By Alan Goode, CEO & Chief Analyst, Goode Intelligence
Identity Verification (IDV), or identity proofing, is being deployed in record numbers. According to a recently published market analyst report by Goode Intelligence, there will be 3.8 billion unique identity verification checks annually by 2026.
Identity verification solves the critical problem of proving a person’s identity when accessing digital services, typically supporting digital onboarding. It ensures that a person is who they claim to be for actions such as opening a bank account, traveling, or accessing digital government services.
Onboarding is the first step in the digital identity lifecycle and there are three main components in a typical digital onboarding process:
- ID Capture: Secure capture of identity data from a government-issued trusted document (passport, driver’s license, or national ID) presented to a service provider for verification that the document is not fake or tampered with. This can be done optically, using a camera (typically a smartphone camera) or by reading a chip using NFC (ePassport or eID).
- Facial Capture: Capture of a facial image, typically using a smartphone camera. Facial liveness detection is used during capture to ensure a real person’s presence and prevent fraud.
- Corroboration & Risk Mitigation: Validation of a captured face and document images. Depending on the risk appetite, a range of other techniques, including signal collection (device and network) and data, are used to feed into the risk engine to verify a person’s identity and validity to perform a specific task, e.g., open an account.
These three components are glued together by orchestration, the workflow that manages the processes and ties the disparate technologies and data sources together.
From onboarding to authentication – continuing the digital identity lifecycle
Onboarding is one facet of the digital identity lifecycle. From our research, many identity verification systems waste the personal information they collect. Typically, an onboarding system will use identity information and biometric data to verify a user and discard it. This forces users to resubmit their personal information to a second system for ongoing authentication of the now-verified user. Needless to say, this is far from a seamless experience.
I believe that the best time to enroll a user into a biometric authentication service is during onboarding. At this point, you have the highest certainty that the person is who they claim to be. You can also capture additional biometrics, such as voice for speaker recognition, to strengthen the identity authentication process with improved accuracy, step-up security, or for re-verification when needed. The combination of face, voice, and liveness is incredibly strong. Research from ID R&D shows that adding voice to face increases security by a factor of ten.
Even though many organizations and service providers do not currently benefit from capturing biometrics during the onboarding process, there are indications that this is changing. Goode Intelligence’s research for its Identity Verification Market Analysis report has uncovered an emerging trend where forward-thinking organizations choose a single platform for both onboarding and authentication—allowing the re-use of identity information captured during onboarding in subsequent interactions with that customer, typically for authentication but also fraud management.
This approach enhances security, improves the customer experience, and puts the information a business spent money collecting to good use. Once enrolled, biometric authentication works independent of the device, so even if someone gets a new phone or laptop, they can still use their enrolled biometric to authenticate.
I believe that the trend of capturing verified biometric data as part of the onboarding process will continue to accelerate as more and more organizations realize the benefits that this provides them.