Index
Get the latest news right in your inbox
Improvements of various technologies related to identity verification, information and document validation as well as anti-fraud controls has brought countless benefits, but has also significantly increased the sophistication of fraudulent activities by criminals.
In today's digital environment, where AI and digitization are booming with exponential growth, companies are facing unprecedented challenges and challenges A. Below, we explore the ten most critical challenges, trends and developments facing organizations in this area that you should not lose sight of.
Challenges to work on:
1. Regulations and compliance updates
Regulatory compliance is a constant challenge for businesses, especially with increasing regulation around privacy and data security. The EU's AI Act and the development of regulatory frameworks such as the UK's AI white paper are examples of how authorities are responding to emerging threats. Companies need to keep up to date with these requirements and adapt their verification and fraud prevention strategies accordingly.
Standards such as eIDAS 2, which have been designed to strengthen electronic identification and trust services in the European Union, face the challenge of harmonizing the different national legislations on digital identity, guaranteeing the interoperability and security of identification systems. Their implementation is essential to facilitate digital transactions and companies will have to adapt very soon as they will be obliged to identify their users through their EUDI digital wallets.
2. AI-generated fraud
Fraud generated by artificial intelligence (AI) has experienced exponential growth since 2020. According to reports, cases of deepfakes increased more than 10 times between 2022 and 2023. The most affected regions were North America and Asia-Pacific, with increases of 1,740% and 1,530%, respectively.
One notable case is that of a multinational company in Hong Kong that lost more than $25 million because a fraudster used deepfake technology to impersonate the company's CFO. This type of fraud not only causes massive financial losses, but also undermines trust in digital communications. Therefore, it is imperative to have secure and reliable Know Your Customer and Know Your Business technologies in place to mitigate the risks of this type of fraud.
3. More BFSI muleteers
The use of money mules, individuals who use the legitimate banking credentials of others to launder illicit funds, is on the rise. In 2023, Europol identified 10,759 money mules and 474 recruiters, with reported losses totaling €100 million.
In the United States, one individual managed to launder more than $2.8 million over three years for a scammer he met online. The vulnerability of young people is of particular concern, with 23% of reported cases in the UK involving people under the age of 21. Companies should adopt strategies such as risk assessment of applicants with due diligence tasks and KYB transaction monitoring to combat this phenomenon.
On the other hand, forced verification, where someone goes through a verification process çpp`,against their will, has increased by 305% between 2022 and 2023. These cases can involve people who are unconscious or under threat of violence. Although less common than other forms of fraud, it is crucial to detect these incidents through liveness checks and the identification of atypical user behavior and suspicious background noises, controls integrated into KYC systems such as Tecalis Identity.
4. Fraud in authorized payments
Authorized payment fraud (APF) is a scheme where criminals trick victims into sending payments to fraudulent accounts. According to Visa, 1 in 3 consumers have fallen victim to this type of fraud, with total losses of £239.3 million (approximately $303 million) in the first half of 2023 in the UK alone. Businesses need to educate their customers about these risks and establish procedures to verify the authenticity of payment requests by complying with SCA secure authentication regulations set by standards such as PSD3.
Multi-factor authentication (MFA-SCA), digital signature and biometrics have become fundamental pillars for identity verification in payments. SCA and FIDO standards combine two or more authentication factors, such as passwords, fingerprints and facial recognition, to enhance security. According to a Microsoft report, 99.9% of account attacks can be prevented using MFA with biometrics and digital signature. On the other hand, facial biometric technology has also gained ground; the biometrics market is expected to reach $68.6 billion by 2025, according to Grand View Research, driven by adoption in sectors such as banking and healthcare.
5. Synthetic identities?
Synthetic identity fraud involves the creation of false identities using real and fictitious information. This type of fraud is particularly difficult to detect and has grown exponentially in recent years. According to the U.S. Federal Trade Commission (FTC), reports of synthetic identity fraud increased 43% in 2022. Criminals use these identities to open bank accounts, obtain credit cards and perform other fraudulent activities, representing a loss of billions of dollars for financial institutions.
The main causes of this increase are human vulnerabilities and deficiencies in the platforms' digital onboarding ecosystems, such as the lack of additional authentication and KYC processes with robust technology. To mitigate these risks, it is crucial to implement multi-factor authentication, biometric verifications, KYC forms, KYB technologies, IP address monitoring, etc.
News and key trends:
1. New transformative initiatives: Further guarantees needed
Worldcoin, founded by OpenAI co-founder Sam Altman, is revolutionizing digital identity verification with its World ID concept. Using a device called an "Orb" that scans a person's iris, Worldcoin creates unique digital IDs that are nearly impossible to forge. This innovative approach addresses critical issues such as the creation of fake identities and AI impersonation (challenges we've seen previously), providing a secure and accurate form of biometric verification that promises to significantly reduce online fraud.
