Contact Us

Consumers are increasingly digital in everything they do. In fact, more than 60% of consumers of all ages log into their financial accounts at least once per week, with younger consumers showing particularly strong use and engagement with the mobile channel (Figure 1). As a result, banking and commerce transactions are rapidly migrating into the online and mobile channels.

aite group, anti fraud solutions, customer experience, payfone, julie conroy

Considering this overwhelming trend towards digital, it’s not surprising that improving the customer experience is the #1 consideration for the majority of merchants and FIs as they are contemplating new investments in fraud mitigation and authentication. According to a report from global research firm Aite Group, 86% of merchants surveyed and 88% of FI respondents indicated that improving the CX is a key factor driving their investments in anti-fraud technology (Figure 2 and Figure 3).

aite group, anti fraud solutions, customer experience, payfone, julie conroy

aite group, anti fraud solutions, customer experience, payfone, julie conroy

The same report highlights Payfone’s unique ability to enhance customer experiences by verifying identity securely and little or no friction on the customer’s end. The paper also shows how Payfone’s diversified signals deliver 73% higher identity verification rates.

Is improving your CX and giving your customers a fast, frictionless and fraud-free experience at the top of your priority list? Contact us today to learn how Payfone can mitigate fraud while also delivering the best possible CX.

Mobile Network Operator (MNO) data has long been thought of by many in the identity authentication industry as a vital source of signals for enterprises to prevent fraud and create better customer experiences. New research published by global research and advisory firm Aite Group indicates that stronger identity verification requires diversified signals.

The analysis was based on a data study completed in Q1 2019 for a leading U.S. financial institution to understand Payfone’s ability to detect fraud and improve the customer experience both with and without access to MNO data. From most businesses’ perspective, the ability to provide high verification rates is often of greater value than fraud detection, given the benefits of reduced customer friction and lower operational expense (with fewer customers having to engage with the contact center or manual review teams), which drive customer satisfaction and higher Net Promoter Scores.

The results of Aite’s report are a compelling validation of Payfone’s value proposition. The verify rate, which consists of the proportion of records in which the name and address are successfully matched with the phone number, was 64.2% using MNO data alone. When Payfone’s full network of authoritative verification partners was used, excluding MNO data, this produced a verify rate of 83.2%. The verify rate for Payfone’s collective sources, including MNO information, was 85.1%, which indicates there is only a slight improvement (1.9%) in account verification rates when direct carrier information is added to the equation.

payfone, identity verification, aite group, identity authentication, digital trust

Even more compelling, when the verify rates are extrapolated to reflect the total line type distribution in the U.S., the verify rate improvement across all line types increases by 73%. This improvement makes intuitive sense, given the broader population of verification partners that Payfone has access to, versus the sample data, which was heavily skewed to mobile.

“The goal of the study was to understand the solution’s ability to provide accurate identity verification while increasing fraud detection,” said Julie Conroy, Research Director for Aite Group’s Fraud & AML practice. “From most businesses’ perspective, the ability to provide high verification rates is often of greater value than fraud detection, given the benefits of reduced customer friction and lower operational expense (with fewer customers having to engage with the contact center or manual review teams), which drive customer satisfaction and higher Net Promoter Scores. The results of this analysis are a compelling validation of Payfone’s value proposition to assess the risk of the phone and its owner, providing FIs, merchants, and other firms with reliance on digital and/or contact center channels with a unique view into the risk associated with their customers, and an ability to remove unnecessary points of friction.”

To download the full report, click here.

Educate yourself with more Did You Know? insights here.

Highlights:

 

  • Mobile Network Operator (MNO) data has long been thought of by many in the identity authentication industry as a vital source of signals for enterprises to prevent fraud and create better customer experiences, but new research published by the Aite Group indicates that stronger identity verification requires more diversified signals.
  • Aite Group’s Fraud & AML practice analyzed the results of a data study performed for a leading financial institution in Q1 2019. The study showed a 73% increase in verification rates when diversified signals from Payfone’s network of authoritative identity verifiers was queried vs. using MNO data alone.
  • The study also found that adding MNO data to Payfone’s mix of identity verifiers resulted in a slight improvement (1.9%) in identity verification rates.

 

NEW YORK (June 20, 2019)Payfone, a leading digital identity authentication network, today announced the results of a research report with Aite Group, a global research and advisory firm delivering comprehensive, actionable advice on business, technology and regulatory issues within the financial services industry. The paper analyzed the results of a data study performed for a leading U.S. financial institution in Q1 2019 in order to compare the efficacy of using MNO data for identity verification vs. Payfone’s diversified identity signals. The study also looked at the impact of removing MNO data from the identity verification ecosystem.

