Zoe Barber
Published on: December 4, 2024
Verification is a cornerstone of security, but it can be a double-edged sword. For organisations, balancing the need for robust identity checks with the demands of usability is an ongoing challenge. Enter progressive verification: a flexible, layered approach that adjusts to the situation’s risk level, offering security without burdening the user unnecessarily.
This method acknowledges a simple truth: not all interactions require the same level of assurance. Signing up for a newsletter should not demand the same scrutiny as transferring funds. By tailoring verification requirements, organisations can maintain trust and safety while keeping interactions as seamless as possible.
Progressive verification builds identity assurance in steps, starting with minimal checks and escalating only when necessary. It begins with the least invasive methods, allowing users to engage with minimal friction. If the risk or sensitivity of an interaction increases, further checks are added.
This approach serves two purposes: protecting users and businesses against fraud while respecting users’ time and privacy. For example, a simple login might only require a password, but a significant transaction could prompt additional identity checks.
The first layer often involves information the user already knows, such as a username and password or answers to security questions. These checks are quick and familiar but increasingly vulnerable to breaches.
Recognising a user’s device adds another layer of security. If a login attempt comes from a recognised device, the process can remain frictionless. A new or suspicious device, however, might trigger further verification steps.
Mobile network operator (MNO) data is emerging as a valuable tool. It verifies a user’s SIM card details, detects recent changes, and validates whether the mobile number aligns with the claimed identity/KYC. This method is particularly effective for preventing APP scams, SIM-Swap fraud, authenticating returning users, and reducing friction.
OTPs sent via SMS or email are widely used for step-up verification. They offer an extra layer of assurance but should be paired with other methods to mitigate risks like phishing or number porting.
Biometric verification – fingerprints, facial recognition, or voice authentication—provides a higher level of assurance. Unlike passwords, biometrics are unique to the individual and difficult to replicate. However, they must be used thoughtfully to address concerns about privacy and data protection.
Physical security keys, such as USB or NFC-enabled devices, are among the most secure methods available. These keys act as a form of two-factor authentication (2FA) and are resistant to phishing, as they verify not just the user but also the website being accessed. They are particularly effective for protecting sensitive accounts or high-risk transactions.
For high-risk scenarios, verifying official documents, such as passports or driving licences, adds significant assurance. Users may be asked to upload images or complete a live video verification to confirm their authenticity.
Monitoring behavioural patterns, such as typing speed or mouse movements, provides a subtle layer of ongoing verification. Significant deviations from a user’s usual behaviour can flag potential fraud.
Progressive verification is not just about enhancing security – it’s about trust. By introducing measures only when necessary, organisations respect their users’ time and minimise frustration. This adaptive approach also ensures businesses can comply with regulations without alienating their customers.
Yet, challenges remain. The misuse of personal data and overly complex systems can erode trust. Striking the right balance between simplicity, security, and transparency is critical to a company’s success.
As user expectations rise, progressive verification remains a pragmatic solution for maintaining secure, seamless experiences. Verify fits into this approach as a low-friction tool along the user journey. It provides businesses with an efficient means of validating identity and assuring age by leveraging real-time insights from mobile network data. This can be particularly valuable in the early stages of progressive verification, where minimal friction is needed to confirm a user’s details.
By cross-referencing a user’s submitted details with data from mobile network operators, Verify adds an extra layer of confidence without introducing the complexity of more invasive methods. It can detect potential fraud indicators, such as SIM swaps, scam signals around APP fraud, or inconsistencies with the mobile number, ensuring businesses have accurate information to assess risk. Mobile network data can also be used to verify the device in session, without the need for an OTP, giving you a more complete picture of identity.
Last updated on December 11, 2024
Verify offers a vast range of data intelligence around a customer’s mobile number. It helps you confirm a customer’s identity to assess the authenticity of a mobile number and identify any suspicious activity
Check out Verify"Phone number verification plays a critical role in helping to detect and prevent online fraud. TMT ID’s TeleShield product provides easy access to global mobile data, enabling us to enhance the actionable results of our MaxMind minFraud® services."
"BTS (Business Telecommunications Services) is successfully using TMT’s Velocity and Live services to check the status of mobile numbers. This way we make sure we optimize the performance of the service offered to our customers and ensure the quality of terminating traffic to all countries.”
"Working with TMT’s TeleShield service has expanded our ability to detect fraud and minimise the risk to our business. TeleShield brings peace of mind and the opportunity to stop fraud before it affects our customers’ bottom line or the service."
"LATRO relies on TMT’s TeleShield to provide the most up to date and reliable numbering qualification information within our fraud reporting tools, enabling us to protect our customer’s revenues and empowering them to defend themselves against fraudulent numbers."
"TMT is a valued partner that enables us to manage our routing costs effectively. They proactively and continuously expand their operator and country coverage while delivering exceptional customer service. We can always count on them to achieve high-quality results and look forward to our continued collaboration."
"TMT provides us with the most comprehensive numbering intelligence data through their fast and reliable Velocity and Live services. TMT is a trusted partner for us, their products ensure that we continue to optimise the best performance and service to our customers."
"TeleShield from TMT gives 42com the power to detect and target telephony fraud scams internationally, thereby protecting our company from the financial and customer experience impacts of telecommunications fraud."
"It has been a pleasure to work with the team at TMT. They have become an essential provider of accurate numbering data information and Number Portability services globally."
"Deutsche Telekom Global Carrier uses TMT ID as one of their key suppliers for Mobile Number Portability Data services. Deutsche Telekom Global Carrier uses TMT ID’s Velocity MNP solution. This is an ultra-fast query service that optimises the routing of international voice calls and A2P messaging."
We provide the most comprehensive device, network and mobile numbering data available
Contact us > Chat to an expert >
