Working remotely and digitally has become the new normal for more people than ever before. One of the biggest changes has been the rapid increase in businesses and consumers interacting and transacting online. While ecommerce, online banking, and other digital services are hardly new, many people and businesses that were slow to adopt such models now find themselves needing to go digital – and fast. These businesses must meet the challenge of securely verifying customer identities, especially when an in-person identity check for a bank account, mortgage or other critical transaction is not feasible.

So how do you securely verify customer identity in a digital workflow? Modern identity proofing is an all-digital process to determine whether you are who you say you are – to verify that the person presenting an identification credential is the owner of that credential. The process keeps your customers safe and protects your organization.

How does modern identity proofing work? Here are some best practices:

Check device reputation – Does the device have a fraudulent or abnormal usage history? For example, has the device been used to open multiple accounts recently? Or, is it using a TOR-based browser or proxy? Without checking the device reputation first, you risk compromising valid credentials.

Keep user friction low – Identity proofing solutions should be self-service and fully digital, so consumers can securely verify their identities on their own time, without the need for an in-person identity check.

Validate document type – Most modern identity proofing solutions involve capturing an image of a valid identity document – like a legal driver’s license or national ID card. There are more than 6000 government-issued identification document types around the globe. Before seeing if a document has been tampered with, the ID proofing system should make sure the customer is using a real and legitimate document type.

Authenticate actual document – Once the system determines that the document type is real, conduct forensic testing on the document to see if it has been tampered with. Entrust Datacard’s solution, for example, uses field crosschecks and retroreflective laminate detection to quickly identify possible document tampering.

Use facial recognition with liveness detection testing – Once the identification document has been authenticated, verify that the person presenting the document is the owner of that document with facial recognition. And, critically, use liveness testing to ensure that the person taking the selfie is right in front of the camera, rather than trying to fool the system with an uploaded image. Simple blink tests can be easily spoofed, so consider solutions that also look for changes in skin tone, reflections, and more.

Do not store any personal identity information (PII) – The identity solution must securely verify identities to protect customers and your business. Avoid solutions that store PII data persistently — putting both you and your customers at risk.

Integrate identity proofing into your own apps– Identity proofing shouldn’t be a separate workflow for new and existing customers. Integrate it directly into your applications and brand as your own for a seamless customer experience.

Think ahead before conducting business online – Once a customer’s identity has been verified, it’s time to do business. Look for an identity proofing solution that is part of a broader authentication solution to ensure you can securely interact and transact with your verified customer community.

Interested in learning more? Read our white paper on Identity Proofing, or register for our upcoming webinar on the topic.