Digital identity verification now facilitates many processes. By using physical ID attributes digitally, documents can be checked online and the person verified in this way. There are now numerous solutions for this – a wide range of methods can be found on ident platforms that can be used for different use cases. However, digital verification also harbors new security risks.
Methods for confirming the authenticity of a person have changed considerably in recent years. Numerous electronic security elements have been added – such as machine-readable zones (MRZ), NFC chips or stitch codes, and biometric data such as fingerprints, eyes, and voice. This has changed the way people are screened – both in the digital and physical world.
Changes Due to Technological Advancements
Regulators mandate that online verification must be equivalent to in-person identity verification. Digital ident methods are based on this. As many identification solutions use artificial intelligence (AI) and deep learning for this purpose, online verification has become very complex.
Different personal attributes, such as name and date of birth, must be matched simultaneously with the security elements of the ID card and with photos or videos of the person to be verified.
However, modern solutions can perform multiple electronic verifications in a few seconds and analyze features that confirm a person’s authenticity. By mimicking physical verification, they enable hassle-free online verification in real-time.
Accordingly, there are many innovations in personal identification – both in the real world, such as airport security checks, and in virtual transactions, such as opening a bank account digitally. However, fraudsters have also adapted to these changes.
They are constantly adapting their methods to the latest security standards and are becoming increasingly clever in their criminal activities. This results in numerous new opportunities in tax fraud, money laundering, and terrorist financing – but especially in identity theft. According to the Federal Trade Commission (FTC)cases of stolen identities increased by 45 percent in 2020.
Different Types of Identity Theft
Thieves store and use the stolen personal information for their criminal acts. In addition to traditional document forgery, where the victim’s data is used to create fake and forged documents, there are now many new methods such as deepfake. Here, the fraudsters reproduce the victim’s face or voice on photos or videos with the help of artificial intelligence. This allows you to impersonate the person in question in the digital world.
With many documents no longer required to be presented for inspection in the physical world, the range of criminal possibilities has increased tremendously, making it easier than ever for fraudsters. For example, they can easily buy fake documents on the dark web and use them for their activities, which can also be automated.
Especially in the last two years, when people were at home a lot, identity theft has increased: Document fraud cases increased 180 percent from March to June 2021, according to IDnow.
Uniform laws and rules are needed to counter this trend. The EU Commission has already launched various projects. For example, the European Telecommunications Standards Institute (ETSI) is working to standardize the requirements for providers of identity verification solutions.
The aim is to ensure that the same security standards apply to everyone – citizens and companies alike. German companies that work with sensitive data are also increasingly subject to regulatory controls, which are also being tightened on an ongoing basis. This applies above all to KYC processes (Know Your Customer).
Rethinking the Digital World of Fraud
On the one hand, digital transformation harbors new risks. On the other hand, these can also be reduced again by advanced technologies. However, a fundamental rethink is essential. It is no longer just a matter of checking documents, but of considering all eventualities.
Checking identification documents is only one step in the identity verification process. It is also necessary to match additional elements such as digital behavior as well as the user’s electronic devices. For example, does a user always use the same smartphone, and if in doubt, can the authenticity be confirmed by e-mail? By integrating multiple security levels into the process, fraudulent activities can be better detected and averted.