- United States
-
Global Sites
Experian insight for your agency
Taking a risk-based approach to cybersecurity
Due to growing public demand, e-government directives, and the need for greater effectiveness and efficiency, agencies are increasingly asked to facilitate easy and secure online access to constituent services. However, many existing authentication standards and processes will fail to support this increase in e-government demand and opportunity. Going forward, agencies must employ highly predictive identity proofing techniques designed to segment true, low-risk identities from those that are manipulated, fabricated or in true form subject to fraudulent use, abuse or victimization.
It is imperative that identity proofing and subsequent credentialing are founded in a risk-based approach to authentication. Rather than implementing a rules-based program — one in which individual conditions, either positive or negative, are identified, detected and used in isolation — a more holistic, risk-based approach is critical. Specific fraud rules typically are not “silver bullets” that ensure the presence or absence of fraud risk or activity. Such binary rules are more often associated with high false positives and false negatives and often show little predictive value in separating fraud from nonfraud. In contrast, risk-based authentication assumes that no single rule or even set of rules provides a comprehensive view of a customer’s identity and associated fraud risk.
A risk-based systematic approach employs a process by which a comprehensive set of diverse data sources provides for highly effective fraud prediction models, scores and detailed results. Institutions make relationship and transactional decisions based not on a handful of rules or isolated conditions, but on a holistic view of a constituent’s identity and predicted likelihood of identity theft or other forms of identity misuse. Additionally, risk-based authentication enables agencies to segment and focus on the areas most appealing to fraudsters and identity thieves.
Risk-based authentication is a widely adopted best practice in private-sector markets such as credit card, personal lending, banking and mortgage. The inherent value of a risk-based authentication approach is the ability to strike a balance between facilitating customer-friendly online access and protecting your agency and the identities of your constituents. As e-government customer demand and opportunity increase, so too will the need for risk-based authentication.
To learn more, download Experian’s white paper entitled A risk-based approach to agency identity proofing: Experian’s lessons learned and best practices for government.
For more information, contact your local Experian Government Services representative, email us at government@experian.com or call 1 888 414 1120.