As businesses accelerate their digital transformation, identity verification (IDV) has become critical for credit applications, e-commerce, and financial transactions. Yet a persistent myth remains: that advanced IDV solutions introduce friction, leading to lost customers and lower conversion rates.
From a COO’s perspective, the real challenge isn’t the presence of IDV itself but rather its alignment with business objectives—ensuring compliance, preventing fraud, and delivering a seamless customer experience. The outdated assumption that database-matching IDV or other traditional methods are lower friction than modern biometric and AI-driven IDV is flawed and exposes businesses to security risks.
Let’s examine why this myth persists and why it needs to be rethought.
The misconception of low-friction IDV
Many organizations, especially in finance and retail, rely on methods they believe minimize friction:
- Database-based IDV: Cross-referencing user-provided information with government or third-party databases.
- Social logins & SMS OTP: Verifying via third-party identity providers (e.g., Google, Facebook) or sending one-time passwords.
- Bank-verified ID (open banking & eKYC): Confirming identity through financial institution records.
- Credit bureau checks: Matching user details with credit bureau databases.
- Email-based verification: Sending confirmation links to verify authenticity.
- Behavioural biometrics & risk-based authentication: Assessing typing patterns and interactions for risk analysis.
Why these methods are perceived as low-friction:
- Real-time processing: Verification appears instant, allowing users to proceed quickly.
- Minimal user effort: No need for document uploads, biometric scans, or additional verification steps.
- Familiarity: Users are accustomed to entering details or verifying accounts via SMS or email.
- Risk-based scaling: Businesses assume that for “low-risk” scenarios (e.g., age verification), these methods balance security and convenience.
However, these assumptions are increasingly flawed in today’s fraud landscape. While these approaches seem convenient, they introduce significant vulnerabilities, ultimately increasing operational risks and user dissatisfaction.
The core problem: stolen identity data is everywhere
Traditional IDV methods do not verify if the person behind the transaction is truly the rightful identity owner. This exposes businesses to several key risks:
1. PII data breaches have made stolen credentials ubiquitous
- Massive breaches have exposed personal data, making it easily accessible to fraudsters.
- Attackers can buy stolen credentials online, allowing them to bypass weak identity checks.
2. AI-augmented identity theft
- Fraudsters use Generative AI to create high-quality deepfake identity documents that match stolen real PII (e.g., passport scans, driver’s licenses).
- Although deepfake-based fraud is growing, stolen PII remains the dominant attack vector today. Future advancements in AI may shift this balance further.
3. Account takeover fraud is surging
- Fraudsters with stolen credentials can impersonate users, gaining unauthorized access to accounts and financial services.
- What was once considered a low-friction process now enables fraud, creating a different form of friction—disputed transactions, fraud losses, and reputational damage.
The reality: advanced IDV is no longer a trade-Off
Many businesses assume biometric or AI-driven IDV frustrates users, but this is outdated thinking. Today’s advanced IDV solutions are just as seamless as traditional methods while being significantly more secure.
Why advanced IDV is the smarter operational choice
Faster with real identity assurance
- Instead of manually entering data, users scan an official ID document and take a selfie.
- AI-powered verification occurs in seconds, confirming identity authenticity and detecting fraud attempts.
Minimizing repeat friction for returning users
- Once verified, users can access services instantly using facial biometrics, removing the need for passwords or re-entering identity data.
Fraud prevention without customer disruption
- Businesses that implement this strong IDV upfront avoid re-verifying legitimate customers later due to fraud concerns.
- This reduces customer frustration from excessive security checks.
The economics of fraud prevention
Chargebacks & fraud costs
- Businesses focusing on “low-friction” IDV methods often pay the price through chargebacks and fraud losses.
Operational impact
- Fraud resolution creates long-term friction, undermining the short-term “seamless” experience.
Industry statistic addition:
According to the Association of Certified Fraud Examiners (ACFE), global fraud losses are estimated at 5% of annual revenues, demonstrating the cost of weak identity verification measures.
The LexisNexis® True Cost of Fraud™ study indicated that for every dollar lost to fraud, financial institutions in North America incur an average of $4.41 in associated costs. This figure, known as the LexisNexis Fraud Multiplier™, accounts for expenses beyond the initial loss, including fines, fees, labor for investigations, and external recovery efforts.
This substantial multiplier underscores the importance of implementing robust identity verification measures to mitigate not only direct losses but also the extensive indirect costs associated with fraud.
Final thoughts
For COOs aiming to streamline operations, reduce fraud, and enhance customer experience, rethinking IDV is essential. The belief that database-based IDV and similar methods is “low-friction” while advanced IDV is “high-friction” is outdated.
Today’s AI-driven and biometric IDV solutions provide the same or better user experience while ensuring real identity assurances—simultaneously combating AI-augmented identity theft and use of deepfake technologies. For industries with strong compliance frameworks, a multi-layered approach with AI-based IDV at its core is the strongest approach.
This isn’t just about security; it’s about gaining a fundamental operational advantage.
Appendix: A deeper dive into the illusion of low-friction IDV
The belief that advanced identity verification creates friction often stems from comparisons to traditional methods that appear faster and more convenient.
Many businesses rely on database matching, social logins, SMS OTPs, or credit bureau checks, assuming these methods offer a seamless customer experience with minimal disruption. However, in isolation these approaches verify data, not identity.
In today’s landscape of massive PII breaches, deepfakes, AI-augmented identity theft, and account takeovers, these outdated approaches increase fraud risk, compliance challenges, and financial losses. The real friction isn’t the few seconds spent verifying identity—it’s the aftermath of fraud: chargebacks, customer disputes, and reputational damage.
