This blog post is an excerpt from GovLoop’s recent industry perspective, “Modernizing Identity Proofing in Government.” GovLoop spoke with Keir Breitenfeld, Senior Business Consultant from Experian Fraud and Identity Solutions, to discuss the primary challenges of identity proofing in the public sector and what modernization of identity proofing looks like. Download the full report here.
The sheer range of fraud tactics can impede agencies from achieving security. These threats must be met with a variety of identity-proofing and management tactics. Without monitoring, performance assessments, and tuning, a singular and static identity proofing strategy can be exposed by evolving schemes and the usage of high quality compromised identity data. Traditional verification and validation parameters alone are simply too obtuse and can be easily circumvented by those with criminal intent.
Static rules based on overly simplistic verification and validation checks can easily be circumvented by intelligent fraudsters,” Breitenfeld said. “Conversely, those same static rules must also have built in mechanisms to accommodate true name users that may not initially meet that criteria for identity proofing.”
Vast and diverse populations, heavy regulations and operational as well as data silos all pose significant challenges for government. But there are ways for government to successfully modernize identity proofing.
Modern Fraud & Identity Strategies
There are many emerging trends and best practices for modern fraud and identity strategies, including:
- Applying right-sized fraud and identity proofing solutions. To reduce user friction or service disruption and appropriately manage fraud risk, agencies need to apply fraud mitigation strategies. Such strategies reflect the cost, measured risk and level of confidence as well as compliance needed for each interaction. This is called right-sizing the fraud solution. For example, agencies can cater a fraud solution that ensures seamless experience when a citizen is calling a service center vs. an online interaction vs. a face to face one.
- Maintaining a universal view of the user. Achieved by employing a diverse breadth and depth of data assets and applied analytics, this tactic is the core of modern fraud mitigation and identity management. Knowing the individual user extends beyond a traditional 360-degree view. It means having knowledge of a person’s offline and online behavior, not only with your agency, but also with other agencies with which that user has a relationship.
- Expanding user view through a blended ecosystem. Increasingly, agencies are participating in a blended ecosystem — working with vendors, peer agencies, and partners. There exists a collaborative culture in identity and fraud management that doesn’t exist in more competitive commercial environments. Fraudsters easily share information with one another, so those combatting it need to as well.
- Achieving agility and scale using service-based models. More agencies are adopting service-based models that provide greater agility and response to dynamic fraud threats, diverse population changes, and evolving compliance requirements or guidance. Service-based identity proofing provides government agencies the benefit of regularly updated data assets, analytics and expertise in strategy design. These assets are designed to respond to fraud or identity intelligence observed across various markets and industries, often protecting proactively rather than reactively.
- Future-proofing fraud solution choices. Technical and operational resources are always in relatively short supply compared to demand. Agencies need the ability to “code once” in order to expand and evolve their fraud strategies with ease. Future proofing solutions must also be combined with an ever changing set of identity proofing requirements and best practices, powered by a robust and innovative marketplace of service providers.
The future of identity proofing in the public sector is more than just verifying individual identities. Government must now use risk-based approaches and mitigation strategies to quickly identity threats and determine the type of fraud before damage is done.
