How to Identity Proof in an Increasingly Virtualized World

The pandemic has only accelerated the migration online, necessitating more sophisticated identity proofing than ever before.

learn more about Jonathan McDonald

By Jonathan McDonald

Teera Konakan | Getty Images

Opinions expressed by Entrepreneur contributors are their own.

Proving a person's digital identity has always been a challenging problem, especially when balanced against the need for information to be accessible online. Customers want their information to be secure, but they also want to avoid being hassled by burdensome authentication tasks. Businesses, therefore, are faced with balancing security with accessibility, and the problem will only continue to grow more complex as almost everything moves online.

Related: Need For Better Fraud Prevention Strategies Amidst Surge In Payment Digitization: Report

Evaluating the potential for fraud

Companies that find it necessary to identify customers or business partners must always be aware of the potential for fraud, but luckily, AI and advanced systems for proving identity are making great strides in fraud identification. The increasingly expansive digital footprint of online activity makes it possible to establish patterns of behavior and indicate whether or not a device is associated with potential fraud, across various online activities. A solution that can couple digital footprint data with consumer credit information and public records data, where available, will provide an even more complete picture, therefore enabling a company to determine with increased confidence whether a consumer is who she claims to be – or is a potential fraudster.

All of this technology serves to help identity proofing companies identify potential cases of fraud early for their clients. Online retailers or banks are moving away from a simple username/password authentication process in favor of multiple factors of authentication, along with fraud detection services, to prove a consumer's identity. These factors include:

  • Knowledge-based authentication (KBA) informed by hard-to-guess personal or credit data
  • Multi-factor identification, leveraging email and phone
  • Document-centric identity authentication
  • Digital attribute risk assessment
  • Behavior analysis
  • Reputation and link analysis, which can associate multiple devices which each other

With all these factors, machines can learn a person's identity and be leveraged to improve pass rates in online businesses. In this way, consumers can be sure their identity is being successfully safeguarded, while the business can be sure it's protecting itself and its consumers from fraud.

Government trends

The private sector can often learn lessons from the way the government operates, particularly in the realm of cybersecurity. To authenticate its users, government agencies have largely moved away from relying on knowledge-based exams alone to using a combination of device-risk, document verification and multi-factor authentication, leveraging email and phone, as an example, to evaluate physical credentials. This has enabled government agencies to cut down on fraud and improve identity verification pass rates. Moving towards this model may be a way for businesses to provide a more streamlined and secure method of verifying identity.

Focus on being proactive

There are plenty of examples of supposedly secure applications and websites being hacked by unsophisticated methods (phishing is one of the widespread examples). There's always room for improvement, but some of these breaches have finally forced companies to wake up and become more aware of the threat. A good assumption is that everyone's identity has already been stolen, so the bad guys can be assumed to have passwords and answers to security questions.

New methods of identity verification need to be developed, which brings us back to using additional factors to stop fraud. Fraudsters are getting smarter, though, so companies can never become complacent with their own authentication processes. There is a need to constantly innovate.

For example, with TransUnion, we have a database that partners with tens of thousands of businesses and consumers around the world. These partners feed both positive and adverse information on digital devices back to the database. This allows crowdsourcing of possible threats, where device information and other risk factors can be pulled off potentially fraudulent devices and shared among other subscribers so that fraudulent activities are immediately detected and mitigated. Fraudsters can be identified by their devices even if they change their online identity because of the uniqueness of each device.

It's important to implement any new security measures so that customers maintain a positive user experience, while at the same time balancing security concerns. This goes back to that balance between security and accessibility; applications need to be secure while at the same time avoiding being burdensome. This is where risk signal intelligence analysis can become crucial; it allows for businesses to verify identity without placing any additional requirements on their consumer base.

Related: 4 Telltale Signs Your Business Is Ripe for a Cybersecurity Attack (and How to Respond)

Constant innovation is the key to success

The digital world is constantly evolving, and yet the core requirements stay the same: verify a user's identity and prevent fraud. The bad guys are constantly innovating and figuring out new ways to overcome old authentication methods, so it's up to businesses and their cybersecurity partners to stay one step ahead while still allowing for a seamless customer experience.
Jonathan McDonald

EVP & GM, Public Sector at TransUnion

Jonathan McDonald leads TransUnion’s Public Sector business, which provides a suite of mission-critical solutions to help U.S. federal, state and local government agencies manage risk and reduce costs. He has hands-on experience managing large technology programs within various government agencies.

Related Topics

Editor's Pick

The Dark Side of Pay Transparency — And What to Do If You Find Out You're Being Underpaid
Thinking of a Career Change? Here Are 4 Steps You Can Take to Get There.
A Founder Who Bootstrapped Her Jewelry Business With Just $1,000 Now Sees 7-Figure Revenue Because She Knew Something About Her Customers Nobody Else Did
Everything You Need to Know About Franchise Law
Business News

Carnival Cruise Wants Passengers to Have Fun in the Sun — But Do This, and You'll Get Burned With a New $500 Fee

The cruise line's updated contract follows a spate of unruly guest behavior across the tourism industry.

Starting a Business

90% of Online Businesses Fail in Just 4 Months. You Can Avoid the Same Fate By Using These Strategies.

It's not catastrophizing when we think about potential failure; it's in fact a chance for any business to precisely see any outcome and prepare in advance.

Business News

'Crying Northwestern Kid' Turned His Viral Fan Moment Into a Successful Harvard Admissions Essay. He Says the Experience Taught Him About Empathy.

Six years ago, Phillips was watching No. 8 Northwestern take on No. 1 Gonzaga during March Madness when he became a meme.


These 6 Leadership Skills Are Undervalued — But They Shouldn't Be, According to Employees

Pay attention to the subtle clues you give your team about your leadership style when you make a decision.


How to Bring Your Franchise to the Next Level With Marketing Automation

With the impacts of inflation and associated costs of running a business, automation is a powerful solution for streamlining a positive guest experience and overall marketing.