In the future, you won’t need to answer questions about your mother’s maiden name or the name of your first pet or primary school to verify who you are. Instead, you will need to snap a photo of yourself with a smartphone, and you will be approved. But, of course, the future is already here, and Veriff, the Tallinn-based global identity verification service firm, offers a biometrics service. Veriff predicts this service, and others like it, to soon replace the old ways of authentication.
“The future of internet safety will require replacing knowledge-based authentication and passwords with biometrics,” says Kalev Rundu, a senior product manager at Veriff. “As these innovations advance, more organisations will be able to treat people’s identity as a password.”
The result is a more difficult barrier for an intelligent and determined bad actor to bypass.
A diverse customer portfolio
Veriff was founded in 2015 by Kaarel Kotkas, then a 21-year-old entrepreneur who wanted to make online identity verification more secure than physical, face-to-face verification. Its solution relies on AI-based facial recognition to confirm a person’s identity by comparing a selfie to an uploaded identity document, such as a passport photo. Seven years later, the company has achieved plenty, enabling e-residents to open Estonian bank accounts without physically visiting the country while helping banks in the Baltics to verify that borrowers are who they claim to be.
According to Rundu, Veriff today has a diverse customer portfolio and services players from the fintech, crypto, mobility, and metaverse business sectors to enable them to build more trust with their users. Its clients include Blockchain.com, Wise, Bolt, Starship, Trustpilot, Visa, and AWS.
Besides fintech, other sectors could benefit from Veriff’s technology, such as healthcare and education. “In the long run, Veriff’s mission is to create a single global identity so people would have equal access to services regardless of where they come from,” he says.
A variety of use cases
After a Veriff user goes through the identity verification process for the first time and the company confirms their identity, they can use biometrics to access different services, according to Rundu. For example, using the firm’s technology, they are just one selfie away from making a high-value business transaction or accessing a room with a passcode.
Some use cases for Veriff’s service include authorising high-risk transactions; checking in for flights; unlocking the doors of rental cars, hotel rooms, and home-sharing services; age verification; resetting one’s password; verifying one’s identity for taking online tests and classes; and the continuous authentication of drivers of ride-sharing and delivery services.
‘The next generation’s standard
Users are increasingly adopting the solution in lieu of conventional authentication technologies.
“People today are much more willing to use biometrics for authentication, but they are only ready to do it if they receive a real value in return and maintain control over how and where their data is used,” comments Rundu. “The next generation’s standard will be digital identities that allow individuals to authenticate themselves on their mobile device using their biometrics.”
Biometrics are not limited to selfies, of course. Other kinds of characteristics can be read to verify one’s identity, and the biometrics toolbox includes fingerprints, iris recognition, vein recognition, and voice recognition, to name a few. Behavioural characteristics can also be measured, such as typing patterns and walking and finger movements, Rundu says.
Veriff mainly works with facial biometrics, which Rundu says is more secure than fingerprints and more convenient than retina scans. “Also, obtaining those is more complex,” he says of both approaches.
But even the newest technologies are still subject to attempted fraud, Rundu acknowledges, and cyber fraud is getting more sophisticated. Biometrics can therefore be a privacy-enhancing tool that, when combined with other privacy and cybersecurity measures, can help mitigate deepfakes.
“Just comparing biometrics similarity is obviously not enough,” says Rundu. “We also need to make sure the person in the photo is real.”
One way to do so is to employ a liveness detection technique to ensure the person in the photo is not fake. The method relies on machine-learning models to detect different ways that are used to trick a system, such as using screens, printouts, masks, slideshows, and other approaches.
Veriff also cross-compares verification sessions based on a user’s device, network, and behaviour. “Instead of just matching two pictures, Veriff leverages device and network information, and customer behavioural information,” says Rundu.
A fact of life
According to Rundu, biometrics is increasingly becoming accepted as a fact of life and will become an integral part of our lives. As a result, businesses, organisations, and governments will be able to improve their services by using biometrics, and service quality is also expected to improve.
In addition, the field of biometrics is evolving. Rundu believes that fingerprints are already passe. While facial biometrics is the current state of the art, iris recognition is poised to become the more secure form of biometrics in the future. Voice recognition is also on the rise, and DNA and vein recognition are also on the horizon.
“There is a lot of continued innovation happening in this area,” says Rundu. “More ways to utilise your biometrics will emerge, and we will be making sure we keep leveraging the best of this innovation,” he says.
For its part, Veriff is looking into age estimation and age verification using facial biometrics analysis. Such tools could be used to create a safer internet for children by reducing risks for them to access and be exposed to content they should not be able to access, Rundu says.