When you read about collaboration in the financial services industry the topic usually centers around banks and FinTechs. But maybe there’s more to that story. Because sometimes competitors can collaborate and when the topic turns to ID fraud, a team effort among banks just might be a welcome development.
It’s certainly a development that’s top of mind for Intellicheck CEO Bryan Lewis. He recently told PYMNTS CEO Karen Webster that he is actively exploring a consortium approach to fighting digital ID fraud. While banks are always competing for commercial as well as retail accounts, when it comes to fraud, they all have a shared interest. Lewis envisions an interoperable network where financial institutions can share trust and verification outcomes, adding a predictable element to the integrity of digital identities across the board. This consortium approach is not only about thwarting fraud but also about building a unified framework that supports digital transactions without sacrificing security.
“We’re talking to our clients and looking to see if we can we form a consortium,” Lewis said. “Because each individual bank can see its own data, and they do the best they can with it. But given that we see so much data we think we can glean more information if banks work together. So, we’re talking to them now about opting into a program where we can start collaboratively to come up with these tools to help the community in the future.”
Intellicheck’s business model focuses on the barcodes of IDs, a strategy that leverages proprietary insights into security features across all valid North American IDs. This approach is instrumental in staying ahead of fraudsters who are well-versed in mimicking the visual aspects of those IDs, and Lewis underscored the importance of innovative verification methods that go beyond superficial checks. Right now, he said, the authentication/ID landscape is, to put it mildly, fragmented. There are scores of providers, a patch quilt of regulations and no clear path to how all the fragments might converge — especially where biometrics are concerned.
Lewis understands that banks find themselves at the nexus of the digital identity conundrum, balancing the need for stringent ID verification against the imperative of customer experience. He suggests overcoming this obstacle by adjusting verification rigor based on the transaction’s risk profile. This flexibility is crucial in aligning with financial institutions’ varied tolerance for friction in the customer journey. It’s also important from a data standpoint. Banks are leery about storing data, especially PII.
“You’ve got to be sure that,” as Lewis said, “on the back end [of these solutions], it’s got to be easy to use for the consumer as on the front end. Otherwise, they bail.” Merchants and financial institutions (FIs), he said, are especially concerned about card abandonment with any transaction done in the digital realm.
And while the headlines might trumpet how fraudsters are using artificial intelligence (AI) and other technologies to concoct synthetic identities, the criminals are doing just fine with some relatively low-tech methods — they go online and buy stolen credentials for about $20. These are real identities, of real people (and the price goes up or down depending on credit scores). The fraudsters buy names, addresses, Social Security numbers and email addresses.
“And now they own your identity,” said Lewis. Given the fact that, in most cases, banks and lenders only ask for a Social Security number and a government issued ID … well, gaining access to those enterprises and forging an onramp to fraud has proven to be cheap, quick and easy.
“What we’re battling is accessible identity elements,” said Lewis, “and the fraudsters who are using them … synthetic identities take a long time to build up, but getting the licenses is the easy part.”
Intellicheck has been around since 1994 and for the past 30 years has been validating identities, and making sure that when people show up — online or in person — the reliant party has confidence that it is in fact the legitimate individual, with legitimate credentials.
“In the meantime,” he told Webster, “There are things that we can do to help create an identity that is both known and secure.” The first step, he said, for providers including Intellicheck, is to ensure that government issued IDs that are being wielded are, in fact, real. Through the past three decades, the company has been working with DMVs and has collected insight into all the aspects of data — differing from state to state, with barcodes, for example, and holograms and formats — that populate the front and back of the licenses.
“We know the security features on all 250 barcodes in North America,” Lewis told Webster, “that are in circulation today.” That level of data, spanning 150 million licenses, helps law enforcement agents quickly verify if the IDs tendered during, say, a routine traffic stop, are indeed the real deal.
The licenses, he said, and Intellicheck’s identity verification solutions, also can help enterprises introduce the level of friction they desire into a given transaction or interaction — and the level of friction varies by industry. FIs tend to insert significant friction into the process, from examining the backs of licenses all the way through to facial recognition.
“We give them the option to decide what they want to do,” he said. Other industries have proven to be ripe for fraudsters to attack with their pilfered credentials. Real estate is one notable example, where, as Lewis said, fraudsters impersonate property owners and buy and sell the holdings out from under them. There’s significant fraud in the auto space, right at the dealership, as criminals wield credentials and apply for loans (and new cars are a lucrative business, as vehicles average a $47,000 price tag).
“We give them a website that they can log into,” he said, “that’s branded for them, and they can send a text whether you’re standing in front of the [individual] or you’re thousands of miles away.” The solutions are especially valuable for instant credit lenders, where API connectivity and white label offerings from Intellicheck help determine identities (from licenses down to fingerprint data) before any funds are disbursed.
Looking ahead to 2025 and beyond, said Lewis, digital wallets may become the repository for driver’s licenses and other government-issued IDs.
“Eventually digital wallets will be how we all do everything,” said Lewis, who added that “the first time I got a smartphone, I said ‘one day, this thing is going to rule our lives.’” If IDs can be stored in a format that cannot be hacked, he believes it will go a long way toward bringing the fragmentated ID landscape together.
A consortium approach will help, he said, as banks and enterprises and government agencies come together to create an “identity network” that become the standard.
“It’ll all come together, “he told Webster, “because we’re all fighting the same, organized crime rings. Everyone’s looking at how to do this,” he said, adding that no matter the technologies deployed, the same principle applies for merchants, FIs, and even law enforcement agencies: How do you make sure that once you’ve let someone “in” to an ecosystem … how do you make sure that they are who they say they are?
“If you can’t be sure,” he warned, “you’ve let the fox into the henhouse.”