mobile authentication


How identity proofing can balance security and convenience

Most organizations struggle to balance security and customer convenience. Many believe that to accurately authenticate an individual’s identity, there must be high-friction security protocols, such as passwords, security questions and PIN codes. In other words, customer experience may take a back seat to security.  

But findings from Experian’s 2019 Global Identity and Fraud Report show consumers value both ends of the spectrum. While consumers view security as the most important aspect of the online environment, customer experience was second. The perception has long been that security comes at the cost of convenience, but our report shows the two are not mutually exclusive. Finding the balance has always been the challenge.

Many public sector agencies can relate to the struggle. With some of the strictest regulations of any sector (and for good reason), government agencies depend on high security standards, which often limit their ability to provide a convenient customer experience. In fact, most government transactions -- such as the reissuance of a driver’s license, verification of employment eligibility and certification of credentials -- can be quite tedious, often requiring an in-person visit. 

Meanwhile, as agencies continue to search for the balance between security and convenience, some have adopted a more forward-thinking digital mindset. However, the move to an online environment can result in an increase in online fraud and associated losses.

The National Institute for Standards and Technology recently published new updates that open the door for the use of digital copies of identification rather than requiring physical documentation -- a top priority for many government agencies. More importantly, these new guidelines lay the foundation for a low-friction consumer experience, including virtual appointments, while still providing effective security.

Along with the evolution of the government standards, there have been technological innovations and advanced data and analytics to help the public sector comply with security guidelines, properly identity proof individuals and make the right fraud decisions.

Advanced data and technology leads to more protection

Prior to the new standards, there was an assumption that digital forms of identification were not as reliable as physical documentation. However, the mindset has shifted substantially, due to new and reliable opportunities to remotely validate “strong” documentation, such as a driver’s license, passport, government ID card, etc.

Innovative technology and advanced analytics allow agencies to meet these new standards and effectively identify well-intended customers and minimize the fraud concern. Fortunately, the technology exists to identity proof an individual and verify the authenticity of these “strong” documents. For example, an individual can submit an image of the documentation, which will undergo a number of behind-the-scenes tests to verify its legitimacy in real time. These tests can detect if security patterns are present, investigate machine-readable zones, validate issue dates and determine if the original photo was substituted.

But as the saying goes, a picture is worth a thousand words, and in the case of an ID photo, it may be worth more. Individuals can submit a “selfie” that cross-references biometric data points between this instant headshot and the photo on the identification document.

While this process may not completely remove friction from the experience, it eliminates the need for an individual to make an in-person visit and wait in line for hours at a government office. And with the continued proliferation of smartphone technologies, government services can become more accessible for those with limited mobility or who live far from local offices. This means both the applicant and the agency can save significant time and money.  

Of course, there's no silver bullet for fraud detection and identity proofing. Technology has opened the door for public-sector institutions to seamlessly integrate document verification solutions with other authentication methods -- such as device intelligence, mobile phone queries, one-time passwords, biometrics and digital identity tokens -- to create a secure, compliant and consumer-friendly experience.

Usually innovation comes from private companies, and it takes the government years to catch up, but in this case, regulations have pushed the public sector ahead of private enterprises. Given the flexibility built into NIST's updated regulations, it’s time for government to take the next step and apply advanced data and technology, such as document verification, to effectively remote identity proof individuals. This process will ease the burden on consumers and workers, removing the need for a crowded, in-person experience.

Consumer trust can take years to earn, but the organizations that can balance security and convenience will be far ahead. While government agencies have effectively kept data secure, the customer experience can be improved. The new standards set forth by NIST, along with the latest innovative technologies, can help public-sector institutions achieve the balance that is so sorely needed.

About the Author

Chris Ryan is a senior fraud solutions consultant with Experian.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected