
Another technological solution for risk assessment is proxy detection. 97 % of cyber fraud cases involve an anonymous IP address, and upon detecting that the customer is using one, closer attention should be given to them.
In the era of technological advancement, it’s crucial to develop modern solutions to meet tomorrow’s challenges head-on. Only by paying close attention to the gaps of safety and security in cyberspace can we effectively solve the issues we face today and prepare for the ones still ahead.
Read the latest edition of PCR’s monthly magazine below: