Digital identity has two different domains – one is identity proofing and the other is authentication, where both have been unique to each other for many years.
Businesses have now utilized several identity proofing methods to distinguish users’ identities by having them visit their local branch office or provide proof of their identity and address.
However, as more people are now using the Internet and apps on their PC or mobile gadget for the modern enterprise, financial institution and banking service, they are progressively researching for online ways to identity proof new customers without seeing them in person.
Using Identity Proofing Techniques
At times, businesses resort to online financial databases and credit bureaus to match identities using their customer’s name, address and social security number. In some cases, they utilize knowledge-based verification where users are asked multiple proofing questions, such as asking them their Zip codes on places they have lived for the past five years. Their response is then confirmed in public record databases.
However, modern technology has made this identity proofing technique futile as cybercriminals can purchase information easily on the Net or through social media.
More recently, these businesses have requested their online customers to capture a picture of their government-issued ID and a selfie using a PC webcam or smartphone. If they’re using a legitimate ID, the picture on the identification is compared to the selfie to ensure they’re dealing with the same individual.
Using Authentication Methods
The same business then uses a disparate set of authentication method to verify the person doing the transaction if he is the same one who created the online account. Aside from providing the username and password, they need online assurance to ensure the user is who they claim to be.
The authentication technique is focused on the following risk factors – logging in from a foreign IP address; resetting passwords; huge money or wire transfers; having several unsuccessful logins; requesting a change on authorized permissions; and, continuous security for ridesharing and delivery services, online test taking and car rentals. Businesses use different technologies to ensure authentication.
Overlapping Between These Two Technologies
Conventional online authentication is sacrificed due to a number of reasons:
- Password logging in: Almost any account found on the Internet requires a username and password. However, passwords are easily forgotten, insecure and shared with other websites. Cybercriminals can easily hack them if they take information illegally.
- Knowledge-based authentication: Customers are asked specific security questions to ensure accurate authorization for online and digital activities. However, large-scale data breaches are now offered for sale crooks can easily access.
- Out-of-band authentication: The authentication process done here requires two variable signals from a different network or channel, like the SMS-based authentication. However, this method is vulnerable to phishing, keylogging and SMS-spoofing attacks.
- Token-based authentication: This type of authentication uses software tokens kept in electronic devices such as PCs, laptops, tablets or smartphones. However, they entail more costs and the need for users to carry them wherever they go. One-time passwords are non-transferrable, so it should create problems when the device is lost, stolen or replaced.
- Biometric Authentication: Here, the biological features of a certain individual is used to authenticate the account. However, crooks can do spoofing attacks to access privileges and rights.
