IDENTITY AUTHENTICATION TECHNIQUE OVERVIEW
Electronic Identity Authentication is the ability to collect, authenticate and confirm the personally identifiable information provided by an end user. This could be as simple as being able to match a name, address and phone number, to verifying more specific data such as date of birth, social security number or national identity number. These services are available as a hosted bureau service or you can purchase monthly, quarterly or annual database access or software distribution of data.
Key considerations when implementing or buying this functionality include:
How often will your provider update the information or update their software?
Is both an API and user interface or manual lookup version of the service offered?
What data points are supported? Address, Name, Phone, Email?
Are there any dead spots where information is not provided such as international, Canada, Puerto Rico?
Does the vendor have any regional strengths or do they have better coverage with phone versus address versus email?
What is the accuracy of the data they have? Try them out: Have ten people’s information from around the country and see how well the service validates the information. Include someone who has been in place for a while, one that has recently moved and one that owns multiple properties.
HOW DOES IT WORK?
If using it as a manual tool, you would enter the individual’s information into a hosted screen or utility their IT shop has set up for you, and the service or application would come back with some mix of the following types of results: A Full Match, Partial Match, Multiple matches to data element "XXXXXXX", Known negative indicators with data element "XXXXXX", Not Found. They may also provide all the information they have associated with the data points provided, allowing the user to make a determination of the risk or trust in the identity information provided.
These services may also be provided as an API. In this context, organizations can use automated response data to determine whether a name, phone number, physical address and/or email address are all associated with one another. This is typically delivered as Y/N or Match/No Match response, but all associated data points could be provided as well. These signals can then feed into modeling or rules engines.
HOW DO YOU USE THE RESULTS?
You verify this data and see if it matches. A lookup service or graphic user interface (GUI) is designed for fraud analysts or manual review agents who are validating a transaction and user identity. API services are designed to provide results that can be used within a broader context of risk signals to make rules-based and modeling systems more effective in identifying high risk.
Identity authentication is very effective, and can provide the most relevant information to a user's identity. It should be understood that Identity Authentication alone can easily be beaten by a fraudster, and performing authentication without verification leaves you susceptible to fraudsters using stolen identities. Authentication refers to looking up whether provided identity data points are actually associated with one another. Verification refers to actually contacting a person based via the identity points provided. Authentication must be done first for verification to be effective. Authentication without verification is still useful, but in cases of full identity theft you could be dealing with a fraudster who provides the matching phone number and hopes that you don't verify their ownership of it.
DID YOU KNOW?
Identity Authentication confirms the personally identifiable information provided by a consumer by matching or verifying data elements that are associated with the same person, such as confirming a phone number and address are associated with a name.
"Gotchas" with Identity Authentication include:
There are a lot of ways to fool this test.
There are people who move a lot, such as military families, in which multiple phone numbers and addresses may be in the public records.
There are lag periods between refreshes of the address and phone data.
In cases of identity theft, a fraudster can set up these services to look completely legitimate.
They often cannot validate unlisted phone numbers.
If you use it to check the shipping address, there are valid cases in which a consumer could be sending packages or gifts to a relative’s home to pick up later.
Ekata, a MasterCard Company, empowers businesses to enable frictionless experiences and combat fraud worldwide. Our identity verification solutions are powered by the Ekata Identity Engine, which combines sophisticated data science and machine learning to help businesses make quick and accurate risk decisions about their customers. Built around five core identity attributes (name, email, phone, physical address, and IP), the Identity Engine synthesizes billions of data points & insights in real-time to provide businesses with a comprehensive view of their customers’ digital identity and the level of risk associated with it.
KEY NOTES
Alternative Solutions - Out-of-Wallet Checks, Reverse Lookups, Credit Checks
Building this In-House - N/A
Estimated Cost - Typically this service is offered on a per-transaction basis, but you can also purchase it as a subscription. There are some very low cost providers online, that have hosted screens for you to input data manually as well. This service is usually fairly inexpensive.
Sample Vendors - Ekata, Pipl, Neustar, ArkOwl, Trulioo