RSA, The Security Division of EMC (NYSE: EMC), today announced the availability of RSA Identity Verification, a knowledge-based authentication solution that is designed to confirm user identities and authenticate transactions in real-time in order to help UK organisations prevent fraud and identity theft.
RSA Identity Verification can be used during automated self-service activities such as credit card activations, account updates and password resets also to mitigate fraud on high risk transactions such as funds transfer with customers online, on the phone with a call centre or in-person at point-of-sale (POS) terminals.
Uri Rivner, Head of New Cybercrime Technologies at RSA said, "We have conducted several pilots in recent months at UK-based financial institutions. One bank has applied our knowledge-based challenge and response system through more than 2,000 calls a day and estimated that it already prevented over £250,000 worth of fraud. In addition, this bank reported a 10% reduction in the number of operators required to investigate potentially fraudulent calls."
RSA Identity Verification presents a person with a series of top-of-mind questions utilizing relevant facts unique to that individual that are obtained by scanning dozens of public records and commercially available databases. This combination is engineered to greatly reduce the ability for someone other than the genuine individual to provide correct responses.
"With the increase of identity theft in the UK, it is important that organizations create a strong cross channel (online, call centre & POS) identity verification strategy", said Graham Titterington, Principal Analyst, Ovum. "The use of knowledge-based authentication to verify a consumer's identity represents a practical approach to reducing fraud, especially when an organization does not have an established relationship with the consumer and face-to-face verification is not practical."
RSA Identity Verification is powered by RSA's Intelligent Questioning technology which is designed to logically develop correct and incorrect answers in real-time. This instantaneous matching reduces the average time to complete authentication through a call centre and enables businesses to balance identity protection and consumer privacy whilst keeping the customer experience front-of-mind. RSA Identity Verification also provides improved accuracy in authenticating users by measuring the level of risk associated with an identity. The system can be configured to address high-risk identities or transactions by adjusting the difficulty of the questions during the authentication process.
The transaction-based architecture does not require additional software or hardware and deployments are easily configured to meet business and security requirements. Additionally, because data maintenance is not required, organizations are able to manage costs while still ensuring an additional layer of security during the authentication process.
Sam Curry, Chief Technologist at RSA said, "With speed, accuracy and simplicity, our customers can reduce fraud losses, maintain regulatory compliance and deliver exceptional levels of customer satisfaction. It is critical that valid requests pass the authentication process because failure leads to customer dissatisfaction and increased call volumes to the call centre".