Consumers exposed to identity theft during lockdown due to poor remote identity practices, finds new survey
Almost half of applicants asked to email sensitive identity documents when applying for a loan or setting up a new account during lockdown
Only one in five applicants asked to perform a ‘liveness’ check, suggesting fraudsters may profit
15 May 2020, London, UK:
Over the past month financial firms have been shifting away from traditional in-person ID checks and towards remote verification. This ‘forced migration’ to remote identity verification followed the introduction of the government’s social distancing measures and the Financial Conduct Authority quickly emphasised remote identity ‘flexibilities’ included in its existing regulations, encouraging firms to process applications remotely.
But new research from secure-identity specialist Nomidio, undertaken by Opinium, highlights serious vulnerabilities in industry practices, with 1 in 7 UK adults confirming they needed to prove their identity digitally during lockdown. Of this number, which equates to roughly seven million UK adults, almost half (49%) were asked to email sensitive documents such as passports or driving licenses when applying for a loan or setting up a new account.
Despite around a quarter of consumers being asked to use biometrics to remotely verify their identity, only 20% were asked to perform a “liveness” test – widely considered a necessary step for biometric identity verification, with a surge in identity-related fraud the likely consequence.
Philip Black, Commercial Director, Nomidio commented:
“This research shows that some firms are playing fast and loose with consumer’s sensitive identity information. The industry has been scrambling to adapt to mass remote identity verification and it’s clear security and privacy have both suffered as a result.”
“During this period it is imperative firms implement a biometrically-enabled remote identity system incorporating a liveness check, fortunately, this functionality can now be delivered as a service from the cloud. Our customer Hitachi Capital implemented Nomidio in just 24 hours to help administer Coronavirus Business Interruption Loan Scheme applications, following a four-fold increase in demand for remote applications.”
Nomidio is a business dedicated to re-imagining all aspects of digital identity so individuals are empowered with a digital identity that’s secure, unique, widely used and over which they retain control. Nomidio Identity Verification is the first service to go live, focused specifically on helping companies to quickly and cost effectively validate the identity of prospective customers. Nomidio has also developed the world’s most advanced consumer identity and authentication service.
Nomidio’s parent company Post-Quantum is dedicated to ensuring that organisations can carry out their operations safely and securely. Post-Quantum is one of a handful of leaders in the development of new quantum-safe encryption algorithms that are able to withstand the threat posed by quantum code-breaking. Post Quantum’s algorithm NTS-KEM is a finalist in NIST’s competition to find a replacement to RSA, today’s public-key cryptographic standard. The company provides a range of encryption products, services and IP to financial services firms, technology leaders and governments around the world.