 

Aite Group’s analysis examined 29,000 consumer records to conclude that the identity verification rate (the proportion of records in which the name and address are successfully matched with the phone number) was 64.2% using MNO data alone. When Payfone’s full network of authoritative verification partners was used, excluding MNO data, this produced a verification rate of 83.2%. The verification rate for Payfone’s sources, including MNO data, was 85.1%, indicating a 1.9% improvement in account verification rates when direct carrier information is added to the equation.

 

“The goal of the study was to understand the solution’s ability to provide accurate identity verification while increasing fraud detection,” said Julie Conroy, Research Director for Aite Group’s Fraud & AML practice. “From most businesses’ perspective, the ability to provide high verification rates is often of greater value than fraud detection, given the benefits of reduced customer friction and lower operational expense (with fewer customers having to engage with the contact center or manual review teams), which drive customer satisfaction and higher Net Promoter Scores. The results of this analysis are a compelling validation of Payfone’s value proposition to assess the risk of the phone and its owner, providing FIs, merchants, and other firms with reliance on digital and/or contact center channels with a unique view into the risk associated with their customers, and an ability to remove unnecessary points of friction.”

 

To download the full report, click here.

 

About Payfone

Payfone’s award-winning Trust Platform™ and Trust Score™ bring trust to the digital economy by enabling businesses to instantly verify customers while thwarting fraud and cyberattacks in real-time; all within a privacy-first, zero-knowledge framework. Payfone serves 6 of the top 10 US financial institutions, and leading healthcare, insurance, technology and retail companies. Learn more at payfone.com and linkedin.com/company/payfone.

 

About Aite Group

Aite Group is a global research and advisory firm delivering comprehensive, actionable advice on business, technology, and regulatory issues and their impact on the financial services industry. With expertise in banking, payments, insurance, wealth management, and the capital markets, we guide financial institutions, technology providers, and consulting firms worldwide. We partner with our clients, revealing their blind spots and delivering insights to make their businesses smarter and stronger. Visit us on the web and connect with us on Twitter and LinkedIn.

 

Press Contact:
Yuka Yoneda
yyoneda@payfone.com
212.614.6927

85% of consumers have the necessary depth and consistency for businesses to determine the authenticity of their identities, according to McKinsey.

So why is there still so much fraud and so many annoying customer experiences that slow us down and prevent us from transacting?

The main culprit is that most companies only have the ability to identify up to 40% of the good guys. Payfone’s identity authentication provides enterprises with the ability to “greenlight” or “pass” close to 85% of customers without friction or step-up authentication processes, while stopping the <5% of fraudsters. We do this through our Trust Score™ and persistent, tokenized ID, which pull together and synthesize identity signals from a diverse network of authoritative identity verifiers in a private and secure manner. This gives our clients a more complete snapshot of customer identities and improved pass rates.

The research also highlights the importance of deep and consistent identity information when it comes to detecting synthetic identities:

“Rather than using a stolen credit card or identity (ID), many fraudsters now use fictitious, synthetic IDs to draw credit. Indeed, by our estimates, synthetic ID fraud is the fastest-growing type of financial crime in the United States, accounting for 10 to 15 percent of charge-offs in a typical unsecured lending portfolio. Instances of synthetic ID fraud have also recently been reported in other geographies. More worrying still, much bigger losses are building up behind these IDs like hidden time bombs.”

The report goes on to describe the other benefits of determining identity authenticity:

“If armed with similar scoring systems, banks could ascertain whether an applicant’s profile looked real. They could then instantly extend credit, perhaps limited, to those applicants with high depth and consistency scores. They could even offer higher initial credit limits than would normally be the case for first loans, since low-risk applicants could be distinguished from high-risk ones.”

Click here to contact us about how our Trust Score can help your company achieve higher pass rates and greenlight more customers today.

Webinar highlights new research study that shows Payfone signals are superior

It’s a question that’s top-of-mind for many enterprises — what is the impact of not having access to MNO information to authenticate interactions? What type of signals are most impactful to get the highest coverage and most inclusive identity authentication?

Join Julie Conroy, Research Director for Aite Group’s Fraud & AML practice, for a webinar that delves into the results of a data study performed for a leading U.S. financial services company. Learn about the differences between MNO data and other signals, and which deliver the highest verification rates. This analysis also breaks down the impact of AT&T removing its data from the eco-system.

