It could be a scene right out of "Mission Impossible." You go online and buy consumer information on the Dark Web and then craft a new identity that can be positively verified, complete with authentic banking credentials and the world is now yours for the taking.
But it's real. The creation of synthetic identities (fake identities) grew by 42% in the fourth quarter of 2016 according to ACG data.
While organizations are not able to cross-check accounts with Social Security numbers, a new approach to authentication has to be employed, whereby identity isn’t tested online solely using a single factor such as a password, two-factor authentication, physical biometric or any other single data point. Instead, the verification should use multiple factors that are combined and analyzed to give a complete risk assessment of the user, even if the hacker presents legitimate credentials.
Passive biometric and behavioral analytics can enable these organizations to identify, verify and authenticate their real customers online through their behavior and multiple other signals without impacting the customer experience. Passive biometrics tracks the way in which customers hold their device, the cadence of their typing and hundreds of other behavior traits which uniquely identify them through their natural behaviors.
This dynamically generated information isn’t stored and therefore isn’t subject to theft, mimicry or spoofing. Such tools as passive biometrics base their verification tests on dynamic data, not solely single-factor data such as a password or two factor authentication.
Identity verification solutions based on multiple factors can be combined and analyzed in real time to give a complete risk assessment of the user, even if the hacker presents legitimate credentials.
Multiple data points combined with behavioral analytics will provide the most information to make informed decisions about individual transactions. These multifactor methods are the only way to truly unmask fraud.