You’re fed up with fraud, tired of customer complaints, but don’t want to invest in expensive, clumsy, and time consuming manual processes that test the patience of your tech-savvy customers. Online identity verification is to be the way forward but you’re not sure which direction to take. There are the tried and tested methods which have been around for years and the new kids on the block making bold claims. Who to choose and why? We take a look at three big-hitters of the identity verification and authentication world to see how they stack up against each other.
Knowledge-Based Authentication (KBA)
The simple premise of KBA is that a user is asked questions that only he or she knows the answers to, thereby proving their identity. Static KBA, used for re-authentication, asks questions which were defined by the user when signing up. Dynamic KBA, which asks random real-time questions from public and private databases such as credit agencies, allows companies to use this protocol to verify identities during new customer onboarding as the personal identifiable information (PII) is “secret” and the questions are not pre-determined. When due care is taken in selecting the types of questions, with adequate historical depth and from secure sources, KBA is seen as a robust method.
However, as illustrated by the many publicized data breaches and hacks of ‘secure’ databases in recent years, your private information is only as safe as the houses storing them. From the Equifax breach of 2017 where the sensitive PII of 143 million Americans was accessed, to the mind-boggling 3 billion Yahoo accounts that were exposed in 2013, it raises the question of how secure this verification method is. If these centralized databases, honeypots for the modern hacker, are at risk and potentially hacked, your once secure business will have a systemic breach.
Two Factor Authentication
By asking you to prove access to an owned device, account, or token, two-factor authentication is a widely used protocol, most commonly applied to re-authentication. An example of this is when providing a code from secondary authentication token or fob which only you have access to, and which can also be password protected. But there is is the question of convenience. What if you don’t have your token on you, or have perhaps lost it, or forgotten its password? As smooth and friction-free process, these can prove less than ideal and at worst frustrating.
The most common method for both re-authentication and new customer identity verification is the SMS protocol. Here, users are asked to provide their mobile telephone number to which the business, through partnerships with mobile operators or third parties, send a verification code via SMS. Entering the code proves you are holding the telephone, own the telephone account and can be linked to the underlying credentials. The method is easy to integrate and easy to use. It is also becoming one of the least secure. The method simply hasn’t evolved as fast as the hacker’s ability to spoof SIM cards or intercept the encrypted messages. The risks with SMS verification even moved the National Institute of Standards and Technology (NIST) in the US to recommend it be used less.
Digital Identity Verification
And so to the upstarts of the industry – digital identity verification. With advancements in machine learning, AI and computer vision, this field has sprung on to the scene with much fanfare. The key difference with this solution is that it doesn’t rely on any third party but instead goes straight to the source, and verifies the person themselves. The capabilities are most powerful for the trickier new customer onboarding use case, but can also be used for re-authentication.
Through the eyes of mobile and desktop cameras, the meticulously trained software verifies the authenticity of government-approved ID documents, checking for forgery attempts and the presence of security features in the more advanced solutions. As a next step, these solutions compare the ID photo with a video selfie, complete with a liveness check to protect against fraudsters wearing a mask or simply holding up a photo. There are no databases to hack and no authentication codes to intercept, it’s a real-time shoot-out between smart tech and old-school fraud where the fraudster needs to pass the double-gauntlet of ID and identity authentication.
Some feel that it is too invasive, or too personal asking for a selfie. Ask that to the selfie-stick wielding generation of today – have no doubt, millennials take to this like a duck to water. Not to forget, the selfie component alone is often enough to scare off the lower tier of fraudsters. Other detractors say that the technology has a long way to go, and fraudsters will catch up. However, being part of the highly invested AI and machine learning disciplines gives it a long development runway and potential to continuously improve. Even if it does have some way to go, it is already enabling new capabilities – to securely verify the identity of new customers without needing them to be physically present, thereby driving leaner business models and faster time to revenue generation. That’s not a bad start.
The SwissSign Group, issuer of SwissID, has selected PXL Vision’s Daego® (Digital Alter Ego) solution for their digital identity verification service which is to be launched during the second quarter of 2019.
To perform the digital identity verification for SwissID, the SwissSign Group will deploy the Daego® technology of PXL Vision. Daego® is a high-tech digital identity verification solution which will enable SwissID users to have their identity verified in a quick, simple and secure manner. With this verified identity, users will have access to various online services which require an identity check. The digital identification solution will be made available to SwissID users during the second quarter of 2019.
Identity verification in real time
The technology from PXL Vision is based on an entirely electronic end-to-end process. In future, SwissID users will scan their valid identity document and make a short video selfie using their mobile phone. In real time, Daego® will then check the authenticity of the document and match it to the user via the video recording. Once the check is successfully completed, confirmation of the verified identity is provided to the user. The Daego® solution supports identity documents from more than 180 countries, meaning that the vast majority of Swiss residents will be able to create a verified identity.
“We are delighted that with our technology we are enabling Swiss companies to operate more agilely and efficiently in an increasingly digital business environment”, says Michael Born, CEO of PXL Vision. “We are also continuously developing our products in order to ensure that we can offer the highest level of security and help eliminate cumbersome physical processes”, adds Karim Nemr, CBO and founder of PXL Vision.
Markus Naef, CEO of the SwissSign Group: “Our customers and partners expect the highest security standards and this is also true with regard to the identity verification with SwissID. It was therefore logical that we would implement the process for a trustworthy digital identity with a technology partner such as PXL Vision. Its product Daego® meets our very high requirements that we place on a verified identity”.
Secure e-business processes rely on trusted identities from SwissSign Group. As a trust service provider (TSP) in Switzerland, SwissSign accompanies people and companies along the way to a successful digital future. SwissSign Group is the provider of SwissID and part of a joint venture of state-affiliated businesses, financial institutions, insurance and health insurance companies (SBB, Swiss Post, Swisscom, Banque Cantonale de Genève, Credit Suisse, Entris Banking, Luzerner Kantonalbank, Raiffeisen, Six Group, UBS, Zürcher Kantonalbank, Axa, Baloise, CSS, Helvetia, Mobiliar, SWICA, Swiss Life, Vaudoise and Zurich).
SwissSign Group has two cornerstones: identity services under the brand SwissID and certificate services. SwissID is the digital identity of Switzerland which enables simple and secure access to the online world. Thanks to electronic certificates, data can be exchanged in encrypted form and therefore protected against unauthorized access. As a Swiss trust service provider (TSP), SwissSign accompanies people and companies into a successful digital future, and protects data according to the highest security standards while keeping it in Switzerland.
About PXL Vision
PXL Vision AG is a Swiss high-tech spin-off of the Swiss Federal Institute of Technology (ETH). It was founded by former key employees of Dacuda AG, an award-winning computer vision company that sold its 3D division to Magic Leap at the beginning of 2017. PXL Vision provides leading solutions for bringing trust to digital interactions between businesses and individuals by enabling trusted digital identities.
PXL Vision’s Daego® is a cross-platform software solution for secure, efficient identity verification and customer onboarding powered by the latest developments in computer vision and machine learning. PXL’s team of more than 20 dedicated software experts and industry professionals has a proven track record in deploying solutions to customers across multiple industries including telecommunication, financial services, travel & transportation, and government.
PXL is headquartered in Zurich, Switzerland, with R&D centers in Novi Sad, Serbia, and Yerevan, Armenia.