WEBINAR: Payfone Signals Prove Superior to MNO Data Alone
Date: June 19, 2019
Time: 1-2PM ET
Presenter: Julie Conroy, research director for Aite Group’s Fraud & AML practice

Register for the webinar here.

Consumers love the convenience of digital, but businesses do not make it easy. Sadly, that’s because businesses cannot tell the difference between their customers and fraudsters. There is a podcast now available that you should seriously consider listening to.

Cameron D’Ambrosi from One World Identity interviews Rodger Desai, Founder and CEO of Payfone, the leader in digital identity authentication. Rodger’s vision has built an identity authentication business that consistently outperforms the competition in what really matters – pass rates and identifying the fraudsters. Find out how to increase pass rates (translation – greenlight more consumers and improve enrollments) and increase approval rates, customer satisfaction and CX without those annoying questions such as how many stop signs are in this picture.

This may be one of the best podcasts in years dealing specifically with the issues facing CEOs, CMOs, Chief Digital Officers, Chief Risk Officers, CISOs and anyone who is trying to figure out how to juggle convenience, security, and privacy.

Listen to the new podcast here.

It’s no secret that frictionless and trusted digital experiences are driving the reshuffling of the Fortune 500. In the face of intensifying competition to build the next generation of UX, instant gratification built on uninterrupted online experiences will have a dramatic impact on any type of service adoption, and will drive dramatic growth in sales across nearly all industries, spanning from financial services to healthcare to retail to insurance to high-tech.

But how can these new make-or-break standards be quantified? And how can brands see if they measure up?

3 Key KPIs to Measure Digital Trust

  • Pass Rate: Pass rate is the percentage of your customers that can be greenlighted or ‘passed’ during a digital interaction (ex: login, signup, call center call) without introducing friction via step-up authentication. Enterprises typically hover around 40% pass rate. Passive authentication technology such as Payfone’s can bring this metric to >90%.
  • Latency/Interaction Duration: Latency is the length of time it takes to verify a customer’s identity and to allow them to complete an interaction. Traditional identity authentication processes such as passwords, SMS OTP and security questions typically add unnecessary lag to interactions, causing customers to abandon. Passive authentication can bring latency down to just milliseconds. To put the importance of speed into perspective, Google research found that 40% of consumers will leave a webpage that takes longer than 3 seconds to load.
  • Customer Satisfaction: A measure of how happy your customers are and how willing they would be to return or to recommend your brand to others. Typically quantified as NPS or CSAT scores. Pass rate and latency have a direct effect on this metric. Citing the same Google study as above, 79% of shoppers who are dissatisfied with a website are less likely to purchase from the same site again.

Taking these three KPIs into consideration, how does your company score when it comes to Digital Trust?

To learn how you can improve these KPIs for your business, contact us.

Interested in receiving Did You Know? emails in your inbox? Sign up here.

Did you KNOW…

In addition to battling fraud and delivering better user experiences, there is one area that is becoming mission-critical to every organization: privacy.

  • Results of an online survey conducted by IBM revealed that for 78% of US respondents, a company’s ability to keep their data private is extremely important: only 20% percent completely trust organizations they interact with to maintain the privacy of their data. Furthermore, 60% are more concerned about cybersecurity than a potential war.
  • Improper use or inadequate protection of consumers’ personally identifiable information (PII) is not only extremely damaging to the reputation of any business but can result in significant financial losses. The 2018 Cost of Data Breach Study published by IBM found that the average total cost of a data breach rose by 6.4% since 2017 to $3.86 million. The latest reported average cost is $148 per lost or stolen record. 
  • One of the most effective ways to eliminate the risk of re-identifying personal data in the event of a breach is to employ modern identity authentication solutions that use anonymous tokens and zero-knowledge architecture (a privacy protocol where only yes or no responses are passed as opposed to personal information.) 
  • The consumer benefit of zero-knowledge is that it minimizes the need to pass personal information in order to verify identity for security purposes. That means a more secure and convenient digital customer experience which is also more private, and meets the requirements of privacy based on consumer choice and controls in addition to thwarting fraud, ease-of-use, and compliance regulations. For Payfone, ‘Privacy above all else’ and is a core value and differentiator that is included in our Bill of Trust.

Are your customer identities adequately protected using tokenization and zero-knowledge protocols? To learn more, contact us to speak with an identity tokenization expert today.

Also on the topic of privacy, we recently hosted a Cybersecurity After Hours event at the IAPP Global Privacy Summit in Washington, DC. See a recap of the event here.

Interested in receiving Did You Know? emails in your inbox? Sign up here.

