Activities that used to take a lot of time, like opening a bank account, checking in for a flight, and accessing government services now only require you to submit your ID, while technology takes care of the rest.
But the evolution in tech never stops. Where is identity verification (IDV) going? What elements are essential for IDV to remain competitive in the ever-changing landscape?
Let’s explore the key trends shaping the future of identity verification together.
If you’re interested in monitoring how the industry changed, also have a look at the identity proofing and verification trends we published last year.
1. New use cases for IDV: Flexibility and customization
The role of identity verification has expanded beyond conventional KYC procedures, and it is reflected in identity proofing and verification trends. Now, businesses across various industries use identity verification as a robust anti-fraud measure and a tool to enhance the customer experience. It safeguards access to car-sharing services, insurance, medical facilities, gaming platforms, and more. HR departments use it for remote hiring, while marketplaces employ it to elevate trust, and using IDV for account recovery is becoming increasingly common.
According to a survey initiated by Regula and conducted by Sapio Research at the beginning of 2023, 91% of businesses worldwide plan to increase their IDV spending within the next one to three years. This growing popularity means IDV vendors will have to develop new features and enhance the capabilities of existing IDV technologies.
Also, many businesses need customized solutions to meet their unique requirements. Identity verification should be a flexible process that can adapt to any task or workflow, so IDV solutions should be up for the challenge.
Despite the widespread adoption of identity verification by businesses, many organizations do not prioritize this process. The challenge lies in the lack of human and technical resources to implement complex solutions. According to Regula’s survey, 40% of organizations identify the complexity of the technology as a major barrier to deploying IDV solutions.
Therefore, it's also crucial to consider the ease and speed of deploying and integrating an IDV solution into an existing infrastructure.
2. Mass migration: Recognition of an extended variety of IDs plus language support
The rise of digital nomads has prompted organizations worldwide to revamp their identity verification processes to accommodate this growing community while maintaining robust fraud prevention measures.
The survey revealed that Financial Services companies have witnessed an influx of foreign document verification cases, with 80% reporting an increase, especially in countries like France (86%), Turkey (86%), and the USA (85%).
To effectively verify foreign IDs, organizations need special knowledge. They can obtain it either from a forensic expert (however, this is not an option in many cases) or by choosing an IDV solution.
The point is that identity verification solutions refer to document templates and knowledge databases when proving the validity and authenticity of documents. The more comprehensive and detailed such a database is, the better. Security features vary from document to document, so it’s hardly feasible to recognize and detect them all without a comprehensive database from a reliable vendor.
In addition to handling a broader array of IDs, organizations are addressing language barriers. Regula’s survey found that 70% of digital nomads encounter language difficulties during the verification process, affecting 36% of business decision makers.
This has led to an increased focus on language localization for IDV solutions' user interfaces, despite the associated costs. If users can enjoy an IDV experience in their native language, retention rates tend to soar.
3. Deepfakes and modified IDs: Liveness-centric approach
The absolute majority of organizations globally share concern over sophisticated identity fraud, including AI-generated deepfakes. Around 80% of companies participating in Regula’s survey mentioned voice and video deepfakes as a real threat that they expect to grow in the next two years. This is especially true for US organizations.
While a foolproof method for identifying deepfakes is yet to be developed, some existing technologies can help address this issue effectively. Deepfakes often exhibit anomalies, such as inaccurately rendered shadows and odd backgrounds. Similarly, forged documents lack optically variable security features, and fail to display specific images at certain angles.
To maximize security, it’s recommended to work exclusively with physical objects: no scans, no photos—just real documents and real people in real time. In remote settings, liveness verification for both documents and individuals is crucial. Biometric checks confirm the presence of an actual individual, while special technology for document liveness verification ensures the authenticity of an ID.
Both liveness verification methods involve simple movements from the user, like rotating their head and moving their ID. In the case of document liveness detection, the technology verifies the dynamic security elements of an ID. As a result, such checks make it possible not only to determine that it’s the same person or document as claimed, but also to make sure that they are real, not synthetic or computer-generated.
4. One-stop shop: Single-vendor solution for document and biometric checks
Gartner describes the identity verification process as a holistic approach that covers five consecutive steps:
Document image capture
Document assessment
Document data extraction
Selfie image capture (with checks to eliminate a presentation attack)
Face comparison
In other words, Gartner recommends covering both document and biometric checks within a single IDV process. This makes identity verification easier to implement, and makes it possible to do it in virtually one click, thus improving user experience. Plus, it contributes to more effective identity fraud prevention through extended authenticity checks.
Regula's survey reveals strong alignment with this vision, as nearly one-third of organizations worldwide express a demand for a single-vendor solution.
With plenty of various IDV solutions on the market these days, an organization may easily settle the issue by combining any kind of technology. However, mixing different vendors will either create a complex infrastructure that requires a lot of attention and input to make it operate smoothly, or will result in a technology clutter that is hard to support and update.
