Atlanta company combines gov’t IDs and “selfies” to ensure users are who they appear to be.
By Adam Perrotta, Assistant Editor
Knowledge-based authentication—where consumers answer questions only they should know the answers to—has become increasingly ineffective. Social media has made it simple for criminals to get their hands on everything from your pet’s names to the model of your first car. Add to that what seem like daily data breaches of sensitive information, and it’s not all that difficult for fraudsters to pretend to be legit customers. Enter AuthenticID, an Atlanta-based authentication specialist that combines government-issued ID information with facial recognition.
“I tried hard to retire, but I guess that’s not the way I’m wired,” says AuthenticID founder Blair Cohen, who sold his background-screening firm in 2009. With firsthand knowledge of just how easy it has become for fraudsters to get their hands on stolen personal data, he saw his next opportunity. “Identity-proofing has been a challenge for as long as I remember,” Cohen tells Paybefore. “I’ve seen 20 names associated with a single Social Security number thousands of times. And now data breaches occur with more frequency than ever, so we need to use something other than data to prove identity.”
With that concept in mind, Cohen launched AuthenticID in 2013, creating a platform that enables companies to authenticate based not on what a user knows, but on what he or she has—namely, a government-issued photo ID.
AuthenticID started out by offering hardware that could read identification documents at the POS in a brick-and-mortar retail environment and has since grown to provide authentication software in the online and mobile channels as well. The company’s latest offering, known as CatfishAIR, is built for banks and other financial services providers. The service enables companies to verify new accounts by having the user take a “selfie” with a smartphone and matching that with a photo of a government-issued ID, such as a passport or driver’s license. The system is compatible with ID types from 192 countries and uses the company’s Automated Forensic Document Authentication technology to ensure the document hasn’t been tampered with and is not counterfeit. After checking the authenticity of the ID, CatfishAIR then compares it with the selfie to make sure the photo is of the same person as shown on the ID.
“By requiring a photo ID as proof of the user’s identity, CatfishAIR is able to establish, in 10 seconds or less, that the user is in possession of the identification document,” Cohen says.
Using government IDs to verify user identity also gives companies access to more potential customers, including unbanked and thin-credit file users, who often can’t be authenticated using existing financial and credit data, he adds. The CatfishAIR APIs can be integrated with clients’ existing applications for smoother customer experience, while AML, BSA and OFAC screening is incorporated into the solution, helping companies fulfill KYC requirements, Cohen explains. AuthenticID charges on a per-transaction basis, with pricing “roughly the same” as traditional data vendors, such as Lexis, Experian and Equifax, he adds.
Surviving Sharks, Expanding Uses
In March at the All Payments Expo in New Orleans, AuthenticID emerged victorious from the “Shark Tank” competition, besting a group of seven other fintech startups with a demo of the service to a trio of payments industry “sharks,” who served as judges. In naming AuthenticID the winner, the sharks praised CatfishAIR’s simplicity, speed and ease of use in combatting account-creation fraud—one of the biggest issues facing financial services providers.
|“Data breaches occur with more frequency than ever, so we need to use something other than data to prove identity.”
—Blair Cohen, AuthenticID
But CatfishAIR’s utility isn’t limited to account creation or financial services providers. With ID theft-related tax refund fraud skyrocketing over the past several years, the solution has the potential to help tax preparation firms ensure a filer isn’t using someone else’s name and Social Security number—a common method of tax refund fraud. AuthenticID has engaged in talks with “one of the largest online tax filing companies” about potentially adopting CatfishAIR to authenticate filers. The service also could be used for ID verification in large transactions, such as mortgages, real estate purchases, vacation rentals and online gaming, Cohen notes. “CatfishAIR could be used by any company in any industry if they want to prevent identity theft fraud, either during account origination or before a final transaction takes place,” he says.
- AuthenticID Survives APEX Shark Tank
- Report: Fraudsters’ Test Runs Surged in Q4 2015
- Report: Cybercrime Costs to Quadruple by 2019