6 online identity verification methods to start using

Businesses today must take steps to authenticate and verify the identities of their customers before they allow them to access their accounts. While simple passwords used to be sufficient for this purpose, hackers and fraudsters have found ways of stealing this information and taking over customer accounts. In fact, between June 2020 and June 2021 alone, instances of identity fraud increased by 19%. 

Due to this, many businesses are now employing advanced online identity verification methods that can secure accounts without inconveniencing customers. In this guide, we’ll cover six of the safest online verification methods employed by businesses today. Following this, we’ll explain exactly how our solutions can help your business.

Two-factor authentication

Two-factor authentication (also known as 2FA), provides an extra layer of security when a customer attempts to access their account. When a business uses 2FA, a customer is first asked to enter their username and password. Then, instead of immediately being granted access, they are then asked to provide a further piece of identifying information. This could include:

• Something the customer knows, such as an answer to a secret question
• Something the customer has in their possession, such as a PIN that has been sent to their smartphone
• Something only the customer can possess, such as a piece of biometric information like a fingerprint, an iris scan, or a voice print

The main benefit with 2FA is that if just one of these factors is compromised, a fraudster still won’t be able to access the account. This means that if a customer’s password is compromised or they lose their phone, it is still incredibly difficult for someone else to get into the account because they’re missing a key piece of information.

For example, during the 2FA process, a user will receive an email or text message with a one-time code after they’ve entered their username and password. In an instance like this, a hacker would need to have access to the user’s email account or phone to bypass the additional security measures.

To make 2FA as secure as possible, extra steps can be added to the process. For example, a customer may be asked for a PIN and a piece of biometric information. In these instances, the process is known as multi-factor authentication (MFA). The more steps the customer is asked to complete, the more secure the process is. However, adding steps also makes the process more burdensome for customers.

Knowledge-based authentication

As its name suggests, knowledge-based authentication (also known as KBA) involves the user providing a piece of information that only they would know. Often, users are asked for information like the name of their first pet or their mother’s maiden name. Generally speaking, there are two forms of KBA: static and dynamic KBA.

Static KBA

Static KBA methods allow users to select security questions and provide answers that are stored by a company. This process usually occurs when a customer is looking to reset or change their password or wants to access sensitive information that’s linked to their account.

At the point of initial contact with a customer, a business using static KBA must collect the information required to carry out the process. Generally, a customer will be asked which questions they’d like to answer. They’ll then be asked for the answers to these questions. This data must then be stored securely and is only retrieved when the customer comes back to access the account.

However, although static KBA is useful, it isn’t as secure as some of the other online identity verification methods we’ll outline here. This is because the answers to many of these security questions can easily be located online. This was proven in 2008, when unauthorized access was gained to the email account of former Alaska Governor Sarah Palin. Hackers were able to access the account after scanning her Wikipedia page, which revealed her date of birth and where she met her spouse. This gave them all the information they needed in order to answer security questions. 

Although this is a high-profile case, hackers have also been known to scour the social media pages of everyday citizens, who unwittingly reveal the information hackers need when they share photos of their pets or details about their relationship.

Dynamic KBA

With dynamic KBA, the business does not ask the questions to the customer when their account is established. Plus, many of these questions used in the process are also so-called ‘out-of-wallet’ questions. 

Instead, the content is generated from information within a person’s credit history or public records. Therefore, the answers cannot be found in a customer’s wallet or purse. This makes it incredibly difficult for anyone other than the actual person to know the answer.

Credit bureau authentication

With this online identity verification method, a credit bureau that has a customer’s personal information on file is able to verify the customer’s identity on their behalf. 

Although this is a very secure and reliable method of verifying someone’s identity, it’s also quite old-fashioned and there are a number of drawbacks. For example, it takes a long time for the credit bureau to verify the person’s identity, and it negatively impacts the credit score of the customer.

Database authentication

Database authentication can refer to two different authentication processes, which are used for different purposes.

Firstly, the database authentication process can be used to ensure that the right people are granted access to a particular database. Commonly, this ensures that certain members of staff are given access to the information they need to do their job correctly. In these instances, authentication happens either with the Security Socket Layer (SSL) protocol or using third-party services.