To understand why the perception of friction persists, let’s examine the traditional identity verification processes businesses turn to in their effort to streamline sales and onboarding. While these methods may seem efficient, they introduce significant security gaps that undermine their effectiveness.
1. Database matching (traditional IDV)
How it works:
Customers enter their name, date of birth, address, driver’s license number, or other identity attributes, which are matched against government databases, credit bureaus, or third-party data sources.
Why It’s perceived as low friction:
✔ No need for document uploads or biometric verification.
✔ Matches happen in real-time, providing an instant result.
✔ Customers are familiar with entering personal details online.
Problems & risks:
❌ Confirms data existence, not user identity.
❌ Easily bypassed using stolen PII from data breaches – identity theft.
❌ Fails to detect account takeovers, as fraudsters can provide legitimate details.
Use case bias: Seen as sufficient for “low-risk” applications like age verification, retail sign-ups, and instant credit approvals (e.g., buy now, pay later services).
2. Social login (OAuth) & SMS OTP verification
How it works:
Users log in via third-party identity providers (Google, Facebook) or verify their phone number via One-Time Password (OTP) sent via SMS.
Why it’s perceived as low friction:
✔ Eliminates password creation and form-filling.
✔ Speeds up login and signup processes.
✔ Trust in major platforms (Google, Facebook) creates a false sense of security.
Problems & risks:
❌ Social logins verify account ownership, not identity.
❌ SMS OTP is insecure—vulnerable to SIM swapping and phishing (NIST Special Publication 800-63B).
❌ Social media accounts are frequently hacked, enabling fraudulent logins.
❌ Often lacks regulatory compliance due to weak identity proofing.
Use case bias: Common in e-commerce, gaming, and streaming services where quick sign-ups are prioritized over strong identity verification.
3. Bank-verified ID (open banking & eKYC integrations)
How it works:
Customers verify identity by linking their bank account, leveraging Open Banking APIs or eKYC frameworks to confirm account ownership.
Why it’s perceived as low friction:
✔ No need for document uploads—data is pulled from the bank.
✔ Banks already conduct KYC checks.
✔ Faster verification, particularly in financial services.
Problems & risks:
❌ Proves account ownership, not necessarily identity, unless a biometric or a multi-layered approach is adopted (PSD2 guidelines in Europe enforce biometric authentication, whereas U.S. frameworks rely more on traditional methods).
❌ Stolen banking credentials can be exploited by fraudsters.
❌ Excludes unbanked individuals who lack traditional banking relationships.
❌ Dependent on API reliability and data-sharing agreements.
Use case bias: Used in fintech and financial services where Open Banking is available (e.g., Europe under PSD2 regulations).
4. Credit bureau checks (soft or hard pull)
How it works:
Customer identity details (name, DOB, address) are cross-referenced with credit bureau databases (e.g., Equifax, Experian, TransUnion). Some cases trigger a soft or hard credit inquiry.
Why it’s perceived as low friction:
✔ Instant verification based on credit history.
✔ No need for document scans or biometric checks.
✔ Works well for individuals with established credit records.
Problems & risks:
❌ Excludes users with thin or no credit files.
❌ Stolen PII can pass checks, enabling fraud.
❌ Lacks liveness detection, making it ineffective against identity theft.
❌ Hard inquiries impact credit scores, deterring some users.
❌ Synthetic identity fraud exploits credit bureau checks, combining real and fake PII to build false credit profiles (Javelin Strategy & Research, 2023).
Use case bias: Applied in credit applications, auto loans, and mortgages, where reliance on financial data is assumed to be sufficient.
Key takeaways
✅ Traditional IDV methods validate data, not identity, and are vulnerable to fraud.
✅ AI-driven biometric IDV is faster, more secure, and enhances user experience.
✅ Businesses should integrate advanced AI-driven biometric IDV solutions at all entry points to prevent fraud early.
✅ Regulatory frameworks support the shift toward advanced, multi-factor IDV.
✅ The real friction isn’t a few extra seconds of verification—it’s fraud, chargebacks, and compliance failures.
Conclusion
The real issue isn’t friction. It’s bad friction.
Businesses must stop equating traditional IDV with seamless security. Advanced AI-driven biometric solutions do not need to be slow or cumbersome; they offer both security and usability.
Replacing outdated low-friction models (which let fraud in) with genuine frictionless experiences (which confirm real identity without extra steps) is the way forward.
The most damaging friction isn’t a few extra seconds of verification—it’s the cost of fraud, reputational damage, and regulatory fines. Companies that fail to modernize with advanced AI-driven biometric IDV risk being left behind in an increasingly security-conscious world.
The question isn’t whether identity verification should evolve—it’s how quickly businesses can adapt to protect both their customers and their bottom line.
About the post:
Images and videos are generative AI-created. Image prompt: A middle-aged man sitting at the very top a super tall water slide, looking back at the camera, smiling at the camera, slide is several stories tall, the rest of the water park expands out below her, the landscape looks small below her, giddy, almost surreal landscape, excited, smiling, warm summer day. Tools: Midjourney, Luma.
About the author:
Josh Read is Chief Operating Officer at IDVerse. He has over 25 years of leadership experience in technology organisations including Equifax, KPMG Australia, Telstra Enterprise and Government, and Yellowfin Business Intelligence International. As COO, Josh supports and directs the global expansion of the company, building optimised business processes for IDVerse to become the global partner of choice for IDV and compliance.
