There's more to security than your mother's maiden name

You may not be familiar with the term knowledge-based authentication, but chances are you know what it is. Knowledge-based authentication refers to questions businesses use to prove the identities of their customers. What was the name of your first pet? What’s your mother’s maiden name? Where did you go to pre-school? In theory, only you should know this information. The problem is this information can be obtained easier than ever.

To address this problem, businesses have started to employ biometric authentication like fingerprint scanning. However, many biometric platforms still use knowledge-based information to enroll customers, which makes it easy for hackers to create new accounts using your personal identifying information that they found online. This is referred to as new-account fraud. Javelin Strategy & Research estimates that new-account fraud will soar 44 percent between 2014 and 2018, rising from $5 billion in annual losses to a projected $8 billion.

If a person enrolls biometrics under a false identity, he or she can bypass security measures under a false biometric profile. So, a stranger can access an account that’s under your name using their fingerprint, because they have this false profile. Businesses need to verify the identities of their customers as early as the initial enrollment process to ensure personal information isn’t being manipulated.

At Samsung SDSA, we’ve taken digital identity to a new level. Our identity verification, powered by AuthenticID, is unique because it enrolls clients using something people own and something people are. “Something people own” refers to government-issued documents like passports, visas and driver licenses that people control exclusively. The solution uses forensic document analysis to examine and confirm these items are genuine and tamper-free. “Something you are” refers to biometrics - a fingerprint scan, facial recognition or voice identification.”

According to Blair Cohen, CEO of Authentic ID, “it’s significantly harder to replicate something you own or something you are than it is to obtain something you know. When you fuse these factors together, you create an identity profile that's nearly impenetrable against the cleverest hackers.”

Samsung SDS ID verification not only protects customers from identity fraud, but it can also protect businesses from false claims of identity fraud. While roughly two-thirds of fraud cases are standard imposters who assume the identities of other people, the remaining third are real people who actually made purchases and are now trying to get out of paying for them.

With Samsung SDS ID verification, these malicious actors can no longer hide. With a 20-second multi-factor verification process and continuous biometric authentication running in the background of your online and mobile sessions, the solution guarantees the person using the device is the person making the transaction. Businesses have undeniable proof of who made the purchase, so they don't lose another dime to a person who isn't a genuine victim of fraud.

We're on the cusp of biometrics becoming mainstream. As consumers continue to replace passcodes with face recognition and fingerprint scans, the idea of using these modalities to complete transactions won't feel so alien. They’ll become another part of your everyday life.

What do you think businesses can do to make consumers more comfortable with biometric identity verification? Let us know by tweeting us at @SamsungSDSA.

V.P, Richard Lobovsky
V.P, Richard Lobovsky Enterprise Mobility
Samsung SDS America

Richard is a senior business development executive with extensive wireless industry experience focused on secure mobility in financial services. He is currently leading a team at Samsung SDSA focused on providing mobility and security based enterprise software solutions to the financial services industry including their FIDO compliant biometrics solution. He is a member of SDSA’s leadership team which sets the overall strategy for the organization.