Veridas launches Digital Onboarding Buying Guide

Veridas launches Digital Onboarding Buying Guide

Veridas, a company specializing in developing biometric solutions for digital identity verification, has created a free Buying Guide. In it, Veridas seeks to offer help to all those companies and institutions that want to improve and digitize their customer and user registration process, to provide them with all the elements that, in their opinion, are key and should be considered to evaluate an Onboarding technology and make the best possible purchasing decision.

 

Not all identity document verification technologies release the same number of artificial intelligence algorithms on a document to verify its authenticity and ‘read’ it; nor are all biometric facial recognition engines equally accurate; nor is the design of all flows to verify a person’s identity smooth and offer an agile and comfortable user experience.

 

Therefore, not all vendors are equally prepared to fight fraud, nor do they treat sensitive data under the same standards. This Buying Guide leads, in detail, through all the technological layers that make a Digital Onboarding process excellent.

 

Among the conclusions and recommendations mentioned in the Guide are the following: set common evaluation standards that certify the level of accuracy of solutions under the same conditions, strengthen fraud detection in the field of identity document verification, or prioritize manufacturers with fully automated solutions and proprietary technology.

 

In addition, the Guide is accompanied by an evaluation tool, a comparative table with all the elements (categories, topics and questions) that are key to comparing potential digital onboarding providers and, thus, making the best purchasing decision.

 

Veridas has performed more than 60 million identity verifications for clients worldwide. It has been operating globally since 2017 in sectors such as Banking, Insurance, Telecommunications, Mobility or Public Administrations. In addition, its biometric engine is

regularly subjected to the highest international standards, is considered one of the best in the world by the National Institute of Standards and Technology (NIST).

Veridas wins award for best technology company in LATAM

Veridas wins award for best technology company in LATAM

Global Finance magazine, which specializes in financial markets and investment banking, has recognized Veridas in its Innovators 2022 Awards for its innovative contribution to the financial sector. Veridas has been awarded, on the one hand, in the category of outstanding innovations in fraud detection thanks to its voice biometrics tool to perform the proof of life of pensioners in Mexico for BBVA. On the other hand, it was named the most innovative technology company in the Latin American region. Veridas’ project in Mexico has achieved a new, more secure and inclusive digital banking: more than 80,000 pensioners no longer need to travel twice a year to their bank branch because, thanks to Veridas and BBVA’s voice biometrics, they can now provide proof of life over the phone in just 3 seconds.

Regarding the recognition of Veridas as the most innovative technology company in Latin America, Mauricio Guijarro, Vice President of Sales for the Americas at Veridas, explains that “these awards from Global Finance come to recognize the intense work we have been doing for years in the region, where major banks already rely on our biometric technology”.

Miguel Zarraluqui, Global Product Marketing Manager of the company, affirms that “it is a commitment of all of us to close, with the best technology, the digital gap that our elderly people suffer so many times; changing the lives of thousands of Mexican pensioners with our voice biometrics fills us with pride and this recognition from Global Finance is a great satisfaction”.

Veridas works with more than 120 clients worldwide, where it has already performed more than 60 million identity validations. In addition, its commitment to quality, regulation, and compliance is paramount: it is recognized by the U.S. National Institute of Standards and Technology (NIST) as one of the best face and voice biometric technologies in the world; it has recently obtained the ISO 30107-3 compliance report after passing the Presentation Attack Detection (PAD) level 2 test conducted by iBeta Quality Assurance, consolidating its

leadership as a technology capable of fighting identity fraud and, among other milestones, hand in hand with BBVA, is one of the few technology companies that has managed to integrate its facial biometrics engine in the central Mexican public institution, the National Electoral Institute (INE), responsible for issuing the credentials used by Mexican citizens to prove their identity in electoral processes or when opening bank accounts. Global Finance magazine has chosen the most outstanding innovations in finance in multiple categories as part of its annual innovation awards. This is the tenth edition of the awards that recognize banks, companies, and fintechs that identify new paths and design new tools in finance.

Veridas passes the iBeta PAD Level 2 evaluation of ISO/IEC for its liveness detection technology

Veridas passes the iBeta PAD Level 2 evaluation of ISO/IEC for its liveness detection technology

Veridas, a company specialized in the development of biometric solutions for digital identity verification, has obtained the ISO 30107-3 compliance report after passing the Presentation Attack Detection (PAD) level 2 test conducted by iBeta Quality Assurance. This is a further milestone in its commitment to the continuous improvement of its software and the independent evaluation of biometric technologies.

