Driving identity security in banking using biometric identification
Combining biometric identification with artificial intelligence (AI) enables banks to take a new approach to verifying the digital identity of their prospects and customers. Biometrics is the process by which a person’s unique physical and personal traits are detected and recorded by an electronic device or system as a means of confirm identity. Biometric identifiers are unique to individuals, so they are more reliable in confirming identity than token and knowledge-based methods, such as identity cards and passwords. Biometric identifiers are often categorized as physiological identifiers that are related to a person’s physicality and include fingerprint recognition, hand geometry, odor/scent, iris scans, DNA, palmprint, and facial recognition.
But how do you ensure the effectiveness of identifying a customer when they are not physically in the presence of the bank employee? As the world of banking continues to go digital, our identity is becoming the key to accessing these services. Regulators require banks to verify that users are who they say they are, not bad actors like fraudsters or known money launderers. And verifying identities online without seeing the person face to face is one of the biggest challenges online and mobile services face today.
It’s problematic because identity documents were created to be verified in person. For example, you can shine an infrared light, you can feel the texture, or you can see if a photo has been stuck on. But with remote verification, you’re just dealing with an image. Without the physical artifact, you only have the human eye to rely on and this makes the task of verification much harder to do quickly, or accurately.
A complicating factor is the online user experience. Users expect a fast, frictionless process in all that they do. If they have to wait, or if the process is too fiddly, they’ll go elsewhere. In the banking sector, almost half of all people who start opening an online bank account drop off due to a bad user experience.
This is where identity assurance is needed for online and mobile onboarding processes. Identity assurance is the ability for the bank to determine, with a high level of certainty, that an electronically provided credential representing a person can be trusted to serve as a proxy for that individual and not someone else. Assurance levels (ALs) are levels of trust associated with a credential as measured by the supporting technology, processes, procedures, policies, and operational practices.
To facilitate the assurance part of the customer onboarding process, the bank must have an innovative identity verification technology (IVT) to ensure that customers provide information that is associated with the identity of a real person. Physical authenticity identity documents like passports, drivers permits, and other documents are used to compare against government or service databases. Fraudsters continually strive to debunk bank processes to perform account takeovers, system infiltrations, and unauthorized transactions. Fraud detection is tough! In many cases it’s easy to alter content, images, and verification digits of common identification resources.
To combat these methods, Microsoft has many partners leveraging our Azure Cognitive Services – Vision API Platform and Azure Machine Learning. One such partner Onfido, provides a multi-factor identity verification service that helps accurately verify online users, uses a cloud-based risk assessment platform that leverages artificial intelligence to automate and scale traditionally human-based fraud expertise to derive identity assurance. The Onfido service validates physical identity documents (document validation), verifies biometric inputs (biometric identity verification), and analyzes information an end user provides about themselves (ID validation). These techniques give companies a measurable assurance that the person is who they say they are.
Biometric identity verification
Onfido verifies identities through two factor verification:
- Something you have, such as a government issued ID (driver’s license, passport or ID card).
- Document validation answers this question. Is it authentic?
- Something you are, such as your facial biometrics.
- Feature and attribute validation answers these questions. Is there a match, and are they alive?
- Biometric identity is quite robust, an identity document is the most legally binding proof of identity, while remaining user friendly. The face is the easiest biometric to capture using mobile devices.
- In figure below, the first step is to verify that a document is genuine. Onfido has several different algorithms to test for different fraud techniques.
- The second step is to match the photo on the document with the selfie taken by the customer. Rather than take a static selfie, customers can also choose a video option which asks the user to perform randomised movements such as turning their head and voice commands. This prevents using deceitful practices, impersonation, or spoofing attempts.
Figure 2
Harnessing the power of Microsoft Azure's Cognitive Services, Onfido helps clients adhere to their due diligence requirements via an effective, compliant and robust digital verification experience.
Together, Microsoft and Onfido deliver an easy onboarding experience for users through a scalable and automated process. The solution addresses compliance needs and reduces fraud costs associated with identity theft. This helps our clients to build trust and integrity within their community.
Want to learn more about combating online and mobile fraud? First, read the Detecting Online and Mobile Fraud with AI use case providing actionable recommendations and solutions. This will provide information on solutions and guidance for you to get started, as well as information on many other partners that also provide identity verification solutions.
Make sure you also check out more Azure partners on the Azure Marketplace. Then, engage with the author on this topic by reaching out to me via LinkedIn and Twitter.
Source: Azure Blog Feed