Gartner recently released a brand-new market guide, “Market Guide for Identity Proofing and Corroboration,” focused on defining and outlining the identity proofing and corroboration space, a methodology to approach it, and the tools available to address it, as they saw a 300% increase in queries from their clients from 2016 to 2017, around identity proofing and ways to reduce reliance on highly compromised static PII data.
Historical and static methods of verifying an identity have become obsolete, due to major PII data breaches and the sophistication of fraud attacks. This leaves businesses of all sizes looking for strategies and tools to reduce risk while limiting impact to good customers during several use cases including: new account openings, transactional exchanges, account changes, and logins. The guide specifically focuses on identity proofing and substantiation use cases in remote interactions. As the customer demands and technologies continue to advance the market continues to shift towards digital interactions in most facets of our daily lives, well beyond online commerce.
In the new guide, Gartner discusses these key findings:
- Data breaches have led to rampant compromise of personally identifiable information (PII). As a result, correctly reciting PII is worthless as a stand-alone method of corroborating a person’s claimed identity.
- Onerous “identity proofing” methods for new-account opening and as part of step-up or multifactor authentication use cases increase customer abandonment. This creates a competitive liability when customer attrition and market share loss exceed the potential fraud loss.
- Many technologies used in online fraud detection use cases, such as device reputation, can be used in identity proofing and substantiation use cases. In addition, these technologies can be invoked to elevate trust during subsequent interactions.
Gartner states that the identity of new customer cannot be absolutely verified or “proven” and that risk and security professionals must embrace new analytics and ways to evaluate multiple positive and negative signals to protect good customers and revenue.
The Gartner guide provides recommendations to:
- Invest in new technologies now to bolster or replace legacy identity proofing tools and processes. Accept that any sense of security that comes from using highly compromised static data as a means of corroborating identity is a dangerous illusion.
- Build a business case for the addition of new approaches for identity proofing use cases that focuses on fraud reduction and credit write-offs, as well as increased revenue from lower false- positive rates, lower abandonment rates, and improved customer experience and loyalty.
- Extend the use of identity proofing and corroboration techniques beyond new-account use cases to login, account maintenance and transactional use cases.
Gartner also outlines their Trusted Identity Corroboration Model (TICM) and introduces the concept of the “identity corroboration hub” that focuses on orchestration, analytics and context-base decisioning. They state an identity corroboration hub should have integration of multiple third-party data tools, which should include solutions or data sources related to at least two of these four.
- Real-world identity corroboration
- Digital attribute risk assessment
- Navigation and other behavior analysis
- Digital or real-world reputation and link/graph analysis
Ekata is a representative vendor in Gartner’s new “Market Guide for Identity Proofing and Corroboration.” To learn more about what they say about Ekata, download the guide.