Unfortunately, protecting online transactions and preventing fraud is becoming more difficult. Commonly used identity verification methods like knowledge-based verification (e.g., “Which street have you lived on?”) and approaches that only look at a single element for verification (e.g., an email address, phone number or driver’s license) no longer provide adequate protection against fraudsters. Cybercriminals can easily defeat these methods, leading to hundreds of billions of dollars in fraud loss from government programs, according to the Federal Trade Commission.
Weak and outdated identity verification methods aren’t just risky — they’re frustrating for the public. Less than a third of constituents responding to a new Center for Digital Government (CDG) survey said identity verification for state government online services was very easy. More than 25% of constituents aged 18 to 24 rated the process as somewhat difficult or very difficult.
As state and local governments expand digital services, leaders and policymakers need to advocate for and invest in holistic, multilayered identity verification methods to prevent fraud and give constituents easier access to resources they need.
National survey findings
In December 2023, the Center for Digital Government surveyed 2,008 people, ranging in age from 18 to 75+, on topics related to online government services, identity verification and fraud prevention. CDG also surveyed 125 state government leaders in January 2024 to understand how agencies are approaching digital identity and fraud prevention.
Key findings included:
- 63% of constituents prefer to conduct all or most of their interactions with state government online. Only 15% prefer to conduct few or no online interactions.
- The most common digital interactions with state agencies included renewing auto registrations and driver’s licenses; applying for health and human services benefits; and performing administrative services such as applying for licenses/permits, registering to vote, and filing and paying taxes. Only 31% of constituents said identity verification for these services was very easy.
- Many constituents had concerns about potential identity fraud stemming from digital interactions with government programs.
- 66% of constituents support more funding for technology and tools to prevent identity fraud.
Improving experience and lowering risk
State and local government agencies will need to address multiple issues as they move to streamline digital transactions and strengthen fraud protections.
Evolving threats. Fraudsters now use artificial intelligence (AI) to attack government systems. “It’s no longer some guy putting together a fake driver’s license in a basement. Bad actors can create entirely fake, synthetic identities that look real, and they often operate for years before they’re discovered,” says Jen Kerber, senior director of government affairs for Socure.
Barriers to digital equity. Governments must ensure all residents can access benefits and other online services. Commonly used identity verification methods that rely on financial records may fail to verify residents who lack bank accounts or have thin credit histories, effectively locking out legitimate applicants from online services.
Complex regulations and policies. Rapidly evolving legislation around identity verification, privacy and digital equity makes compliance with federal and state regulations difficult. The use of AI for detecting and preventing fraud is also under scrutiny because improperly designed technology may discriminate against certain populations.
Lack of data sharing. Sharing information across departments and programs helps agencies detect fraud. Unfortunately, multiple factors hinder data sharing in the public sector. Laws and policies as well as organizational culture can create data silos, where valuable information stays locked up in a particular program instead of being shared in ways that are useful.
The need for a better user experience. For the public to continue embracing digital services, identity verification processes must be easy to use. Today, constituents often need to enter the same information multiples times, look up or accurately remember answers to knowledge-based verification questions, or upload documents — even for low-risk services like applying for a fishing license.
Modernizing digital identity verification
Consider these strategies as you modernize digital identity verification:
Adopt a holistic identity verification approach. Instead of relying on a single attribute, simultaneously validate multiple aspects of someone’s identity, including documents, devices and behavior. What computing device are they using? What email address are they using? What sort of intelligence can a third-party identity verification service provide about them? Together, these details can help you detect fraud patterns and verify legitimate users.
“Has that user been known to use that phone or email address? Have they used it in Russia before? That behavior in isolation is not a fraud signal, but when you look at it holistically and in context, you can determine what is and isn’t fraud,” says Kerber.
Ensure equity. Legitimate users who don’t have a bank account or extensive credit history should be able to verify their identity as easily as others. Confirm that your agency’s digital verification experiences are equitable and accessible for anyone seeking services and benefits. For example, does your verification process incorporate non-traditional intelligence sources such as mobile payment applications (which don’t require a bank account)?
Provide a simple user experience. Create a digital front door — one place where constituents can find and access all services. Ensure constituents can move easily across communication channels (email, web, phone, in-person), departments and programs.
Be transparent. Tell people how you use and protect sensitive data, and how you use technologies like AI and machine learning. Explain false positives and how people can address them. Describe alternative identity verification processes for people who can’t use your standard methods.
Keep pace with new threats and opportunities. One of the only constants in identity verification and fraud protection is change. Laws and policies evolve, benefits programs expand and contract, new fraud threats emerge — and you need to respond fast. Advocate for technology that removes complexity and makes your agency more flexible and responsive. For example, low-code/no-code development platforms let your agency make changes to computer systems without performing complex and expensive software coding.
For more insights, read our digital identity strategy guide for government leaders and policymakers.
