What Problem does Verified Solve?
Let’s Face it……Passwords cause problems. Current customer authentication methods including One Time Passwords (OTP), Challenge Questions (aka Knowledge-Based Authentication (KBA) frustrate and annoy customers. Poor experiences can reduce customer loyalty and lead to account and transaction abandonment and unfortunately lost revenue.
These services can be easily defeated by bad actors and increase the security risks to your platform and your customers’ accounts. Passwords also add expense to your business. Each Password reset performed by your support team costs your business approximately $70, with an estimated 40% of all “IT Help Desk” calls are password related.
These solutions increase friction for consumers, frustrating them and causing them to abandon doing business leading to lost revenue or poor consumer experience. Even worse, they are easily susceptible to spoofing, familiar fraud, and other types of attacks.
authID’s Verified addresses these issues an easier more secure biometric Multi-Factor Authentication product for users to authenticate their identity and recover account access without contacting your support center. A simple selfie authenticates users with their unique facial biometrics for a frictionless experience that is easier and more secure. Whereas OTP and KBA services assume with varying degrees of assurance the account owner is responding to the challenge request, Verified confirms with the highest degree of assurance the biometric identity of the customer when they log in into their account, reset a password or process a transaction. authID provides an irrefutable biometric audit trail for each transaction performed by the user, giving your business the peace of mind that your customers’ accounts are not being taken over by bad actors and that all resets are only being performed by the rightful account owner.
What is MFA
Multi-Factor Authentication (MFA) is an authentication method in which a user is granted access to a website or application only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism.
Multi-factor authentication can drastically reduce the incidence of online identity theft and other online fraud, because the victim's password is no longer enough to give a thief permanent access to your customer’s information. However, many multi-factor authentication approaches remain vulnerable to phishing, man-in-the-browser, and man-in-the-middle attacks. MFA is especially susceptible to phishing attacks, particularly in SMS and e-mails.
Typical types of MFA include factors such as:
- Something the user has
- Something the user knows
- Somewhere the user is
authID Verified addresses another factor that is inherent to the authentic identity of the user:
- Something the user is
A user’s biometrics provides a level of certainty that is extremely difficult to falsify. A password may be compromised and sold on the dark web, knowledge-based questions may be mined from sources like social media, and devices may be lost or stolen. An individual’s biometrics are far more unique than these other methods of authentication and are easily accessible under nearly any circumstances.
Multi-factor authentication is frequently used for scenarios where there is a need for additional verification due to an anomalous or high-risk event. Typical use case scenarios include:
- Account recovery: a user has forgotten login credentials or is logging in from an unknown device
- Password Reset: a user has lost or forgotten their password, or the password has expired based on a security policy
- Step-up Authentication: a user is attempting to perform high risk transaction or is exhibiting anomalous behavior, e.g., a large wire transfer or a purchase in a new geographic location where they have not previously done business
- Application Access: access applications without a password
- Building Access: gain access to buildings
- Tourist Services: check-in for tourist services
Each of these examples represents an event where there is a high likelihood of fraudulent activity or a high-risk activity that justifies a step up to an additional level of authentication.
What is Biometric Authentication?
Biometrics are unique physical characteristics, such as facial structure or fingerprints, that can be used for automated recognition. A biometric is a measurable biological (anatomical and physiological) and behavioral characteristic that can be used for automated recognition.
Biometric facial matching is a technology capable of identifying or verifying a subject through an image, video or any audiovisual element of their face against a representative biometric template. It uses measurements of the body, in this case face and head, to verify the identity of a person through its facial pattern and related measurements. The technology collects a set of unique biometric data of each person associated with their face and facial expression to identify, verify and/or authenticate a person.
Facial authentication solutions help ensure that only legitimate users are creating and accessing their online accounts — not some fraudster who has stolen the credentials or ID documents of identity theft victims off the dark web. Another key benefit of facial authentication is that businesses can leverage the same biometric data (i.e., a certified 3D face map) captured during enrollment and repurpose that same biometric for future authentication events. This means they can use the same solution for identity proofing and for ongoing user authentication.