What to do in the wake of the Equifax data breach: Run? Hide? Freeze credit?
That’s just on the consumer side, and none of them are delightful choices.
What about for financial services firms? The options aren’t much better, and they hinge on a significant quandary: How do they know that the person for whom they are opening a new account, authorizing a transaction on a credit card or extending a line of credit is the rightful owner of the credentials they’ve produced?
In our latest Topic TBD, Jumio CEO Stephen Stuut said it’s all about finding a digital identity anchor that will help reduce the risk of those decisions.
Equifax hack as game changer? As Topic TBD host Karen Webster posited to Stuut, the data breach may be to authentication what Target’s own data theft woes were to EMV: the catalyst for immediate change. Think scale. As Equifax’s malefactors touched 143 million individuals, Stephen Stuut said, that’s “basically all the adults in the country.”
The data that was stolen, he added, is very much the type that is used when someone is talking on the phone, dialing straight in, so to speak, to identity theft. And here’s a curio: The most basic building block of identity here in the States, the Social Security number, comes on cards that clearly state, “not for identification purposes.” The lesson: there must be a change in identification technology, and as Stuut said, the time has come to reexamine all the tools of that trade. In the wake of this reexamination, the most basic question becomes: Just what is an identity, anyway?
In a rapidly evolving world that is becoming ever more digital, said Stuut, email and IP addresses are no longer sufficient. There needs to be something in the ether of the internet that ties back to the real world, and that traditionally has been the government-issued ID. After all, he told PYMNTS, “the internet is anonymous. You could be anybody. You could be a cat.”
Thus, Jumio focuses on the document in hand, literally (and virtually) establishing whether it is fraudulent.
The online arena, especially in eCommerce, does not necessarily have attendant brick-and-mortar branches where documents can be checked in person. This means the data taken during the Equifax heist allows the “bad guys” to establish credit or loans without getting a once-over in the here and now.
According to Stuut, the identity documents are valid 99 percent of the time, but the 1 percent it is not carries a huge financial penalty. Biometrics plays a key role in our digital age of bits and bytes and instant information, using facial recognition and other avenues to make sure those presenting credentials are in fact the rightful owners of that information.
Perhaps it’s time to get ready for FinTech adoption of such data security methodologies like biometrics, with more robust identification technologies that track eyeballs and fingerprints and the unique characteristics of an individual’s face. As for Jumio, said Stuut of the Equifax (and other breaches), “I hate to say it is a market driver for us, but it is.”
All of this must be done with haste and aplomb. As Stuut noted, should the authentication process prove too onerous, it is all too easy for consumers to drop their basket of goods before ever checking out.
Within a tech-driven model, Stuut offered an illustration in making travel arrangements: One could conceivably pull out a passport while sitting in a Starbucks, use a laptop or other device to take a picture of the ID and then, in terms of the ID process, make sure all is in order through machine learning and humans working in a hybrid model. As for biometrics and real-time ID verification, he said, it’s rather unlikely that hackers are lugging around their own portable iris-scanning technology.
In the aftermath of Equifax and a renewed effort on the data security front, financial services firms must pay very close attention to the anchor points (including which documents take precedence) that help determine who a customer is, and not purely if the firm will get their money back.
“Look at what you are doing to get that anchor point and then break down the barriers to innovation,” he advised financial services companies, as the world goes increasingly online … all with the aim of separating the good guys from the bad.