Identity fraud prevention
What is identity fraud?
Identity fraud is when a fraudster gains access to an end-user's account. There are multiple ways in which a fraudster can gain access, such as through stolen credentials or phishing techniques.
Use case
You want to prevent identity fraud and provide your end-users with a secure way to onboard to new devices, whilst still offering an excellent user experience.
Diagram showing onboarding fraud prevention
How it works
Meet Jane, one of your active end-users who has activated MobileID in your mobile app.
- An attacker downloads your app.
- Jane gets a phone call from the attacker who pretends to be an employee at your company. They inform Jane that someone has gained access to her account. The attacker tells Jane that she needs to authenticate with an eID before they can help her stop this attack.
- The attacker starts onboarding in your app with Jane's personal details. This triggers an eID authentication for Jane.
- Jane authenticates with her eID, thinking it is to allow the bank to block the attacker. In reality, she is actually approving an onboarding to your app on the attacker's device.
- The attacker sets up MobileID credentials with a PIN and biometrics.
- The attacker is asked to perform a Face authentication, to confirm that it is Jane sitting in front of the device.
- The authentication fails.
The attacker is blocked and cannot access Jane's account in your mobile app.
In some use cases, native biometrics such as Face ID will not work, and so server-side biometrics such as face authentication can be leveraged instead.
You can read about the differences between Face ID and face authentication in our Face authentication feature documentation.
What it looks like
For the attacker
The following diagram illustrates what it could look like to prevent fraud during onboarding with MobileID, from the perspective of the attacker.
Diagram showing app flow for onboarding fraud prevention from attacker's perspective
For your end-users
The following diagram illustrates what it could look like to protect against fraud during onboarding with MobileID, from the perspective of your end-users.
Diagram showing app flow for onboarding fraud prevention from end-user's perspective
Implementation
To protect against attackers getting access to your end-user's accounts, you can use our face authentication feature. This feature introduces an authentication method that uses server-side biometrics.
For each authentication, it performs a two-second facial scan with 3D Liveness Check and 3D Face Matching on the server-side. This means you can perform face authentications across devices to verify that it is the correct end-user in front of the new device.
To learn about our face authentication, how to implement it and how to test it, see our Face authentication feature documentation.