As well as ensuring the right employees can access the information they require, database authentication also ensures that junior employees, or those that do not have the right security clearance, cannot access sensitive information.

In other contexts, database authentication can also refer to the process of using third-party databases such as social media accounts to verify identity. In order to pass an identity check, the user will enter some information from another platform, like their Facebook account, before they proceed.

However, the problem with this online identity verification method is that there is no way of knowing that the database information has not been stolen. Plus, some people are uncomfortable with how their verifier or Facebook uses the information they’re given. 

Zero-knowledge authentication

Zero-knowledge authentication is regarded as an advanced method of verifying identities. This is because the method uses a cryptographic approach in order to prove that something is true without revealing unnecessary information to the verifier.

By way of example, a bartender only needs to know that you’re of legal age before they serve you alcohol. They do not need to know any of the other information on your driver’s license, such as your whole name and address. By using zero-knowledge proof in this scenario, a bartender would only see the information that confirms you’re over 21, and your private information would remain private.

But, while zero-knowledge proof is privacy friendly, the technology is still in its infancy and it’s used by very few companies.

Biometric authentication

Biometric verification methods can verify an individual user based on their unique biological characteristics. These popular authentication methods are becoming incredibly common because they can verify returning users in a matter of seconds. Plus, they are also incredibly secure because it’s very difficult for hackers and fraudsters to replicate this data and hack into accounts. Added to this, biometric authentication methods are also popular because unlike with passwords, there is nothing for the customer to remember. It’s also more comfortable for the customer to access various services in this way.

Biometric verification systems work by storing a user’s authentic data. This stored data is then compared with a user’s physical traits during the authentication process. Although that process might sound complex, most people use biometric authentication every single day. For example, most of us either use Face ID or fingerprint ID to unlock our smartphones.

Overall, there are several different forms of biometric authentication. The main options include:

Face scans

Biometric authentication solutions like ours use facial recognition technology to verify a returning user. These solutions ask the returning customer to provide a selfie, which is then checked against the existing database. If the customer’s selfie matches the information in the database, they’re granted access to their account.

Fingerprint scanners

Everyone’s fingerprints are unique. Plus, fingerprint data is incredibly easy to capture. For this reason, fingerprints are the most popular form of biometric authentication. 

Fingerprint scanning systems verify the identity of customers using mobile native sensing technology. This form of technology compares the unique biometric loop patterns in a user’s fingerprint scan with fingerprints stored in the database in order to find a match.

Voice recognition and identification

These systems can analyze a person’s voice to verify their identity. The technology relies on the fact that the way each human speaks is unique. After all, factors such as movement variation, accent, pace, and many other factors distinguish one voice from another.

Eye scanners

Eye scans use visible and near-infrared light to check a person’s iris. This form of biometric authentication is considered in the same category as facial recognition, but the technology isn’t used as widely now that smartphones can be used for selfies to capture a clear picture of a customer’s face. 

How Veriff supports online identity verification

Here at Veriff, we’ve developed a number of leading solutions that can help with online identity verification. For example, our biometric authentication solution can help you take a step beyond passwords and one-time passcodes to secure customer accounts. For your customers, it’s as fast and easy as taking a selfie.

With the help of our online identity verification method, your users will enjoy the simplest and most secure authentication experience. Using just a selfie, you can authenticate any user in only one second. The process is 100% automated and 99.99% accurate. What’s more, 99% of your users will be authenticated on the first try.

Our biometric authentication solution confirms that a returning user is exactly who they’re claiming to be. It identifies and mitigates fraudulent activities such as account takeover and identity theft, stopping bad actors in their tracks.

Firstly, it asks the customer for a quick selfie, which can be used to verify their identity. Then, the selfie is checked for liveness and realness in real-time. This stops bad actors from exploiting the service and claiming to be someone else. If the image passes these checks, it is then compared to a previously verified face and identity. Finally, the solution sends the user back to your platform and provides you with the authentication decision in about a second.

It can help you stop fraud, protect your business, know your users, and ditch old and outdated security processes that could be exploited.

Speak with the identity verification experts at Veriff

To discover more about the different online identity verification methods and how our biometric authentication solution can help you, speak with our experts today. Simply provide us with some basic information about your business and its requirements, and we’ll create a personalized demo that shows exactly how our solutions can help you and your team.