Apr 6, 2022
Digital authentication methods: choose the best solution
When offering digital services, it is most common for companies to create platforms or private websites that require customer registration. Authentication is the gateway to these services and enables the digital identification of users.
As there are several customer authentication methods on the market, choosing between one or the other is an important decision that must consider both data security and ease of use for customers and employees.
In this post we explain what digital advanced authentication method is and which are the most secure customer authentication methods so that you can choose the best solution for your company.
What is digital identity authentication?
Digital identity authentication, or online identity authentication, is an electronic process that enables a natural or legal person to identify themselves and verifies the integrity of data. Prior to authentication, the customer must register in the system (customer onboarding process), which requires the company to verify his or her identity.
Advances in digitalisation have meant that processes that previously required the sending of documents or being in person at an office can now be carried out completely remotely. Our VideoID technology is a clear example of this system, as it allows the onboarding of customers remotely and in just a few seconds through an automatic process equivalent to face-to-face.
Read more in the article VideoID, the new standard in remote video identification.
Once registered in the system, the user will be able to access the system by proving their digital identity. Whichever online identity authentication methods are used, the platform will have one or more of these factors:
- Something that the user knows and only the user should know (passwords, security phrases).
- Something that the user has (a token device or a card containing an electronic signature).
- Something the user is (biometric traits).
The two-factor security authentication method is typically used in services that handle sensitive data, such as financial services or e-commerce. The username and password are used as the first level of identification to access the platform, be it an e-commerce, a bank, an insurance company…
When carrying out a transaction (a purchase, a transfer, etc.) a second identification factor will be required, including facial recognition or the use of numerical authentication methods, such as one-time keys. These are two of the options offered by our Electronic Signature solution (simple, advanced or qualified).
Learn how to gain competitive edge thanks to a fully digital and compliant onboarding in this whitepaper.
EU guidelines (eIDAS and AML) concerning authentication methods
The protection of data security and privacy and the regulation of electronic transactions are two issues that fall within the remit of the European Union that affect digital identity authentication methods.
The European electronic identity recognition regulation eIDAS (electronic IDentification, Authentication and trust Services) is mandatory for all EU member states and regulates electronic signature systems and the services of trusted providers of identity verification, authentication and electronic signature methodologies (such as Electronic IDentification).
If you want to know how the eIDAS regulation affects the financial sector, this article is a must read.
Another basic directive is the 5AML (Anti Money Laundering Directive), which states have transposed into their national legislation. The AML sets out guidelines to prevent money laundering.
One of the measures to be considered by companies is the obligation to identify the real owners of digital services. In other words, to avoid identity fraud, a company must make every effort to get to know its customers and check that they are the ones using its services (KYC or Know Your Customer processes).
Failure to comply with the 5AML is heavily sanctioned, with fines of up to five million euros, 10% of turnover or the cessation of the company’s activity.
Authentication methods using electronic signatures
The electronic signature is one of the best-known customer authentication methods and has the advantage of being used in all types of transactions, both with a private company and in procedures with the public administration. It provides the user with a mechanism for identification that is equivalent to face-to-face identity verification and allows the user to sign contracts or make requests.
An electronic signature is a set of data that can be used as a means of identifying the signatory. The eIDAS Regulation identifies three types of signatures according to the degree of confidence in the identification of the user: simple, advanced and qualified. Each has its specific uses.
Do you know how electronic signature contracting processes work? We explain it in detail in this article.
Simple Electronic Signature
Of the three types of electronic signature, the Simple Electronic Signature is the easiest to acquire, but also the one that offers the least degree of trust regarding whether the user is who he/she claims to be. The eIDAS provides a basis on which its legal admissibility cannot be denied.
Advanced Electronic Signature
An Advanced Electronic Signature makes it possible to identify the signatory and to detect any subsequent changes to the signed data.
According to eIDAS, an Advanced Electronic Signature fulfils the following requirements:
- It is uniquely linked to the signatory
- It allows the signatory to be identified
- It has a high level of trust because it is under the signatory’s exclusive control.
- It is linked to the signed data, so that any subsequent modification of the signed data can be detected.
Qualified Electronic Signature
The Qualified Electronic Signature provides the highest level of security of the three and its legal value is equivalent to that of a handwritten signature. It is even more secure than the handwritten signature.
Biometric authentication methods: how to choose
Biometric authentication methods rely on detecting a person’s unique traits and comparing them with a previous record to confirm identity.
It is tempting to choose a single biometric digital identification solution that is valid for all businesses, but the truth is that each company must choose the one that suits them best by analysing the pros and cons of each.
In any case, the choice can be made based on these criteria and always assuming that you are dealing with reliable providers:
- Flexibility: The different points of contact between the customer and the company may require several different authentication methods. It is not necessary to offer all the systems on the market, but as many as necessary.
- Ease of use: The solution must be accessible and intuitive for all users, both customers and the professionals in charge of its development and supervision.
- Integration: The chosen service has to be compatible with the company’s platform through an API that is easy to implement. It must also facilitate the automation of processes before and after authentication.
Learn more about how facial biometrics works as a second authentication factor.
Voice recognition is based on the identification of the voiceprint, which is unique to each human being. This is because the physiological parameters of individuals (length of the vocal cords, shape of the oral cavity, position of the teeth) form a unique set that generates a specific and isolable sound wave.
Voice biometrics is very convenient when it can be used in an enclosed and silent space. As a customer authentication method, it is a very secure system, but recognition can be affected by background noise or speech problems.
Fingerprint identification is the most established biometric identification system. As with voice and face, fingerprints form unique and recognisable patterns.
An increasing number of mobile phones have integrated scanners for fingerprint identification. In computers and other devices, the technology is not yet as widespread, although it is expected to become more so.
Video authentication methods
Video identification is the only process recognised by eIDAS to enable remote customer onboarding and is used both in the financial services sector and in some government institutions. Other forms of facial recognition, such as the selfie, are not as secure because the static image is more susceptible to spoofing or impersonation.
VideoID‘s artificial intelligence algorithm reduces the authentication method to minutes, preventing fraud in real time. Our SmileID solution allows you to complete a purchase or sign a contract with a smile.
At eID we are at the forefront of digital advanced authentication methods. If you want to protect your users while improving your conversion rate, request a meeting with our team of experts who will advise you without obligation on the best solution for your business.