Trusted Digital Identities — Creating a Common Framework for Proofing, Monitoring, and Trusting Identities
For those of us who have been creating and developing products for years, there is nothing more difficult than having your product not map to a specific category or defined by an analyst firm. Few companies succeed in creating a new market category by themselves. And, not having a category can complicate explaining what your product does. For years, we have been explaining to clients, investors and the market why what we were doing was different and why it makes sense. That is, I think, the price of being an innovator and first to market.
When we started developing our core digital identity technology, we understood that we were doing something different, something unique. Most companies who are now part of the large digital identities landscape adopted the nomenclature in the past two years. Meanwhile, IdentityMind has been doing this for eight years. What’s the expression, “imitation is the sincerest form of flattery?” We initially implemented our technology to prevent payment fraud in e-commerce. However, it soon became obvious that the practical use of our technology was much broader, and we added know your customer (KYC) and its variants, consumer due diligence (CDD), enhanced due diligence (EDD) and know your business (KYB). We expanded upon that foundation with transaction monitoring for anti-money laundering (AML) and sanctions and PEP (politically exposed person) screening.
Over two-thirds of our clients use us for onboarding, in some cases achieving more than 98% overall global onboarding automation (Goldmoney Case Study: Accelerating Growth Through Automated Compliance Operations.) Others protect their core business in volatile and high-risk environments (AirTM Case Study.).
In order to achieve these levels of automation, even in high-risk environments, you have to use a consistent model of understanding and assessing risk. The only way to achieve this is by clearly understanding your customers and the risk they pose to your business in real-time, every time they transact. It is not sufficient to only apply strong onboarding, as the quality of the users may degrade over time, their accounts may be compromised and the risk they posed at onboarding may change over time.
And, since we launched, our core premise hasn’t changed: the more you know about the user the easier it is to assess the risk of their transactions. The more good users who make up active parts of a system, the healthier the overall system is. The result is our Trusted Digital Identities.
Last month, Gartner published “Market Guide for Identity Proofing and Corroboration,” April 24, 2018, Tricia Phillis, Jonathan Care, Danny Luong, Ant Allan.* In the report, IdentityMind is recognized as one of three vendors — out of 24 vendors mentioned — that fulfills six of the six use cases required to deliver full functionality: Identity Corroboration Hub, Data-centric, Real-World Identity Corroboration, Document-centric Real-World Identity Corroboration, Digital Attribute Corroboration and Assessment, Navigation and Behavior Analysis and Real-World Digital Identity Reputation and Link/Graph Analysis.
Sigh! What a relief. We have found our category and been recognized in one fell swoop!
In the past, we have been recognized for our platform’s AML capabilities (Forrester Research, “Vendor Landscape: Anti-Money Laundering Solutions, 2017,” April 20, 2017, Andras Cser and Nick Hayes), our fraud prevention capabilities (Aite Group, “Synthetic Identity Fraud: The Elephant in the Room,” May 3, 2018, Julie Conroy), and (to a lesser degree given the broad definition of digital identities solutions) as providers within the digital identities landscape (PYMNTs, “A Smarter Digital Footprint to Authenticate Customer Behavior,” March 29, 2018).
However, this is the first report that aims at the core of our technology, highlighting many of the functions that we have been preaching to the marketplace for years. As part of this market guide, Gartner published (part of) a survey result in which 82% of the respondents, out of 297, pointed to either payment fraud, account takeover, or new account fraud based on identity theft or synthetic identities as their main concern when it comes to fraud. The IdentityMind platform, based on digital identities, addresses 82% of the overall fraud concerns currently in the market. (Gartner, “Market Guide for Identity Proofing and Corroboration,” April 24, 2018, Tricia Phillips, Jonathan Care, Danny Luong, Ant Allan, page 5.*)
Gartner breaks down the key functions to achieve full identity proofing and corroboration in the following feature sets:
- Identity Corroboration Hub
- Data-centric, Real World Identity Corroboration
- Document-centric, Real World Identity Corroboration
- Digital Attribute Corroboration and Assessment
- Navigation and Behavior Analysis
- Reputation and Link/Graph Analysis
As mentioned before our platform covers each of these capabilities, and you can access the full details of how our platform achieves them in this “Trusted Digital Identities Guide”.
Obviously, our thinking is well aligned with this framework — we may use different taxonomy for each feature set, but the result is quite similar as it relates to identity proofing.
In the “Digital Identities Evaluation Guide” we published last year — one of the most downloaded documents in our resource pool — we go through our view of how to assess the risk of an identity based on four questions: 1) Is the identity real?; 2) Is the applicant the owner of the identity?; 3) Can you do business with the identity? and; 4) What is the risk posed by the identity? Our own framework is explained in this guide.
How much you use or not of the framework really depends on the use case. We recently conducted a proof of concept with a very large financial institution that was looking at the onboarding for their digital wallet product, and it is a great example of the application of the framework above. Because of the setup we couldn’t implement any of the “Navigation and Behavior Analysis” or the “Document-centric, Real World Identity Corroboration” — both feature sets will be in the production implementation given that the results of the proof of concept were overwhelmingly favorable.
The highlights of the case above were that the IdentityMind platform can automate over 95% of the overall onboarding. The measures for “High Risk” and “Synthetic Identities” were astonishingly accurate, based on the client’s feedback. This project was based off analysis of more than 30,000 onboarding events within the U.S.
In the above results our platform was working with almost 10 partners within our ecosystem. It was using our own identity database, social network analysis, IP geo location and fraud analysis, identity verification, phone data sources, email reputation, and abstracting it all within our data model (Electronic DNA, or eDNA™ for short). Once in the data model, the platform performs all of the heuristics and machine learning models on top of the entity link and reputation analysis to evaluate identity fraud, which is then further corrected by the business (risk and compliance) rules system.
This clearly highlights the need for orchestration, which in Gartner’s framework is part of the “Identity Corroboration Hub” — without taking from the individual feature sets, what makes it really work is this orchestration. (I love this word — “orchestration” — it really conveys a major value from the platform. Funny enough I am noticing it is being used more and more in the literature).
The results are that the onboarding process can be truly automated, minimizing the need for a large manual review team.
Achieving Trust: Going Beyond Identity Proofing
Onboarding a client is fundamental, but we need to go beyond. A proofed identity may be compromised or may degrade over time. Continuous monitoring so you can actually understand that identity over time and assess how much you can trust that identity is the next natural step.
The use of a digital construct like eDNA captures and maintains a real-time digital representation of an identity. It serves as the fundamental key to understanding your customers and their behaviors. This understanding will drive many operational aspects of the organization. You can tailor user experience depending on this knowledge. A trusted user should have a streamlined experience and access to services that your yet-to-be-trusted users may not have access to.
Today, FinTech organizations are taking advantage of these concepts while traditional financial institutions are lagging, and understandingly so. Their organizations were built with specific silos between teams. They were purposefully designed that way, and it has certain benefits, but also fundamental drawbacks. For one, these organizational silos barely inform each other. There is no reason these companies couldn’t share their knowledge and their views on their customers through a common framework.
Frameworks of digital identities that are used for proofing and corroboration can carry value across all these silos. The IdentityMind platform, based on digital identities, can help break down these silos in a cost effective manner and create a common framework for proofing, monitoring, and ultimately trusting identities.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.