Before setting up an account or beginning a relationship with a customer, companies commonly want to validate that the applicant is who they claim to be. Identity verification is the process by which a person can prove their identity to an organization or service.
Identity verification is the process of proving that someone is who they claim to be. For example, when a person opens a bank account or signs a lease, it is important to ensure that they are who they claim.
Without strong identity verification, it is possible that someone could open an account or take out a loan in another person’s name, enabling them to commit financial fraud and ruin the person’s credit score. Identity verification is vital for protecting against identity theft and ensuring that people are who they claim when opening a new account, claiming tax refunds, or applying for government services.
When verifying identity in person, typically the applicant presents a set of documents that are accepted as proof of identity. Common examples include government-issued identification, passports, and birth certificates.
Identity authentication and verification are similar but distinct concepts. Identity verification is the process of proving an individual’s identity. This verification is performed once and used to link a person’s identity to unique information that can be used to uniquely identify them in the future.
User authentication, on the other hand, is repeated whenever a user wishes to prove their identity to a particular application or service. This authentication process uses the unique information linked to a person’s identity to authenticate their identity before providing access to their account.
As online and digital services grow, people are increasingly creating accounts with banks and other organizations online rather than in-person. As a result, it is vital for these organizations to be able to verify the identity of these applicants over the Internet.
Online identity verification can be performed in a variety of different ways. Some of the most common methods of online identity verification include verification using biometrics, identity documents, unique knowledge, or one-time passwords (OTPs).
Biometric data is ideal for user verification. Biometric verification methods include facial recognition, fingerprint scanning, and any other measure of a unique physical attribute of a person.
Biometrics offers the most secure and user-friendly method for user verification or authentication. Biometric data is much more difficult to fake, steal, or copy than other verification methods. Additionally, since biometric scanners collect physical attributes, it provides a better user experience because it does not require a user to have access to documents or devices or memorize unique information. Learn what biometric authentication is.
In-person identity verification is typically performed using identity documents like government IDs, passports, and birth certificates. These documents can also be used for online verification of a user’s identity. Documents can be scanned or photographed and transferred to the verification authority to be checked for validity and legitimacy.
Knowledge-based verification is another common form of identity verification, especially for verifying identity over the phone or as part of a password reset process. A user may be asked for information that theoretically only they would know such as their Social Security Number, birth date and place, etc. When attempting to verify a user’s identity after a lost password, a service may also use the information available to them for verification, such as asking about previous transactions or the sources of deposits into the account.
Knowledge-based verification systems operate under the assumption that the requested information is only known to the legitimate user. However, this is frequently not the case. For example, past addresses and birthplaces are often public record, and other sensitive information such as a Social Security Number or other government-provided ID may have been exposed in a data breach.
One-time password (OTP) verification is used to verify a user’s identity based on their ownership of a phone number or email address. The service sends a single-use code to the applicant via SMS or email. By entering this code into the website, the applicant proves that they have access to the relevant phone or email account.
OTPs are a common verification technique, but they lack the same level of security as biometric verification. SMS messages can be intercepted, and email accounts may be compromised or shared by multiple parties. Additionally, this form of identity verification is prone to phishing attacks where users a tricked into sending their OTP to an attacker.
Digital identity verification provides several benefits to an organization, including:
Identity verification is crucial for organizations in some industries, such as financial institutions. If a person can open a bank account under a fake identity, they can use it for fraud and other illegal activities.
Multiple jurisdictions have implemented regulations and standards for identity verification. Some of the major ones include:
While KYC requirements typically only apply to financial institutions, many organizations have a desire or a need to verify their users’ identities before allowing them to open an account. While in some cases ownership of an email address is enough, in others, a stronger proof of identity is required.
Biometrics is an ideal means of implementing digital identity verification and supporting ongoing user authentication. Biometric data is quick and easy to collect, making it extremely user-friendly, but is also difficult to copy or fake, ensuring the security of the user verification or authentication process.