Our identity is becoming more crucial by the day as most traditional banking processes go online. From transactions to registrations and applications, several processes make use of our digital identity, stressing the need for identity verification to prove that individuals are actually who they claim to be. Interestingly, different identity verification methods and systems are used today to achieve this.
Identity verification is a vital part of Know Your Customer (KYC) and Anti Money Laundering (AML) regulations. The specifics of these regulations differ from one country and jurisdiction to another. There are also regulatory bodies like the Financial Action Task Force (FATF) that establish and monitor global AML laws.
Although there is a wide array of identity verification methods to choose from, the most commonly used include:
- Biometric verification
- Knowledge-based authentication (KBA)
- Database methods
- Online verification
- Two-factor authentication
- Credit bureau-based authentication
1. Biometric verification
Biometrics verification involves identifying and authenticating individuals based on their physical attributes. The most commonly used authentication attributes include voice recognition, fingerprints, facial recognition, and iris and retina scanning. Biometric verification techniques are highly secure and convenient for the clients as they don't have to remember any passwords after the first time setup.
However, the security level of biometric verification can be compromised when a criminal gains access to your biometric data. For example, your picture on social media or a voice recording. In the past, databases have been known to be bridged too, leading to stolen fingerprints. These personal data could be used to commit fraud.
2. Knowledge-based authentication (KBA)
Knowledge-based authentication was one of the most popular types of identity verification in the 2000s. Essentially, it is designed to test the knowledge of a person through questions that are simple for that specific person to answer but difficult for others. Good examples are the questions - what is the name of your favourite uncle? Or What is your mother’s maiden name?
For better security, KBA may include a time limit to answer the question. Although termed very secure over a decade ago, KBAs are becoming much easier to bypass due to the available social data. A google or social media search might reveal the answers to KBA questions.
Recommended - What are The Types of Authentication?
3. Database methods
In this method, data from individual IDs are cross-referenced against verified databases to establish their identity. The database method is usually used for identity verification and risk profiling based on the available data. It is also an automated process, making it fast, cost-effective, and eliminating the need for manual reviews.
However, the database methods don't have a way to actually verify that the person providing the ID is actually the owner. This is because the process is mostly carried out online after which the individual will be granted permission to carry out the transaction.
4. Online verification
Online verification is somewhat similar to database verification but goes a step further. It makes use of several techniques to validate government-issued IDs provided by an individual. Online verification could apply a series of techniques including artificial intelligence, and human and computer reviews for multi-stage validation.
Typically, the individual is mandated to snap a headshot of themselves holding a valid ID. the process goes ahead to validate if the person holding the ID is the same person in the ID. Although secure, many users find the process stressful and this may cause drop-offs.
5. Two-factor authentication or multi-factor authentication (2FA or MFA)
Much like a double-layered wall, two-factor authentication requires users to provide a code sent to their personal email or phone number after originally inputting their password. 2FA can also be used to verify a customer’s personal contact information (email and phone number) to ensure they don't submit wrong data. Two-factor authentication is also useful in creating user accounts and resetting passwords (if they forget).
Tokens are also very important in creating an MFA step before huge transactions are completed. This curbs fraud as only the owner of the account should have access to the token or secret code required to validate the transaction.
Recommended - Synthetic Identity Fraud: What is it & How does it work?
6. Credit bureau-based authentication
Credit bureau-based authentication operates similarly to the database method in that it relies on data from credit bureau databases. Credit bureaus store a huge amount of customer credit information including their name, address, national identification number (NIN), bank verification number (BVN) and more. The bureau’s data could be used to validate a customer identity where needed.
The different types of identity verification methods have their up and downsides. As a business, it is important that you adopt what works best for your business model and type of customer. However, financial institutions are encouraged to adopt the most secure, and in some cases, more than one identity verification method to curb money laundering activities.
See how 100+ leading companies use YV OS for KYC and AML screening of customers for compliance and real-time risk detection. Request a demo today.