Are you worried about the safety of your personal information in the modern world?
Hackers and scammers are everywhere now, and your personal information is shockingly pervasive on the dark web, including passwords, account numbers, answers to your “security” questions and even highly sensitive info like you social security number, credit cards, birth date…and even possibly your complete health record.
Everyone needs to be diligent about protecting their sensitive information, but it can seem incredibly overwhelming. Let’s go through five common ways to verify identity online and discuss their relative merits.
1. Two-Factor Authentication
This is a fairly standard method of identity verification, also sometimes referred to as 2FA or multi-factor authentication (MFA). Basically, what it means is that a user has to provide some piece of information on top of the password and username for their account.
Often, for example, a user will receive an email or text message with a one-time code. By entering the code alongside their username and password, they can enter their account.
This stops people from simply stealing your information – since they have to have your phone or email as well. However, if they already have that information, it is not overly difficult to get access to your phone or email.
2. Knowledge Authentication
This is the most common form of authentication with about 90% of companies, where a website asks you for a particular piece of information that only you should know. Often, it is something like the name of your first pet or your mother’s maiden name.
This form of identity check is quite limited because information can easily be hacked and stolen. According to the latest data, about 60% of the time, a fraudster can pass these simple hurdles, whereas about 30% of the time, the actual person makes a mistake.
3. Credit Bureau Authentication
This is where a credit bureau that has your personal information is able to verify your identity on your behalf. There is an IRS verify identity service that allows you to do this.
This is a secure method to verify ID, but it takes a long time and is not terribly practical and can negatively impact your credit score.
4. Database Authentication
In this method, databases such as social media help to verify identity. The user will enter some information from another platform – for example, Facebook or Google – before proceeding.
The problem with this method of identity verification is that there is no way of knowing that the database information has not been stolen. It can also provide your personal data back to the verifier, like Facebook, which makes some people uncomfortable.
5. Zero-Knowledge Proof
This is the most advanced method of verifying an identity available. It uses cryptographic approach to prove that something is true without revealing the actual information to the verifier. For example, a bartender need only to know that you are over 21 years of age to serve you a glass of wine. Today, people prove that information by handing over a driver’s license, which contains LOTS of personal information, like your whole name, address, date of birth and your image.
With a Zero Knowledge Proof, a bartender would only see that you are indeed over 21, and your private information remains private.
The Zero Knowledge Proof is the most privacy-preserving methodology to be authenticated, but is cutting edge, so only a few companies are employing it. There are some very interesting use cases out there – for example, check out what Journey (www.journeyidstage.wpengine.com) is doing in this space to secure interactions between enterprises and their customers.
Verify Identity the Smart Way
Companies and individuals have a responsibility to protect sensitive information. Many times the consumer is at the mercy of the security and authentication methods that companies have employed. If you do business with a company that relies on lax security measures like a simple username and password or other knowledge based authentication, then the responsibility falls to you to ensure you use strong passwords and update them regularly.
If you want to keep your information more secure, then seek out businesses that use more powerful authentication methods like the Zero Knowledge Proof.
It is important that we verify identity with information that is sufficiently secure, without compromising the information itself. This is where zero-knowledge authentication leads the way.
So, why not get ahead of the curve? Update your system with zero-knowledge authentication and grow confidence in your platform. It’s the way of the future!