The spat of data breaches continues, drawing attention to shortcomings in authentication. Dixons Carphone recently disclosed a breach of 5.9 million payment cards and 1.2 million personal records.
As we all know, credit card information, combined with other user data from other breaches and social media, can build a complete profile. In the hands of fraudsters and criminals, these valuable identity sets are usually sold to other cybercriminals and used for myriad criminal activities, both on the internet and in the physical world.
Bad actors keep taking advantage of the smallest gap to steal customer data. For this reason, we must change the current equation of breach = fraud by changing how companies think about online identity verification. Companies need to protect all customer data, but more important, they need to make it valueless.
Multilayered technology that thwarts fraud exists right now. Passive biometrics and behavioral analytics technology are making stolen data valueless by verifying users based on their inherent behavior instead of relying on their data, such as credit card information. This makes it impossible for bad actors to use stolen data, as they can't replicate the customer’s inherent behavior attached to that data.
The balance of power will return to customer protection when more companies implement such techniques and technology.