At first glance, calling something “zero-knowledge” may not sound like a positive thing. Since knowledge is typically seen as something that’s good, it would make sense that having less of it would undesirable. But there are certain situations where having less knowledge is better than having more. One of the most common scenarios is where privacy is involved, and that is where the technical term zero-knowledgewhich refers to a method where the yes or no answer to a question can be shared without revealing the actual details of the answer—comes into play. But before we delve too deeply into that, let’s look at a basic example of how a zero-knowledge proof works:

If a bank would like to check if a customer’s phone is in the city where an unusual transaction is taking place, then the bank, with consumer consent, can ask if the phone is in that city*. The answer should be yes or no, and the actual city the consumer is in should not be returned. For example, if the transaction is taking place in Denver, and the consumer’s phone is in Atlanta, a zero-knowledge response would be that the phone is not in Denver. It would not be disclosed that the phone is actually in Atlanta.

If you think about why you would not want to disclose the actual location of the phone, it’s because that information may be used for nefarious purposes. In a non-zero-knowledge scenario, if a criminal wanted to know where a specific consumer was, they could learn the answer by asking whether the phone is in another location. With zero-knowledge, the answer that is returned is a simple yes or no and one cannot learn something new (such as a specific location) by asking a question.

*IMPORTANT NOTE: Although this example mentions location, Payfone does not use, and has never used, location data.

Another simple example of zero-knowledge identity authentication is one we are calling Maya and the Online Wine Shop. Maya wants to purchase wine online but there is an age restriction of 21-years-old or older. Maya wants to prove that she meets the age criteria without revealing her age. She prefers to have a private simple Yes/No response provide an answer that definitively proves that she is of legal age. This can happen if the online wine shop has zero-knowledge architecture, which can validate her age, without giving away the ‘secret’ (i.e. that she is actually 45 years old).

 

Interesting, But Why Does This Matter?

 

These two examples give us a basic understanding of what a zero-knowledge proof is and how it can help maintain privacy. In essence, zero-knowledge is a method of one party proving to another party that they know a value without conveying any additional information. So how can this be applied to some of the real-world problems that are challenging society today?

 

One area where zero-knowledge architecture is especially applicable is the realm of digital identity. With people using their phones and other devices more and more to interact online, verifying digital identities is now crucial to allowing consumers to access online services in a secure manner. Until recently, our online identities were managed in a similar fashion to how our offline identities are—by leveraging a trove of personal information such as names, addresses, social security numbers, passwords, etc. There are three key problems with this model:

 

  • These “honeypots” of personal information are not secure. And as we saw in some infamous data breaches of late, they are a magnet for opportunistic fraudsters.
  • Because these honeypots are so easy to break into, the information held within is often easily available on the black market, rendering it useless as a means of securing online identities. For example: a hacker can simply buy your social security number, type it in and pretend to be you.
  • The information held in these honeypots is also oftentimes out-of-date. Consumers change their phone numbers, move, and make other changes to their lives, and the static information in these giant databases can’t keep up. In addition to not being secure or effective, verifying identities against these troves of static, hackable, often outdated information is a pain in the neck for consumers. Think security questions like ‘What’s your mother’s maiden name?’ While you may remember that, you might not remember the answer you provided to the question ‘Who was your favorite teacher?” These are annoying time-consuming authentication practices for consumers and are easily hackable by fraudsters.

 

Most digital identity experts agree that our online identities cannot and should not continue to be managed using this “old” non-secure way of doing things. So what should the “new” way be?

 

Passive, Private & Minimalist

 

Passive identity authentication, which analyzes secure, dynamic signals instead of relying on static information, is being adopted by more and more forward-thinking Fortune 500 companies. True to its name, this type of technology often removes the need for the consumer to take any action, and instead uses signals from their mobile or other device to instantly complete the authentication. Removing the consumer from the process not only takes away opportunities for fraudsters, but also makes things easier and more frictionless for users.

 

But what about privacy? In the past, concerns have been raised about how passive authentication companies leverage dynamic signals. Oftentimes, these signals come from authoritative sources, known as Identity Verifiers, such as mobile network operators or banks. The main concern around this model is that the Identity Verifiers must often pass the signals outside of their systems to the company that is doing the passive authentication. This leads to a question of whether the signals are indeed secure and private, or whether they can be intercepted during that transfer.

 

The solution to this problem lies in the fact that the company that is asking for the results of the identity verification (a.k.a. the Relying Party) really only needs a ‘Yes’ or ‘No’ answer. Is this really my customer trying to interact with me, or someone else? Does this customer meet my criteria or not? They don’t need to know any personal information about the customer beyond what is minimally required, and because of privacy, they shouldn’t want to. This is a real-world scenario where less knowledge is desired: the perfect application for zero-knowledge.

