As the great Arnold Schwarzenegger once said, “Come with me if you want to live.” AI offers a great opportunity to secure our data and systems if used correctly. In identity proofing and risk detection, the goal is to align a digital identity with a real life identity to a high level of assurance. To this end, AI/ML is used to determine and detect synthetic identities and other risk signals associated with account takeover and account opening fraud.
Stopping Account Takeover and Account Opening Fraud
Account takeover (ATO) and account opening fraud take place across multiple channels from web apps to mobile apps to call centers. Because of this, to identify that the user is indeed the correct one, you need “defense in depth” across multiple channels and analyzing multiple forms of synthetic and fraudulent identities. You need to be able to analyze voice biometrics, network risks, driver license validity, mobile device risk, and behavioral risk. This isn’t possible without the use of ML/AI to assist.
ID Dataweb utilizes these ML-driven solutions to secure customers and their users’ data. Our cloud platform, the Attribute Exchange Network (AXN), orchestrates and normalizes risk signals from best-in-class vendors across identity verification and fraud detection. There are three key places where AI/ML helps to verify identities, detect risk, and establish trust.
- For the call center, we use uses ML to identify risk in calls to call centers – including voice, device, and network.
- When proofing identies by matching selfie to driver license, we use AI/ML to identify deep-fakes in government issued IDs and biometrics.
- Our risk engine uses ML to identify risk / generate scores based on an end user’s device, location, network and behavior.
By integrating with ID Dataweb, customers can easily deploy a “defense-in-depth” strategy to their fraud detection and prevention capabilities by aggregating risk signals across human identity, phone, email, device, location, network, behavior, voice, and various biometrics. We provide a unified interface for customers to interact with these services, and a policy engine that enables real time decisioning based on your security standards created from the AI/ML driven risk signals from each attribute provider being used.
HOW IS AI USED IN REAL WORLD FRAUD PREVENTION
ID Dataweb triggers ML/AI risk evaluation through its orchestration network, pulling together multiple capabilities based on the particular channel that is being attacked, normalizing the outputs, and evaluating the signals to determine overall risk.
Sprcifically, our risk engine is our first line of defense in our standard identity verification flow as a way to prevent/protect against credential stuffing, synthetic identity fraud, algorithmic manipulation, and social engineering by determining the risk level of a user’s device, location, network, or behavior using their ML based risk scoring. In ID Dataweb’s standard identity verification flow, a user using AI attack methods would be identified here and either immediately blocked, or possibly given the opportunity to prove themselves again through a more secure step up method like a Government issued ID/selfie analysis check.
In the step-up example, our BioGovID template may detect a presentation attack on the front image of the government issued ID, where the customer is using a deepfake to spoof an image of a driver’s license which they are not in possession of. The combination of both AI/ML driven risk signals (the user’s environmental risk, and the deepfake used for govID capture) would trigger an immediate denial of the user, preventing new account opening fraud.
If that user were to pivot from the digital channel over to the call center, our call center authentication service prevents/protects against AI driven attacks that include recorded voice, speech synthesis, voice chatbot, and manipulated voice conversation.
What’s powerful about ID Dataweb is our ability to pull together these capabilities from multiple best in breed partners excelling in AI/ML to defend against fraud attacks and prevent attacks within multiple channels, defending against multiple tools that an attacker could use. And our ability to immediately to use cross channel risk signals to immediately follow the attack’s movements and continue to prevent their attempts to penetrate into critical systems.
BENEFITS OF AI/ML SECURITY ORCHESTRATION
ID Dataweb has seen customers benefit from this multi-layered approach, combining the AI/ML signals from each vendor to establish a full-scope risk analysis. Many of our customers see 90%+ approval rate in production, with a less than 1% successful fraud rate – which is superior to industry averages.
On the call center side, the use of our voice authentication solution has improved average handle time of every call, brought an average of 80% reduction of fraud, along with an improved customer experience.
On-going authentication provided by ID Dataweb through our risk engine saves our customer’s users thousands of hours in collective time savings efforts from performing one-time-password checks with proven trusted users- which is immediate productivity/operational improvement as well as time given back to customers interacting within their systems.
In short, to paraphrase Arnold, “come with us if you want security.” Fraudsters are working hard using AI/ML themselves to find new attack vectors on enterprises. ID Dataweb is combatting this by combining the collective power and resources of partners on our network, the AI/ML analysis of their massive datasets and our own expertise in orchestrating these signals for actionable decisions to stay a step ahead of the fraudsters and keep our companies secure.