In this way, Veridas joins a small number of technology companies in the world present in the NIST facial biometrics assessments, and also compliant with ISO 30107-3, being the only company in the world if the NIST voice assessment is added.

Veridas liveness detection passed the first level of iBeta in December 2020 and has now successfully completed the second level assessment. In this case, over 700 impersonation attempts have been passed with 100% effectiveness.

What is Presentation Attack Detection (PAD)?

Within the field of biometrics, presentation attacks consist of presenting a fraudulent human artifact or feature to the biometric capture subsystem in a way that interferes with the policy of the system itself. That is, they consist of showing the camera a consistently manipulated artifact or biometric feature to fool the biometric system. That is why the detection of such, which plays a vital role in ensuring the reliability of the process, is relevant in facial recognition systems. Presentation Attack Detection (PAD) methods allow discerning between fraudulent and real biometric data.

What is iBeta and ISO 30107-3?

iBeta Quality Assurance is a biometric laboratory accredited by the FIDO (Fast Identity Online) Alliance and authorized as a testing laboratory by the National Voluntary Laboratory Accreditation Program (NVLAP) in accordance with ISO/IEC 17025: 2017. iBeta’s Quality Assurance experts work with a wide range of biometric technology companies to ensure products perform to the highest industry standards.

ISO 30107-3 is the test method designed to simulate user enrollment in a biometric authentication system. It is the way to test the effectiveness of liveness detection. Level 1, focused on simpler attacks, focuses on high-resolution digital and paper photos, high-definition challenge/response videos and paper masks. Level 2, focused on more sophisticated attacks, tests with realistic dolls and 3D masks made of resin, latex and silicone, as well as faces synthesized by digital imaging.

Veridas at the forefront of the fight against fraud

Compliance with the ISO 30107-3 level 2 standard once again demonstrates the robustness of Veridas solutions against identity fraud and possible attacks that may be carried out in the online registration and authentication processes of its customers.

Veridas incorporates a high layer of anti-fraud technology throughout its software, from the capture of data by the user, to the analysis and verification of this evidence by its Artificial Intelligence engines

Guest Post: Veridas on the UK’s new customer authentication rules

Guest Post: Veridas on the UK’s new customer authentication rules

By Veridas

The Financial Conduct Authority has made it official: as of March 14th 2022, firms should comply with requirements for Strong Customer Authentication (SCA) concerning online commerce

The new regulation implies that banks and other payment services providers need to check that the person requesting access to an account or trying to make a payment is who they claim to be. This new regulation aims to enhance the security of payments and limit fraud during this authentication process. 

Before SCA, e-commerce security was based on a single static password asked to customers. However, the number of interactions we make digitally is increasing exponentially. Consequently, fraud is becoming a significant problem, with criminals stealing more than £750m in the first half of 2021 -Jana Mackintosh, the managing director of payments at UK Finance-. SCA emerges as a solution to the aforementioned problem; it is a European requirement introduced to make online payments more secure and reduce the risk of fraud.

Ensure your business is compliant with SCA

Why are passwords not enough?

Passwords cannot be considered a secure authentication procedure since they are:

  • not secure: we end up re-using the same or very similar, simple or repeated credentials in order to remember them. This dramatically reduces security.
  • uncomfortable for the user: among other things, security policies require frequent rotation and the use of complex, non-repeated passwords, which make them difficult to remember.
  • ineffective: passwords are easy to breach and sometimes easy to steal; theft through MITM attacks, data breaches of sites with passwords stored in the clear, attacks on passwords, etc

Strong authentication: The 2-factor authentication (2FA)

SCA opts for new levels of authentication, which involve asking customers for two of the three followings: something they know, something they own, and something they are. That is, an authentication that requires the use of at least two authentication factors (2FA) chosen from among these three groups:

  1. Knowledge: something the user knows, such as a password or PIN. Disadvantage: the security of passwords is deficient, as discussed above.
  2. Possession: something the user possesses, such as a debit card or a message to a cell phone.
    Disadvantage of OTP-SMS: nowadays, it is not difficult to find cases of identity theft, cloning of user SIMs or messages intercepted by Trojans, among others.
  3. Inheritance: something inherent to the customer, such as the face, voice or fingerprint.