 

So going back to the example with Maya who is purchasing wine online, with zero-knowledge architecture, a green ‘Yes’ signal, indicating that Maya is old enough to purchase wine,  will be sent to the wine site. The only information the wine shop will know is that she is 21 or older; her real age will never be revealed.

 

Payfone has been using a Zero-Knowledge framework for our clients (who are Relying Parties) since 2015. By employing zero-knowledge, we  are able to answer our clients’ question of whether their customers are who they say they are with either a Y/N answer or a score, and without having to pass additional and unnecessary attributes that could compromise our clients’ commitment to ’ consumer data privacy.

 

Earlier this month, we announced that we are now extending our Zero-Knowledge architecture to Identity Verifiers and Service Providers (the companies that provide the dynamic signals that we analyze to decision on identity). Identity Verifiers (such as mobile network operators) who are serious about protecting their customers’ data privacy can adopt our Zero-Knowledge framework to continue to participate in doing their part to safeguard customers against fraud while minimizing the amount of information that needs to be passed outside of their walls to do so. This also mitigates the risk of data leakage.  

 

What Are the Benefits for Consumers, Relying Parties and Identity Verifiers?

 

The consumer benefit of Zero-Knowledge is that it minimizes the need to pass personal information about a person in order to verify their identity for security purposes. That means a more secure and convenient digital customer experience that is also more private.

 

Relying Parties can benefit by getting the answers they need to protect their customers and companies against fraud, without opening themselves up to additional data breach risks or exposure.

 

Identity Verifiers can benefit by continuing to participate in thwarting fraud by allowing passive authentication companies to leverage their signals, without having to worry about exposing their customers to data privacy risks.

 

At Payfone, we believe that thwarting fraud does not need to come at the expense of convenience or data privacy. Our Zero-Knowledge architecture is helping Relying Parties (Brands) and Identity Verifiers to manifest this belief.

If you’re interesting in learning what drives our innovation around consumer privacy, please visit our Bill of Trust, and watch our webinar about Zero-Knowledge and driving better, more secure customer experiences.

Why do fraudsters love it when companies have a siloed approach to identity authentication?

 

PYMNTS explored this question in an article this week that focused on how enterprises can thwart fraud and improve the customer experience by breaking down organizational silos, or the walls between departments that become obstacles to sharing knowledge or accomplishing goals. The post, which quoted David Barnhardt, executive vice president of product at GIACT, touched upon several points that we think are worth summarizing for anyone interested in optimizing their company’s identity authentication and digital trust framework and not surrendering the customer experience to fraudsters:

 

  • Barnhardt explains that approaching the job of identity authentication and fraud prevention from separate departments rather than as a whole company all too often makes things easier for criminals who can use the lack of communication between departments to their advantage. “Look at the enrollment group, tasked with protecting the front door,” he explains. “Then they hand off responsibility to another group to manage the ongoing customer relationship.”
  • Just as the task of protecting customers against fraud should be a holistic and continuous effort, we need to shift our view of identity from something that is static (social security numbers, physical addresses, and knowledge-based security questions) to ongoing and dynamic. This can be accomplished by implementing next-generation tools such as continuous and persistent identity through anonymized ID tokens and a zero-knowledge architecture that can combat fraud more effectively by giving real-time insights into whether a person really is who they say they are when completing a digital transaction.
  • This concept of a holistic view also highlights the need to bolster identity authentication with multiple verifiers of identity rather than just one or a few sources. Fraudsters exploit systems with limited identity verifiers because they are much easier to infiltrate or trick. Going back to the need for persistent identity, some identity verifiers will also have outdated information that could make it easy for scammers to break in, whereas having a number of backup identity verifiers with up-to-date information would decrease the chances of that happening.

 

In the grand scheme of things, all of these considerations will lead to higher customer satisfaction and engagement by offering customers a secure, seamless and end-to-end experience rather than just one-and-done transactions.

So how do your identity authentication processes and experiences stack up? Do they tick these boxes?

☐ Persistent: Do they create a unique and persistent identity token for each customer that allows for continuous identification across business units and channels?
☐ Private: Do they protect your customers’ data privacy by replacing their personal information with an anonymous encrypted token?
☐ Passive: Do they allow for a fast, frictionless and fraud-free customer experience where the customer does not need to take any action (such as typing in an SMS passcode or answering knowledge-based security questions)?
☐ Pervasive: Do they start with your marketing team and touch every functional team in your organization?

For the full article, visit PYMNTS