However, in markets such as Spain, the Data Protection Agency stopped all operations of this organization because it considered that it did not manage biometric assets in a good and transparent way. It is crucial that new initiatives are audited in the same way that Qualified Trust Services Providers are audited and supervised by government agencies such as the European Commission. These players, who comply with standards such as eIDAS 2, do not store biometric information (although they process it for verification with care and in strict compliance with RGPD standards) and their management of identities is secure and reliable.
In addition to Worldcoin, other transformative initiatives are emerging in the realm of identity verification and fraud prevention. The adoption of blockchain for the creation of decentralized digital identities is gaining traction, offering a secure and transparent way to manage identities without relying on a central authority. The implementation of advanced biometric technologies, blockchain and AI not only improves security, but also increases efficiency and trust in digital transactions. However, their mass adoption will depend on the ability to overcome challenges related to privacy, security and technology infrastructure.
2. AI and machine learning inside RegTech
Artificial intelligence (AI) and machine learning are revolutionizing identity verification and fraud prevention. These technologies make it possible to analyze large volumes of data to identify patterns and anomalies that could indicate fraud. According to Gartner, it is expected that by 2025, 60% of companies will use AI in their identity verification processes, up from 30% in 2022.
However, this adoption also involves risks, such as the possibility of biases in the algorithms that can lead to false positives or negatives in identity verification. Fortunately, rules such as the EU AI Law mentioned above and the standards set by eIDAS 2 make many RegTech players certified in this area 100% reliable, making the use of AI and ML technologies fully secure, transparent and human-centered for the benefit of both users and businesses.
3. Blockchain: new use cases each week
Blockchain offers a secure and decentralized way to verify identities, which can revolutionize the industry. The technology enables the creation of digital identities and immutable electronic signatures that are impossible to forge.
A MarketsandMarkets report projects that the market for blockchain technology in identity verification will grow from $2.1 billion in 2022 to $14.1 billion in 2027. However, blockchain adoption also faces challenges, such as interoperability between different systems and regulatory adjustment.
4. Back to hardware: Relying on NFC
The security of NFC chips in official ID cards and passports and the adoption of zero trust architecture are important trends in identity verification given their versatility. Mutual authentication and advanced cryptographic methods ensure the privacy and integrity of data exchanged between NFC chips and readers, while zero trust architecture verifies each access request before granting fast permissions.
This is widely used in e-passports, ID cards and mobile payments, providing an additional layer of security through mutual authentication in conjunction with biometrics. The implementation of NFC further strengthens fraud protection by ensuring that each access request is rigorously verified before being approved with an extra authentication factor, which is vital in environments where data security is paramount and for triggering sensitive transactions.
5. Identity as a service and user experience
As the technology behind identity verification advances, so does the focus on user experience. In 2024 and beyond we will see the integration of seamless verification processes, e-recruitment and anti-fraud controls that do not sacrifice user convenience. Companies will focus on minimizing customer friction while maintaining rigorous security protocols.
On the other hand, demand for identity verification platforms as a service is on the rise as more companies undergo digital transformation. These solutions offer flexibility and efficiency, enabling small and medium-sized enterprises to adopt sophisticated identity verification systems without the need for a large upfront investment or even completely cost-free QTSP e-signature platforms.
6. Bonus track: constant improvement of verification systems
Liveness detection (active and passive proof of life) is a technology that ensures that the person performing a biometric verification is alive, operating autonomously, aware and present in real time, preventing the use of photos, videos or masks to fool systems as well as other means of compulsion we have seen before. This technology is rapidly being incorporated into identity verification systems to combat increasingly sophisticated fraud.
Behavior-based authentication analyzes user patterns, such as typing, mouse usage, location, retry policies and dozens of aspects of general device interaction, to validate the subject's identity and define different intelligent KYC/KYB/AML paths based on what it has detected in that domain for each user. This technique adds an additional layer of security and is increasingly used in combination with other forms of authentication.
Conclusions and future prospects
Detecting and preventing fraudulent activity is a complex task that requires a multifaceted approach. Companies must ensure that their security strategies span the entire user journey, beyond the onboarding stage. This includes implementing advanced authentication measures, monitoring transactions, and using AI technologies to detect fraud patterns.
In addition, it is crucial to provide regular training to employees and to have the support of a legal team or RegTech partner to adapt to the ever-changing new regulations. Only with a comprehensive and proactive approach, organizations will be able to effectively protect themselves against the growing threats of fraud in the digital world.
Organizations must stay informed about the latest trends and challenges to implement effective risk mitigation and fraud prevention strategies. By proactively adopting advanced technologies and ensuring regulatory compliance, companies can better protect themselves against current and future threats, safeguarding both their integrity and their customers' trust.