November 21, 2017
Verifying True Identity in a Post-Breach World
Digital transactions are inherently anonymous. So how can businesses really trust that people are who they say they are? Following numerous high profile breaches, full “identities” can be pieced together from myriad pieces of personal information readily available on the dark web. Fraudsters and legitimate customers appear exactly alike to an unwitting merchant.
Static Identity Assessment Cannot Work Alone
In the past, organizations relied on static identity verification methods to compare the information they see to what external bureaus knew about users. However, as more identities have been breached, static information alone becomes ineffective. With so much static identity data available to fraudsters, it’s often easy for them to pass basic identity checks.
Static Identity Verification Can Miss Fraudster and Block Legitimate Customers
- Legitimate Customers with established credit history
- Fraudsters using legitimate BUT STOLEN identities
- Legitimate Customers with no credit history
- Synthetic IDs that don’t correlate to held data
Organizations need a more holistic, layered approach to bridge the gap between online identities and the people behind them. They need a way to augment static identity information with dynamic, shared intelligence in order to verify a user’s true identity.
A Dynamic Approach to Differentiating Fraudsters From Trusted Users
ThreatMetrix Digital Identity Network fills this gap by leveraging shared intelligence from millions of daily consumer interactions. ThreatMetrix stitches together a customer’s true digital identity by analyzing the critical connections between devices, locations and anonymized personal information. By combining this unique, anonymized digital identity with static identity data, organizations gain a far more accurate risk profile of every user. What’s more, dynamic identity assessment continuously evaluates digital identities in the context of every transaction, correlating seemingly disconnected incidents in real time.
The Challenge of Augmenting Dynamic Identity Assessments With Static Identity Data
The static identity provider market is highly fragmented, with multiple vendors providing various static data elements and varying degrees of coverage. The level of data quality varies greatly by data type and across regions based on regulations and restrictions on data access. For example, some vendors focus exclusively on email, some on phone numbers, and others on social data. The response rate on data queries also varies considerably, leading to degraded customer service levels for transactions that rely on this data for evaluation. In addition, many of these static identity checks have poor global coverage. In the U.S. alone, many Americans have no credit score, or have what is known as a thin file, which translates to an untrusted credit score. Less than half of the world’s population has a credit score at all.
The key to leveraging static identity data is to utilize a real-time decisioning platform that recognizes specifically which data is appropriate by use case (new account origination, payments, etc.). The platform can then orchestrate the proper workflow by selecting the appropriate data provider based on geography, desired response rate, pricing and other considerations.
How ThreatMetrix Solves the Challenge
- ThreatMetrix operationalizes digital identity assessments by augmenting dynamic identity data from our Digital Identity Network with static identity data when needed.
- The ThreatMetrix Digital Identity Network verifies users against trusted digital identities built by analyzing millions of online transactions. Given its global coverage and scale spanning thousands of websites and millions of daily transactions, it provides the widest coverage and freshest data on attributes such as age, velocity and reputation, across key identity elements such as email, account identifiers, phone number, address and more.
- Businesses use the ThreatMetrix Digital Decision Platform to harness the power of the Digital Identity Network so they can immediately accept or reject a transaction based on a wide variety of fraud vectors. For example, the platform dynamically determines whether the user’s device has been compromised, is cloaking its location, or exhibits unusual attributes relating to its connection or location.
- If the transaction requires additional verification, static identity data can be accessed using ThreatMetrix Integration Hub to assist the decision process. ThreatMetrix Integration Hub unites dynamic identity assessment with prepackaged, third party static identity data services or custom integrations made through the ThreatMetrix Connect program.
Benefits of ThreatMetrix Dynamic Identity Verification
- Reduce friction
- Reduce latency and cost
- Zero development with out-of-the-box API connectors
- Zero operational cost
- Reduce time to market to days or even hours from months
- Leverage ThreatMetrix® relationship with third-party vendors (eliminates contract negotiation)
- Easily test API data quality
- Use multiple vendors simultaneously to address variations in coverage by use case, geography, identity vector and others.
ThreatMetrix facilitates stronger, smarter, faster fraud decisions and the ability to take clear, decisive action in real time. Not only does the solution reduce fraud losses, it also helps verify up to 95 percent of returning customers, mitigate risk, reduce operational friction, and streamline transaction processing.