Identity theft in numbers
Almost 42 million people fell victim to identity theft in 2021, costing consumers $52bn in total losses. Given the increase in the number of people using the internet as a result of the pandemic, criminals had many more opportunities to obtain their victims’ personal identity data. And these figures are only increasing, because just as digitalisation moves forward, so fraud attacks have become more sophisticated and varied.
Websites, emails, text messages, calls, all seemingly innocuous and professional, make it increasingly difficult to identify that behind them is social engineering. Social engineering-based fraud covers all the methods used by criminals to exploit a person’s trust to obtain either money directly or indirectly by utilizing stolen confidential information .These attacks account for 93% of security breaches.
Other less well-known types of attack
Presentation attacks involve the use of screens and documents to create fake identity documents using digitally presented images. Such attacks are becoming more common because many onboarding systems are unable to effectively detect them on time.
Whaling is an identity theft technique that targets high-level executives in certain companies to gain access to their banking information or credentials. The content of the emails used in this attack is often designed to resemble a legal summons or a client complaint, among other executive-level problems. This type of attack may also pave the way for an APT attack in the organisation..
Verification as the solution and advantages over other procedures
Digital identity verification using facial, periocular, fingerprint, voice, or behavioural recognition can resolve this issue, provided that it is supported by fraud-proof artificial intelligence.
For example, the latest artificial intelligence enables Facephi’s biometrics system to conduct a highly precise liveness test to detect sophisticated attacks using photographs on paper, screens, or masks. The passive liveness system is quite robust. It can detect complex attacks, which are impossible to detect with the human eye, and can do so without causing the user any inconvenience. Additionally, there is also direct access to government databases in place to accurately compare the document submitted by the user and the one previously registered. This can easily detect differences, no matter how small.
The importance of identifying people rather than data carriers has long been acknowledged by governments and security bodies, and that is why these institutions have been using biometrics for over 30 years. The pressing need to use such tools is now starting to gain widespread recognition.