Depending on the operation to be performed, the factors must be combined, including more factors if the risk is higher. In addition, its use is encouraged by Royal Decree-Law 19/2018, which approved the transposition of Directive (EU) 2015/2366 that made it mandatory to use strong authentication no later than January 1st, 2021.

The role of Biometrics

Why not identify ourselves as we do in the physical world? Why is the Internet based on a system of users and passwords and not on real identities and real people?

Forget about passwords

Biometrics allows us to just be us and forget about everything else… In less than 1 minute, from anywhere, needing just a mobile device or a computer, Artificial Intelligence engines hosted in the cloud verify the identity of the person with an accuracy of 99%. This is how biometrics allows people to be identified by their natural attributes.

Once a customer registers or completes an onboarding process, he or she can carry out an infinite number of procedures with a simple selfie or by speaking for 3 seconds, without SMS codes or passwords. This not only offers a lighter and more seamless user experience but also greatly reduces the costs associated with manual verification processes.

Increases security and reduces identity fraud

Doble authentication systems, such as passwords or SMS codes, are tied to the device and not to the person, so when that device is stolen or hacked, all of that person’s personal information is exposed. However, your biometrics cannot be used by anyone other than you; identity verification systems are key to avoiding this type of fraud and transmitting confidence to both entities and users. The advantages of biometrics include:

  • Privacy: it belongs to you and no one else. It cannot be spoofed, cloned, or intercepted.
  • Security: it allows us to move from presumption to certainty. We are sure that the user is who he/she says he/she is, taking into account the previous advantage.
  • Voluntary: it is the user who has the decision to make use of it.

 

 

Guest Post: How to protect your customers from ‘SIM Swapping’ using biometrics

Guest Post: How to protect your customers from ‘SIM Swapping’ using biometrics

By Veridas 

SIM Swapping is a type of fraud in which a duplicate SIM card associated with a phone line is obtained without the consent of its holder and with the purpose of impersonating the holder’s identity and accessing confidential information (banking applications, emails, social networks…).

Some 5.82 million euros have been recently imposed in fines on several telecommunications operators for fraudulent duplication of SIM cards as the Spanish Data Protection Agency (AEPD) considers that their security policies are insufficient to prevent fraudulent duplication, which is preventing them from adequately protecting the security of their customers.

These sanctions result from a procedure opened in 2019 at the request of individuals who filed their complaints with the Data Protection Agency. The infringements reported include a €17,265 theft from a current account due to a duplicate of a personal card.

The operation of fraudulent SIM card duplication

The most common practice of this method consists of the criminals visiting the operators’ physical stores in person. They present a police report stating that they have been victims of theft, together with a photocopy of the ID card with a forged image. They manage to trick the workers and obtain a duplicate SIM card on many occasions.

Another method used is the telephone call in which they pretend to be the owner of the line. The criminals trick the telecommunications operators by informing the customer service department that their cell phone has been stolen and they need a duplicate card. After a verification method based on questions about personal data, they obtain the duplicate card, which is sent to the requested address.

By getting a duplicate of our SIM, fraudsters automatically have access, in addition to contacts and information stored in the SIM, to all applications and services that use an SMS as a recovery procedure; that is, they would have access and control of bank accounts, social networks and email accounts among others. And, in the same way, to all operations that have as a confirmation method sending an SMS; such as online purchases, transfers or loan applications.
What is the source of the problem? Telecom operators may be using insufficiently robust methods to verify users’ identity to allow a duplicate SIM. In addition, the tendency of banks to use an SMS as a second factor is a problem in itself; simply by stealing the handset, criminals would have access to SMS and, consequently, users’ bank accounts.

Strong authentication is an authentication where it is required to use at least two authentication factors (2FA) chosen from these three groups:
Possession (something you have): this is the most traditional way of accessing a service that belongs to us and is through a physical key or accreditation that we possess, such as a debit card or a message to a cell phone. The significant risk of this authentication method is the possibility of losing this credential or of someone impersonating us simply because we have it. As observed in SIM Swapping cases, “what we have” is not a sufficient authentication factor to avoid identity theft issues.

