Issuers, merchants, and processors all share the same dilemma when attempting to authenticate an online identity. They are bedeviled by personally identifiable information easily accessible to criminals that they can use to spoof authentic consumers. In response, Visa Inc. on Thursday announced the Visa ID Intelligence service, which it says can help verify legitimate consumers.
Available via resellers, Visa ID Intelligence connects clients with participating vendors to enable access to a variety of authentication services via a single service.
The need is strong for this service, Visa says. By 2020, the Internet of Things—connected devices including washing machines, cars, and healthcare machines—will number 20 billion devices, according to a Gartner Inc. forecast.
Clients signing up for the service can send their authentication requests to vendors who have integrated into Visa ID Intelligence. Visa is making the necessary application programming interface available on its Visa Developer site.
Initially, identity-document verification and biometrics services will be available. Other services—which verify customer-provided data and device data—are in development, says Mark Nelsen, Visa senior vice president of risk products and business intelligence.
While such services are available directly from vendors, Visa says there’s a need for a single-access, consolidated service. “Our clients really struggle in adopting and integrating these solutions,” Nelsen tells Digital Transactions News. “We have found this is a common problem across all of our issuers, regardless of size.”
In one use case, a client could add biometrics authentication to its service. An issuer, for example, could use a biometric in lieu of a password, Nelsen says. Daon Inc., a Reston, Va.-based biometrics-authentication company that is part of Visa ID Intelligence, can incorporate a range of biometric identifiers, like facial recognition, voice recognition, and fingerprint, to provide multiple authentication methods. “The problem we have today is if the biometric doesn’t work, you have to use a password,” Nelsen says. “Then, it’s easier for criminals. We want issuers to have multiple modalities of biometrics for consumers to use and enroll.”
For companies like Daon, the Visa relationship is significant. “The key thing is Visa is trying to move payments security beyond passwords,” Thomas A. Grissen, Daon’s chief executive, tells Digital Transactions News. “That’s where we excel.”
Identity-verification specialist Au10tix, a unit of ICTS International, is Visa’s launch vendor for the document-verification service.
Analyst Julie Conroy, with Boston-based Aite Group LLC, says the Visa ID Intelligence service has potential. Financial institutions and merchants have to keep pace with the cyberthreat landscape, which poses a challenge, she says.
“They evolve their attacks rapidly, and it’s hard for [financial institutions] and merchants to keep pace,” Conroy says in an email. “In an FI it can take 18 to 24 months to get a new vendor implemented, and that timeframe just doesn’t work when the threat environment moves so much more quickly. Aite Group research shows rising account takeover, application fraud, and [card-not-present] fraud losses for FIs and merchants, so the current vendor deployment paradigm clearly needs to change.”
The other challenge, as Nelsen mentioned, is balancing the user experience so security objectives are met, but the consumer isn’t deterred from completing the activity.
“These two themes come up time and time again in my conversations with executives at FIs and retailers,” Conroy says. “I think Visa’s ID Intelligence platform has the potential to address these challenges. It’s still early. To truly meet its potential we’ll need to see additional vendors participate, but I’m absolutely seeing market interest in this authentication hub concept.”