Modern life increasingly takes place online, with a dizzying array of services and platforms. However, unlike in the real world, there is no outward face that reveals the true nature of these digital inhabitants. How can you be sure that the online the person is who they say they are? Banks and suppliers worldwide are adopting different solutions.
e-ID in Nordic countries
A recent ARKWRIGHT report Federated e-IDs - as a value driver in the banking sector based on experience from Nordic markets sponsored by SIGNIFICAT evaluated the experience in the Nordic markets.
ARKWRIGHT analysts believe that:
- “The Nordic countries have solved this by successfully establishing electronic Identity (e-ID) schemes, giving their citizens an online identity which is recognized both by casual users and by the most secure authorities in the nation. Over time many solutions have evolved, but in all four countries, a solution jointly initiated by a group of banks has taken the dominant position. This is because banks in collaboration have a huge advantage over governmental and third-party solutions. They are the only players who have already authenticated the majority of their country’s citizens and transferred them to an online solution – online banking. However, collaboration amongst banks alone is not enough to guarantee success.”
The report found that the types of e-ID being used vary by country hugely as the following charts shows:
Countries vary as to how the e-ID systems are used, for example, in:
- (Source & Copyright©2019 - Arkwright Consulting)
But do we need to change the e-ID paradigm?
ThreatMatrix in their Cybercrime Report on the results of their annual review from their Digital Identity Network - the world largest tracking of cyber fraud worldwide - hi-lighted the report that “a group of computer scientists from New York University’s engineering department has managed to generate a series of “master prints” that not only pass smartphone fingerprint sensors but can actually masquerade as prints from multiple users.” They commented that “When evolving global regulations are mandating the use of a ‘foolproof’ biometric suite of strong authentication, hackers are already cracking the codes that make them penetrable.”
ThreatMatrix have found that “the only reliable approach to smart authentication is a layered solution that combines real-time elements of a user’s unique behavioural pattern, with the customer-focused, strong authentication that is inextricably linked to their online customer journey.” JUST BIOMETRICS IS NOT ENOUGH.
CTMfile take: In e-commerce, MNCs need to use different e-ID strategies/country and be ready for/encourage a move to behavioural identification wherever possible.
ThreatMetrix Cybercrime Report 2017: Digital ID is key to minimising cyberfraud
Most lucrative time for a fraudster or criminal network is the period right after a breach has happened, and before it has been discovered or reported
Fraud: detect anomalies as they happen
Aite study reviews how to use machine learning platforms and to reduce false positives by 63%, & increase CNP fraud detection by 177%
Fraud balance: attract customers while minimising fraud & costs
Cybersource ‘2019 Global eCommerce Fraud Management Report’ shows how to get balance in e-commerce right between keeping customers and