5. Scan quality as a new priority: Automated IDV
“Submit your passport page photo.” This is how the user journey starts during almost any remote onboarding process. What can go wrong?
In this situation, the reliability of identity verification heavily depends on the user's device and their accuracy at taking photos. Issues like low-quality cameras, poor lighting, glares, or skewed images can make it difficult to read the information, potentially leading to verification errors or repeated photo retakes. Both variants will very likely frustrate both users and organizations alike.
Indeed, the speed of identity verification matters not only to customers but to organizations as well. According to Regula’s survey, the speed of document processing and the accuracy of the results are considered the most important factors for every third company.
Given these high expectations, IDV solutions must automate document capture as much as possible. They should guide users through the process using detailed prompts: how to position the document correctly, how to shoot it at the right angle, how to ensure there’s no glare, etc. Also, robust IDV software should automatically recognize the document type and its country of origin, relieving users of extra data entry. This may sound like a minor detail, but it’s a real game-changer. Eventually, all these details shape digital identity verification trends.
6. E-documents here to stay: Zero trust to mobile
Electronic documents have started prevailing, with more countries introducing them year after year. The NFC chips inside store personal data like name, gender, photo, signature, and fingerprints—all cryptographically secured and signed with a certificate of the country of origin. This makes counterfeiting electronic documents a much harder task.
Accessing chip information typically involves special devices commonly known as passport readers, or NFC technology built into mobile phones. However, using mobile devices carries risks, as fraudsters can potentially intercept and modify verification results, especially in remote scenarios. To address this, a top-tier IDV vendor should employ a zero-trust-to-mobile approach, re-verifying data on a server to ensure chip authenticity and data integrity, and applying the same double-check to all document data.
For instance, Regula's solution allows chip reading sessions to be re-verified on the server side right after the checks conducted on mobiles. Results are stored on the organization's server, providing a secure and reliable method for electronic document verification.
7. An alarming surge in identity fraud: Authenticity cross-checks
Preventing identity fraud remains the main driver for implementing an IDV solution: 43% of respondents in Regula’s survey marked this as a top priority. This choice is well-founded, considering the increasing sophistication of counterfeit documents and identity theft schemes.
To ensure the effectiveness of an ID verification solution in fraud prevention, vendors must go beyond basic checks, and this is another digital identity verification trend. The ability to conduct comprehensive cross-referencing and biometric checks is key. This involves meticulous comparisons of data and photos from various document elements to confirm they match.
Such an approach helps to spot any inconsistencies that may indicate fraud. For example, a fraudster can substitute an ID holder’s portrait with another one to bypass verification. Still, they will likely fail to do so with secondary or ghost photos that are present in the document as holograms, lenticular images, etc. Biometric facial comparison also augments document authenticity verification—portrait cross-checks will reveal this mismatch and thus prevent possible harm.
8. IDV to be regulated: IDV providers must comply
Striсt regulations of personal data treatment have become the norm. Regardless of their sector, organizations must adhere to national and international guidelines when handling personal information. Organizations that have IDV processes established will also most likely fall under this regulation.
Currently, IDV itself is now falling under regulation. For instance, in the EU, the European Banking Authority has introduced Guidelines on the use of Remote Customer Onboarding Solutions, a topic which we covered recently.
Although the main goal of this initiative is to address the fragmentation in the Digital Single Market for financial services among all participating countries, the initiative has far-reaching implications. With so many businesses and spheres turning to remote identity verification, it’s crucial to define the main principles and rules that should regulate such an important and sensitive process.
This regulatory trend is likely to become global, impacting IDV solution vendors as well. They will be forced to ensure that their technologies comply with these evolving regulations.
9. Next step: Digital passports?
Digital identity trends are also gaining momentum. There is currently a lot of talk about digital identity documents, portable identity, and other non-physical forms of IDs that await us all in the near future. Indeed, we’re seeing that some countries (for example, Finland) have started piloting the concept of digital passports.
However, it's essential to differentiate between electronic IDs and digital IDs, as they aren't synonymous.
Electronic identity documents are physical items like passports, ID cards, or driver's licenses, featuring RFID chips for added functionality. In contrast, digital identity documents are meant to exist solely in digital form, residing as data on a smartphone or a similar device. The core idea is to enhance the convenience of verification through technologies like built-in mobile NFC, as well as reduce the risks of document forgeries. However, as of now, digital documents often require backing up with traditional hard copies, with individuals providing physical documents when necessary.
Digital ID is a logical step in identity document development, but it currently seems to be more of a local thing, due to its close connection with government databases. Fully digital IDs may probably work effectively within specific countries, or even for supranational unions like the EU. However, achieving a globally accepted, fully digital ID system in the near future appears challenging, as it necessitates significant cooperation and trust among participating nations.
A more likely scenario is a hybrid approach, where organizations need to verify both physical and digital IDs. In theory, the principles that work well for remote verification of physical IDs can also be adapted for digital IDs.