I recently returned from vacation, a time when we (at least theoretically) close our laptops and seek out a few moments of perfection, whether it’s a swim in a cool lake surrounded by mountains or sitting at a cafe by a beach with a drink in close reach.
To quote Vince Lombardi—the legendary Green Bay Packers coach after whom the NFL Super Bowl trophy is named—”Perfection is not attainable, but if we chase perfection we can catch excellence.” It is with this notion in mind that I took my work with me on vacation to notice where ID verification arose in my journey. Here are some observations:
Shifting into gear
After our flight landed, we took a shuttle from the airport terminal to the car rental office.The service was swift and professional; the vehicle they provided, clean and spacious. However, there was no “real” checking of my ID document. Yes, the representative gave a quick glance to be able to click the box that I had presented an ID. But there was no further verification that I had presented my real ID.
According to the Association of Certified Fraud Examiners (ACFE), car rental companies lose 5% of revenues due to fraud—an alarming amount. I suspect 1-2% of that loss amount can be easily reversed with simple changes in practice around testing ID documents at the check-in desk for document fraud.
Please swipe here
On our second day of vacation, my wife received a notification that her credit card had been compromised and blocked by her financial institution. We called the service line number on the back of her card, and within five minutes were speaking with a representative.
Again, the service was excellent and the response to this serious issue was efficient. The problem: she was verified by voice biometrics, a standard fraud mitigation procedure used across the board in the credit card industry.
Have you ever accepted an unknown call? It can take as few as 10 spoken words for a fraudster to be able to reproduce your voice and “pass” the credit card service line’s voice biometric authorization—which then opens the door to multiple actions to drain your cash account.
The antidote? Facial biometrics performed correctly.
Have a pleasant flight
When we enter an airport to catch a flight, our moods shift with a type of battle-ready adrenaline to take on the check-in, bag drop, and security clearance processes. This is the use case for CLEAR, a paid program that processes your biometrics and expedites security screening, mostly at airports. Since you go through a biometric ID check, you usually don’t have to show an ID document at the security checkpoint, although you may be asked to do so.
According to a recent report, the Transportation Security Administration (TSA) has been working to mandate the presentation of an ID document for people identified through CLEAR, citing a security incident last year. Apparently, a man slipped through CLEAR’s screening lines at Reagan National Airport near Washington before a government scan detected ammunition—banned in the airline cabin—in his possession. And he had almost managed to board the flight under a false identity.
It was reported that CLEAR’s facial recognition methods and system to enroll new members was vulnerable to abuse. The computer-generated photos of prospective customers at times captured blurry images that only showed chins and foreheads, or faces obscured by surgical masks and hoodies.
Also, the process—which allowed CLEAR employees to manually verify prospective customers’ identities if its facial recognition system raised flags—created the potential for human error.
Face time
The facts of this story have not been verified for accuracy, but it again raises the point that ID verification by itself cannot be posited as a solution to ease travel processes (for car rentals and airport lines) or to mitigate fraud (by your credit card company).
From the above experiences, it is clear (excuse the pun) that there is no perfection. So instead, we should run towards the Lombardi trophy with one goal in mind—to drive improvement (securely) for our end users so that we can catch excellence.
About the post:
Images are generative AI-created. Prompt: vaporwave tropical beach scene with palm trees and a setting sun. Tool: DALL-E.
About the author:
Terry Brenner is the Head of Legal, Risk, and Compliance for IDVerse’s North American operations. He oversees the company’s foray into this new market, heeding to the sensitivities around data protection, biometrics, and privacy. With over two decades of legal experience, Brenner has served in a variety of roles across a diverse range of sectors.