Digital Identity and Fraud Prevention

On 1 November, as part of the #DigitalID2021 event series and during our first ever Digital ID Week, techUK hosted a panel discussion exploring digital identity technologies in the context of fraud prevention and mitigation. The panel explored how fraud has evolved since the start of the pandemic and the role of digital identities in mitigating fraud, as well as approaches to digital identity in the UK and beyond and what steps we must take to build and demonstrate assured digital identities.

The panel included:

• Mark Little, Head of Identity Strategy, LexisNexis Risk Solutions
• Simon Horswell, Document Specialist, Onfido
• Martin Wilson, CEO, Digital Identity Net
• Adam Gagen, Vice President, Government Affairs, American Express
• Katherine Holden, Head of Data Analytics, AI and Digital Identity, techUK (Chair)

You can watch the full webinar here or read our summary of the key insights below:

Opening the discussion, our panel discussed the fraud landscape and how fraud and fraudsters have adapted to a changing world throughout the pandemic.

There was a consensus amongst our panellists that instances of fraud have increased since the start of the pandemic, with more citizens than ever using online services and fraudsters shifting to the digital space. Mark Little highlighted an increase in inexperienced users, and an anxious public facing COVID-19 and Brexit uncertainty, as creating the perfect backdrop for fraudsters – disproportionately impacting the youngest and oldest adults.

Simon Horswell noted an increase in more indiscriminate but less sophisticated fraud over the last 18 months, whilst Martin Wilson and Mark Little pointed to increased fraud around push payments and new accounts respectively. Adam Gagen said that whilst the general trend in terms of card and traditional fraud is positive, big issues remain around onboarding and original signing up processes. Adam added that as fraud is changeable and moving fast, the onus is on us to respond in kind with digital identity solutions.

Digital identity technologies and fraud mitigation

As fraud becomes increasingly digital, our panel emphasised the importance of building more robust defences based on collaboration.

Simon Horswell and Mark Little both spoke of the importance of data and intel-sharing across public and private partnerships at different levels in order to react and respond to fraud threats as they arise, with Simon highlighting the work of Onfido with the Association of Document Validation Professionals (ADVP) and Interpol.

Mark added that digital identity technologies enable multiple new inputs and signals for a more robust method of tracking and stopping fraud, but there is a need for alternative verification combinations. By delivering a broader base ecosystem of identity services, not only do you include more of the population, but you are able to deliver defence in depth.

Adam Gagen reiterated these calls for a shared ecosystem, outlining three key benefits: strengthened defences, reduced cost and risk, and opportunities for new business cases. He went on to say that small businesses during COVID were a key point of exposure and the target of a number of guaranteed programmes for small loans, however many losses and defaults for these small businesses are down to fraud, underlining the need for widespread adoption of digital identity technologies across the economy.

Tools and techniques to deliver assured digital identities

Looking at specific tools and techniques to support assured digital identities, Martin Wilson called for banks to become more involved in the digital identity space, commenting that 98% of adults in the UK already have a bank account and passed stringent ‘Know Your Customer’ checks – with infrastructure for sharing identity data through secure means already established in the open banking space.

The panel also raised alternative means of identity verification, such as through behavioural analytics and biometrics, as new developments that can add extra layers of security beyond knowledge-based identity. Mark Little said that at LexisNexis Risk Solutions, merging online and offline identity data in real-time has proved a powerful method of identifying fraudsters, particularly the behaviour of bots engaged in fraudulent activity.

Approaches to digital ID and fraud outside of the UK

Taking an international view, Adam Gagen offered some insight into differing potential approaches to digital identity.

The first approach is industry-led as seen in the Nordics, with tech and finance industries working together led by the banks, and requiring only a broad trust framework and some standardisation bodies to function. Adam said that American Express’ experience of rolling out and integrating the BankID solution in the Nordic countries was highly effective and saw onboarding fraud ‘fall off a cliff’, whilst Martin Wilson added that Norway managed to reduce payment fraud from 1% of the value of all payments to 0.00042% through BankID.

The second approach is government-led as in Singapore, where the government sits as a data and attribute exchange but allows private enterprise to get involved. This approach would require considerable government investment.

Other approaches such as the EU’s Digital Identity Wallet approach fall somewhere in between.

In the UK, as Martin Wilson noted, DCMS has said government will do only what only government can do and leave the rest to the private sector, in contrast to other countries such as Australia.

Whilst each of these approaches is valid, Adam said it is critical is for government to be clear on the direction of travel, including outlining clear rules of the road to enable everyone to work together. 

Moving towards assured digital identities in the UK

Each of our guest panellists highlighted the steps they believe the UK must take now to build, demonstrate, and adopt assured digital identities.

Simon Horswell said that information sharing and a united approach across government, industry and the financial sector was critical, adding that a less ambiguous definition of where digital identity lies in regard to privacy from government would allow everyone to move forward on the basis of shared rules.

Mark Little explained that the UK market doesn’t yet appreciate the value of owning its own identity, underlining a need to educate and demonstrate the uses and benefits of digital identity to build trust in the population.

Martin Wilson highlighted his desire for a third-party system that verifies digital identities in the same way as Bacs does for payments. He said that public and private sectors, including banks and the financial services sector, should come together to establish this third party.

Adam Gagen said that the immediate priority should be on agreeing interoperability standards and a certification framework to demonstrate these standards have been met, allowing the commercial market to work out new services and schemes to bring that to life with new technologies.

More broadly, however, Adam said that industry now needs to ramp up its rhetoric and be clear that the UK’s slow pace on digital identity threatens its leadership across fintech, tech and financial services. Without progress, investment, new tech and great new benefits for consumers and business will emerge elsewhere and the UK will miss its opportunity to harness the positive potential of digital identity across the economy.

techUK - Building a Thriving Digital Society

Visit our Digital Society Hub to learn more or to register for regular updates.

techUK is in constant dialogue with Government and policy makers to provide the perspective of the tech industry on a wide range of policy issues. Current policy engagement includes online safety, data protection, competition in digital markets, and online fraud. Get in touch to see how we can support your policy work. Visit our Digital Society Hub and complete the ‘contact us’ form.