Opinions expressed by Entrepreneur contributors are their own.
You’re reading Entrepreneur United States, an international franchise of Entrepreneur Media.
Javelin’s 2020 Identity Fraud Survey revealed the total cost of identity fraud in 2019 to be about $16.9 billion. This cost incorporates data breaches, fines from privacy regulations like CCPA and GDPR and lost or damaged resources. Due to these imminent risks, the need to reliably authenticate the identities of users is crucial in your security infrastructure.
Fundamentally, users self-register. Self-registration is a form of identity proofing that captures the phone number and email in most cases. This is not enough, as it reveals minute details about the user. That’s the more reason it is crucial to go beyond self-registration and leverage automated and intelligent identity proofing to identify users who need access to your system and network.
What is identity proofing?
Identity proofing is a verification process of a user’s identity. Don’t mix this up with normal authentication, which is based on the combination of username and password. Identity precedes the time users secure their credentials to log into an application coupled with the normal authentication process.
To explain identity spoofing better, the two definitions provided by the National Institute of Standards and Technology(NIST) will suffice. According to the NIST’s Digital Identity Framework;
- Claimed identity: Data relating to the declared identity by users when they are registered into an IAM system. In other words, who they claim to be.
- Actual identity: Data that proves the validity of the user’s identity. This is who they really are.
Identity proofing has one major objective. It is to ensure the claimed identity synchronizes with the actual identity of users. This is why it functions as a first-layer of defense against intrusion on the identity perimeter.
So the question is, why automate identity proofing? What are the flaws of the manual process?
Risk of compromise by ignorant staff
There have been several cases of compliance staff saddled with the responsibilities of verifying ID documents soiling their hands in identity theft. The manual process is flawed. Once customers discover their confidential data are being used in dubious activities, they will never believe in the reputation of your company.
High cost of workforce
Setting up a human workforce will cost you more than automation. For a human workforce, you will need to pay salaries, purchase computers, pay rent and other miscellaneous expenses. For instance, it can cost you $45/hour to compensate the compliance team. That’s about $225,000 in a year for a 1000 team. Marketwatch also published the average cost of renting a space per worker, which is about $14,800 per year in New York. If you resort to utilizing an automated solution, you can reduce all these costs by 70%.
Snail-speed processing
Aside from the cost, you will need considerable time to properly onboard the compliance team with a manual process. You can lose potential customers who need your services on the spot or have your reputation impacted due to poor handling by yet-to-be trained staff. Some financial institutions still employ manual KYC, which can take days or even weeks. If your clients need to wait for days, they might as well go where the process is automated.
Human error
Humans get tired and this fatigue can lead to error. This is a big challenge when using manual ID checks. On the other hand, machines don’t get tired …….