Latest News

A Continuous ‘Layered Approach’ Will Be The Next Generation For Identity Defense

In the newest, emerging phase of eCommerce, where interactions increasingly take place across platforms, between apps and devices and through “digital front doors,”  we’ll need “layers” of authentication of people, places and things to keep us safe, Ilan Maytal, chief data officer of AU10TIX, told PYMNTS.

The conversation took place against the backdrop of jointly conducted research between PYMNTS and AU10TIX that showed we’re moving from one-time identity verification efforts to systems that continuously verify individuals.

At a time when platforms and apps have taken the place of face-to-face interactions, “when you do things over the internet, people need to trust you,” said Maytal.  And, as he noted, continuous ID efforts can help ensure that sharing economy firms — and their customers — can safeguard people and their experiences.

Before the sharing economy took shape, Maytal said, companies had a simple motivation to tackle verification: namely, to get as many customers onboarded as possible. Or, perhaps, they had to comply with local or worldwide regulations.

The Rise Of The Sharing Economy

But the sharing economy (with 86 million U.S. consumers) has introduced new dynamics into the mix, contended Maytal. Corporate reputations can be made quickly and torn down quickly. At a high level, for example, hotel or vacation firms must demonstrate that their properties are as advertised, and ride-hailing companies must know that their drivers are who they say they are. Economics is much more sensitive to the impact — or rumors of — fraud and abuse.

“This is why we need ongoing verification of customers and service providers,” said Maytal.

A layered approach is necessary, which embraces biometrics and other advanced tech. Where past efforts have been solely based on authenticating and examining paper documents, he said that firms like AU10TIX are focused on boosting that core function with new capabilities like face comparison, liveness, and other biometric checks.

But, as he noted, the jury is still out as to which of these emergent technologies will be allowed to be deployed and which will not.

Maytal told PYMNTS that any number of governments around the world, the U.S. included, are wrestling with how to define — and in some cases limit — the types of data that can be collected. There’s always the specter of government or compliance risk, tied to privacy.

“That means that not everything we can provide [in terms of technology] can be used to execute or complete ID verification,” he told PYMNTS. He pointed to GDPR, which limits what can be gathered in Europe. In the U.S., there is a groundswell of support for making sure that consumers consent to the data that can be collected and used in verification efforts. Maytal predicted that there will be at least some support from the consumers themselves to offer up their likenesses, voices and other telltale signs to providers.

No matter which solutions gain wide embrace, Maytal cautioned that education will be key to make sure that stakeholders know that during verification, privacy rules are strictly adhered to.

“Many more customers do understand that for their safety, providers need to take more data from them” in order to, for example, compare their faces to an ID, he noted. “They’re ready to share their data if they understand the benefits.” That’s especially true as automation can scan and authenticate the details on offer with speed and accuracy, where the consumer journey is held up only for a few seconds.

The urgency is there for additional layers of defense, especially where deep fakes are growing as an avenue of interest — and an avenue of attack.

“The next generation of authentication tools will be biometric,” he predicted. “There will be many more tools to deploy.”

As Maytal described them, deepfakes are difficult to detect because the bad actors can take a legitimate ID off the dark web (for a small fee) and use that in tandem with lifelike videos and composite data to bypass even the most cautious security providers. “We need to deploy more layers to overcome these deep fake issues,” he said, adding that “I don’t see the threat going away.”

You may also like

Leave a reply

Your email address will not be published. Required fields are marked *

More in Latest News