Knowledge (something you know): something the user knows, such as a password or access code. In this case, it is not something physical that we can lose, but it is a very fragile authentication factor given the risk of forgetting it or even of someone else finding out that information by different methods, becoming then able to impersonate us.
Inheritance (something you are): something inherent to the person, such as your face, voice or fingerprint; that is, ourselves and everything that makes us unique.

The solution to SIM Swapping: verify the real identity of customers

The operators affected by the fine imposed by the AEP remarked that, although part of the responsibility for security lies with banks and credit institutions, they need to continuously update and reinforce their protocols in order to improve and optimize them.

Biometric factors (voice or face) are the solution. These factors are inherent and incapable of being supplanted, making them highly secure. Biometrics are:
Private: biometrics belong to an individual and no one else. It cannot be supplanted, cloned or intercepted.
Secure: it allows us to move from presumption to certainty. We are sure that the users are who they say they are.
Voluntary: it is the user who has the decision to use it.

For this reason, many telecommunications companies have already incorporated biometrics in their customer registration and authentication processes to increase security and customer experience.

Ventocom: Online customer onboarding through SIM card activation using face biometrics.
Deutsche Telekom: customer authentication in 3 seconds, in any language, with 99% accuracy and anti-fraud technology.
Euskaltel: 100% online account opening and cancellation with document verification technology and anti-spoofing technology to avoid fraud cases.

 

 

Contact center platforms using Veridas voice biometrics

Contact center platforms using Veridas voice biometrics

Veridas’ voice biometrics solution, a leading company in developing solutions for digital identity verification, is being used by some of the world’s leading companies, such as BBVA, Deutsche Telekom, or Prosegur, and implemented in the different Contact Center platforms they use: Avaya, Genesys, Twilio, Amazon Connect, or Enghouse, among others.

The reasons why Veridas is being chosen over its competitors are clear: no one offers such impressive technological features (authentication with 3 seconds of voice, regardless of text and language), with such a high performance (accuracy of over 99.9%; evaluated by the National Institute of Standards and Technology, NIST, the main evaluating body for this type of technology in the world, as one of the leading solutions in the world) and with such strongrespect for user privacy (Veridas does not need to store customer data for the proper functioning of its technology).

When we at Veridas decided to develop a product specifically for Call Centers, in which the end-user could be authenticated in real-time while conversing with an agent, we made the firm decision to design it so that it could be easily and integrated into any existing platform. And it is now that this long-term vision is bearing numerous fruits, after months invested in the development and configuration of a solution based on 100% proprietary technology, based on artificial intelligence algorithms and neural networks” explains Miguel Zarraluqui, Product Manager of Voice Biometrics at Veridas.

Avaya, Genesys, Twilio, Amazon Connect, and Enghouse are not the only solutions the leader in digital identity verification is working on. Veridas continues to consolidate its partner network to reach more customers worldwide, seeking to offer the best possible services at all stages of the customer’s life, from sales to implementation, including integration support and technical support. Veridas is charting new avenues of collaboration among the leading platforms of such significant companies as Evolution, Talkdesk, Odigo, IBM, and Link Mobility.

There was no point in doing it quickly and exclusively for one platform. At Veridas, it was clear to us that we had to go for a multiplatform solution that could be integrated into a matter of days in any client, regardless of the contact center solution they had” concluded Zarraluqui.

Until today, improving any one of these areas (customer experience, security, and costs) implied an impact on the others. You couldn’t increase security without compromising UX and vice versa. But this is no longer a utopia: it is possible to improve all three areas simultaneously thanks to biometric solutions like ours. In short, the return on investment for our customers is immediate, while improving security and customer experience” said Eduardo Azanza, CEO of Veridas, speaking recently at Digital X 2021, an event organized by one of its main partners, Deutsche Telekom.

Only biometrics can replace current authentication methods, such as passwords, question-based processes, or OTPs, substantially improving security while significantly improving the end-user experience. And, of course, reducing the associated cost, since, at last, it is possible to go from authentication processes that take 30 or 40 seconds on average to zero.

With Veridas’ text-independent technology, companies no longer need to spend time authenticating their customers; simply establishing a natural conversation with them is enough. The technology will do the rest.