Online shopping has been growing steadily even during the pre-pandemic era. However, eCommerce experienced an abrupt surge when the COVID-19 pandemic hit. According to Timothy A. Scott, criminal defence lawyer in San Diego, CA, the US is the most fraud-prone country with 34% of consumers saying they were most likely to have been victims of fraud. It is followed by the UK (33%), Canada (29%), Germany (27%), and Austria (21%) (Paysafecard, 2018).
Brick-and-mortar stores were forced to reduce activities or close because of quarantine protocols and physical distancing mandates. Consequently, many migrated to the online world to keep their businesses afloat.
Enabling people to remotely acquire a broader set of required products and services without the potential risks of contracting the virus became a sudden mandate rather than an option. As a result, the large volume of customers purchasing online propelled global retail eCommerce sales to unprecedented levels.
Still, as online shopping continues to rise, fraudulent attacks are matching that pace. The sudden shift from in-person processes to remote operations revealed that many businesses are unprepared for possible cybersecurity attacks. Several online retailers often rely on outdated identity verification systems that criminals can easily circumvent.
These conventional identity verification methods usually utilize personal information, passwords, security questions, credit checks, Social Security Numbers (SSNs), and others to confirm someone’s identity. The premise of these traditional identity proofing processes is that the information is known only to the real identity owner. Nevertheless, such data can be easily obtained by someone else.
Once a criminal successfully steals a customer’s information, they can create new accounts to perform fraudulent transactions and chargebacks. Moreover, with stolen login credentials, they can take over another person’s account. Since the account belongs to a registered client, it is often difficult to catch the fraudster.
Furthermore, while some malicious actors use traditional fraud methods to get past security, others use more modern forms like synthetic fraud. This type of fraud does not rely on stolen identities alone. Instead, it combines fake data with real personal information to create fictitious identities.
As online merchants scale their operations to meet changing consumer demands, they must also shore up their security measures to keep out the bad guys who exploit stolen identities to defraud the network. ECommerce retailers must ensure that they transact only with legitimate customers by implementing trusted identity verification measures in their platform. Verifying a customer’s claimed identity is also vital for compliance with data privacy and protection regulations.
Many enterprises already use modern identity verification solutions like mobile facial biometric identity proofing and automated identity document verification to strengthen their fraud defenses. These technologies harness commonly used mobile devices to complete the process in under a few seconds, thereby ensuring security while providing a seamless user experience.
The mobile facial biometric identity proofing procedure will compare a person’s provided information and selfie to the data and photo displayed on their identity document during onboarding. Often, users utilize their driver’s license because it contains the details that will satisfy the process’s requirements. In addition, the user will also be asked to undergo an anti-spoofing liveness detection test to ensure their real-time presence and to detect cheating attempts like using someone else’s photo.
To further prove their customer’s claimed identity, eCommerce sellers can layer in automated identity document verification that ensures the driver’s license is authentic. After confirming that the user is who they say they are during new account enrollment, they can opt for passwordless login to access their account.
Strong multi-factor authentication (MFA) compliant with FIDO2 authentication standards are ideal replacements for passwords since they are not easily susceptible to theft and other circumvention tactics used against passwords. By eliminating passwords, online vendors can reduce account takeover attempts.
Modern identity proofing solutions that leverage biometric technology and identity documents like driver’s licenses are being used to strengthen fraud defenses in eCommerce platforms. See the following infographic from authID to know more about the matter.