Leveling Up Identity Verification To Meet This Moment

Companies around the world contend with two digital identity challenges that seem mutually exclusive on the surface: 

1. Securing their data against the evolving threat of fraud.
2. Providing a frictionless experience for their customers.

Evolution has always been a defining trait of the identity verification space. The COVID-19 pandemic compelled many companies to reimagine their digital channels as everyone sequestered at home, and many of us couldn’t physically be present to verify our identities. The current AI revolution is spurring further innovation in this space, particularly in response to  AI-driven fraud techniques like deepfakes, as well as customer expectations around personalized online experiences. 

These challenges represent both threats to companies reliant on digital channels as well as opportunities to invent new approaches to safely identify consumers around the world. Here are some reasons for why identity verification strategies have reached an important fork in the road. 

Multi-Factor Authentication Has Never Been More Vulnerable 

KYC multi-factor authentication (MFA) is under increasing threat, led by the sophisticated evolution of cyber attacks and a complex digital landscape. Advanced tactics, including phishing and SIM swapping, can bypass traditional MFA methods by spoofing one-time passwords (OTP), and collecting compromised passwords and user-provided knowledge-based answers (KBA).  MFA solutions that rely on email-based codes are particularly susceptible to interception, exposing a major weakness in many identity verification frameworks. According to an October 2024 article by anti-malware company Malwarebytes, fraudsters have begun to sabotage MFA methods by compromising critical e-mail accounts from Google – many of which are used as recovery e-mail addresses. 

In response, organizations need to consider adaptive authentication methods that can evolve alongside these threats. Some examples include biometric authentication and contextual risk-based analysis to help ensure future-ready KYC protection.

Customers Are Losing Patience with Poor Experiences

When companies implement new strategies to thwart identity fraud, they often struggle to create fast and low-friction user experiences. As noted in a Lumin Digital article, “Struggling With Bank Application Abandonment? Here’s What You Can Do,” customers don’t want to make seemingly endless clicks when they’re opening a new account, especially at a bank or financial institution. Many will simply abandon the application. The article notes that users are abandoning online applications at rates as high as 97%. 

Shufti identity experts are noticing a growing trend of cybersecurity teams absorbing fraud as a way to more closely manage the threat from fraud-based attacks. The challenge is around internal conversations to find those balance points between security and user experience that doesn’t drive high abandonment rates. Cybersecurity teams should look for the most effective and user-friendly passive fraud controls and additional step-up authentication to manage elevated risk where it is warranted. 

Incorporating biometrics such as selfies reduces application abandonment, because it lowers onboarding friction when compared to one-time passcodes or setting up answers to obscure personal questions. 

Building a Stronger, More Portable Identity 

Customers, governments, and identity verification providers can all agree that we need to continue building stronger digital identities that can withstand sophisticated fraud attacks while enhancing online trust. Ideally, this identity would be shareable, allowing a consumer to verify their identity once with a government document and a selfie. 

At some point in the future, a consumer may simply be able to use their portable digital identity to interact with a variety of organizations. While a single portable identity is limited today, forward-leaning identity verification and authentication companies are planning how such a schema would fit into evolving networks. 

Here are some ideas for Compliance, Technology and Risk managers searching for an identity solution that provides KYC compliance with a reputable user experience: 

1. Evaluate coverage to ensure your IDV provider can verify your customers in countries where you plan to expand over the next several years.
2. Check user reviews to read what consumers think of an IDV vendor’s user experience (e.g. Trustpilot). Very few vendors receive consistently positive reviews.
3. Look for a Strong Product Roadmap. The Identity industry is changing rapidly. You need a vendor who is proactively innovating to anticipate your needs. 

We at Shufti believe the future lies in merging identity verification with authentication across the customer journey. This will provide a superior user experience, lower abandonment rates, and enhance revenue. 

We also put secure identities at the heart of all of our products. Shufti’s Head of Privacy/Data Protection Officer Morola Akande, states, “privacy and security challenges in an increasingly complex digital ecosystem has led Shufti to evolve our digital identity solutions so that they address the complex demands of the present and also set new standards for trust and safety in the digital world.” 

To learn more about Shufti’s solutions for Identity Verification and Authentication, as well as a new portable identity for your strategic partner ecosystem, read https://shuftipro.com/blog/identity-verification-isnt-just-for-compliance-anymore/