NOTE: This is a reprint of an article originally published by Alex Kilpatrick in February 2015 on a different blog. We are reposting them on the Blink Identity blog because these issues are important and we want to keep our writing on these issues in one place.
In this post I would like to make an argument that the identity verification is about economic trade-offs – basically the cost of a mistaken/fraudulent identity, compared to the cost of the ID verification process itself (friction). Implicitly, or explicitly, identity systems always have to balance these two factors, making this an economic process. Generally, these two factors are inversely related – stronger identity requires more friction.
I can come up with a near-perfect system, but it will have so much friction that no one will want to use it.
Let’s look at three different identity scenarios from my real-life experiences:
Scenario 1. Forum Registration
I registered for an account at http://www.home-barista.com, a site catering to espresso enthusiasts. In order to register, they really required no identity verification. However, they did want an email address and they verified that the email address was valid. They really don’t care about my identity at all, but they do need an identity pointer in order to keep track of what I have seen, register my posts to my name, etc. This is pretty typical of most online ID verification currently.
Strength of identity: Weak
Cost of a false identity: Very small – false identities can be used by trolls, or to shill products
Friction: Very Low – identification just takes a few seconds, using a familiar, easy process
Scenario 2: Credit Card Purchase
One of the stores I shop at requires a driver’s license for credit card purchases. I have to assume this is because of issues they have had with fraudulent credit cards. By looking at my driver’s license, they can verify that I am the rightful owner of the card, and not using a stolen/fake card. It’s not a bad identity check.
Strength of identity: Strong
Cost of a false identity: Medium – False charges, chargebacks, more expensive credit card processing
Friction: Medium – I find this process annoying and would shop somewhere else if I could
Scenario 3: TSA Pre-Check Registration
This is the highest security I have seen recently. As part of the TSA Pre registration process, I had to provide 2 strong forms of identification – a driver’s license and a passport. Generating both of these as fake documents would be expensive and risky, so this provides strong identity assurance to the TSA.
Strength of identity: Very Strong
Cost of a false identity: Very High – Pre participants get less screening at airports, so this could be used as an attack vector by terrorists
Friction: High – Having both of these documents is a non-trivial barrier to entry. 50% of the US population doesn’t have a passport
Identity mechanisms are incredibly varied, providing a range of strengths at a cost of collection/inspection. DNA is probably impossible to fake, but it is one of the most expensive (~$100) and most invasive procedures. A driver’s license is pretty difficult to fake, but nontrivial to verify. Email addresses are easy to fake, but easy to verify. Here are some identity technologies listed from ascending order of strength (and generally descending order of friction):
- Iris images
- Face images
- Driver’s licenses
- Personal recommendations
- Phone numbers
- Social network profiles
- Phone numbers
- Email addresses
When people, companies, or organizations make a choice about a particular identity mechanism, they are making an economic decision. Every mechanism has a cost – by requiring identity there is a customer friction and some customers will just give up. But fraud allowed because of weak identity also has a cost. These costs have to be balanced – a perfect identity system will have so much friction that it will allow no customers and a frictionless identity system will allow plenty of customers, but unlimited fraud.
The interesting thing is that you are making this trade-off whether you are aware of it or not. The best thing you can do is make sure you are making the decision purposefully. Why are you using a particular identity mechanism? Is it really helping fraud, or is it just making your legitimate customers mad? If you have too much fraud, and you institute a particular identity mechanism to combat it, what happens to your adoption rates?
There is no right answer, but you can make this economic decision based upon data, and not just blind intuition.