Digital transformation has accelerated at an unprecedented pace since the COVID-19 pandemic began, with companies investing in digital transformation by implementing new digital use cases. In fact, as far back as 2020, a McKinsey study estimated that during the first 2 months of the pandemic, digital adoption accelerated by seven years.
To offer the type of digital-first experiences with instant results customers demand, it’s critical to understand the customer journey — the different paths a consumer can follow while doing business with a company — and optimize those experiences by identifying and eliminating pain points at various stages and on various platforms. The customer and even the employee experience is central to this discussion.
Yet in their rush to adapt to a new digital-first world many organizations take the wrong approach, especially in the key area of identity and access management (IAM) and the use of biometrics. Early-to-market biometrics solutions galvanized high levels of interest and introduced new and unique use cases, especially pre-pandemic. Early adopters of biometrics, however, often experienced the impact of poorly designed architectures which lacked the full solution set of capabilities required for highly customized and industry-specific use cases, each with their own unique identity requirements. More often than not, poorly designed and incomplete identity offerings can actually increase customer friction, create management problems and increase corporate risk. Post pandemic, businesses require orders of magnitude improvements in biometric performance, security, compliance and privacy to fully realize the potential of digital transformation in practice.
There are seven important principles that should be foundational to every biometric identity-based initiative, from finance and fintech to manufacturing, hospitality, logistics and entertainment.
First, Remove the Human Element
Manual methods for identity verification are slow and inaccurate and expose personal data to privacy issues. Even when used infrequently manual methods are likely to result in a poor user experience and longer verification times. By any measure, biometrics processes should be seamless and improve performance at least fivefold. Best practice is a fully automated cloud-based AI platform that doesn’t require manual, human-centric assessments in remote call centers operated by contractors.
Accuracy Matters: Eliminate Bias
Poorly designed biometric systems can produce false positives, increase fraud risk and if uncorrected, and disadvantage certain groups of people by limiting their ability to leverage digital services. Biometric bias is caused by both inputting biased data into the platform and biased analysis of that data once it’s in the platform. Correcting for biometric bias with advanced machine learning while limiting manual human verification is the best way to eliminate human bias.
Don’t Hoard Data
Storing biometric data permanently should be avoided as much as possible. If requirements exist to store information, storing data-at-rest should avoid plain text and be in a hashed or encrypted format. This is an important step to meet the compliance requirements for identity verification and authentication while preserving the privacy of the underlying data.
Leverage Government Partnerships
Through agreements with government agencies, biometrics and identity verification solution vendors can remotely validate an identity without compromising the privacy or security of the underlying data or individuals. Instead of accessing the data directly, interactions can be limited to a query string of quick and secure affirmative or negative responses (yes/no). The result is greater data privacy and security for both the agencies and their users.
Limit Data Handoff to 3rd Party OEMs
Rather than relying on an elaborate mix of disparate third party OEM technologies, biometric platforms should be purpose-built, fully-integrated modules that create seamless flows. This critical architectural approach not only guarantees pricing and product innovation, it limits the movement of identity data. Data should not be stored, handled, or processed in subcontracted vendor environments that can not be audited or verifiably secured.
Process at the Edge
Biometrics processing should be at the network edge, on the device and not in a central location. Today’s highly decentralized businesses need high performance low-latency verification that is fast, while also ensuring privacy is maintained by keeping the data closer to the user and out of third-party environments.
Deployment Options to Empower Flexible Controls
For optimal flexibility and use case coverage, an identity proofing solution should be able to support every stage of an organization’s digital transformation journey. This means multiple deployment options including on-premises, SaaS, private cloud, or hybrid.
Click here to access our complete guide.