For as long as cyberspace existed, cyber criminals have been lurking in the corners, waiting for opportunities to take advantage of the vulnerabilities of companies and their employees.
Organizations face various challenges related to security, such as identity theft, fraud attempts, and other threats. The outcome of such attacks? Most commonly it’s stolen funds. However, in extreme cases, identity theft can even lead to serious crimes being committed using the victim’s name.
Cybernews invited Rodger Desai, the CEO and Co-Founder of Prove – a company that specializes in phone-centric identity – to discuss how companies can leverage the latest technology to prevent fraud, reduce customer abandonment, and boost revenue.
Tell us about your journey. How did Prove go from an idea to what it is today?
Prove (formerly Payfone) was founded in 2008, during a time when millions of people were locked out of the burgeoning eCommerce market because they did not have a credit card. It’s hard to believe today, but if you did not have a credit card, you could not do something as simple as purchase a song from iTunes without first buying an iTunes gift card. Interestingly, however, these same exact consumers could easily and securely purchase airtime (minutes) on their phone in just a few clicks. So, the question became “how do we utilize existing mobile infrastructure to build a secure payment platform?” After solving for this, we realized that the digital identity component of this equation was even more compelling in and of itself. Our guiding question became “how do we leverage the power of the cell phone and encrypted SIM card to prove that somebody is who they claim to be?” Today at Prove, our identity tokenization and passive cryptographic authentication solutions help over 1000 companies reduce friction from their digital businesses, to accelerate revenue while reducing operating expenses and fraud loss. In 2022, Prove’s solutions are trusted by 8 out of the 10 leading banks, 3 of the top 5 retailers, 2 of the top 3 cryptocurrency exchanges, 2 of the top 3 healthcare companies, and 6 of the top 10 insurance companies in the U.S.
Can you tell us a little bit about your Phone-Centric Identity platform? What are its key features?
At Prove, the foundation of every one of our consumer identity solutions is what we call PIN, the Phone Identity Network. PIN creates and maintains our powerful consumer identity tokens that help thwart the six major categories of identity fraud, including synthetic identity fraud and true name fraud. Prove tokens benefit from their own usage across the Prove network that allows us to measure real-time behavioral risk, empowering relying parties to make the most accurate security decisions possible. Our tokens are also consistent across channels and device changes, reducing the need to re-enroll when consumers get a new phone, thus preventing socially engineered account takeovers. In addition to reducing fraud, our tokens are also privacy-enhancing. Because the use of our tokens by a consumer involves the presentation of a secure cryptographic key (in most cases the SIM card), the consumer is in control of when and where their identity is being leveraged.
It is evident that digital trust is an important part of Prove. Would you like to share more about this approach?
The vast majority of users (upwards of 95%) are legitimate and trustworthy. The challenge facing banks and companies today is how to prevent the few bad actors from ruining the user experience of the vast majority. The current lack of digital trust that we’re experiencing today is a direct consequence of the current fragmented and ineffective approach to digital identity. In order to build digital trust moving forward, we need to build a digital identity ecosystem that enables companies to quickly and seamlessly authenticate and verify users to reduce fraud, while protecting consumer privacy. We believe that businesses that prioritize and invest in next-generation identity authentication techniques will gain market share, leaving clunky competitors in the dust.
Have you noticed any new cyber threats arise as a result of the pandemic?
Fraudsters thrive during times of crisis, and the pandemic has presented a lucrative opportunity for criminals. Unfortunately, the pandemic made it exceedingly clear that the government’s reliance on legacy digital identity technology was a major liability. In the rush to get Americans the benefits they need to weather the storm, nation-states and organized crime rings have siphoned off billions of much-needed aid from the local, state, and federal governments. As a result, disability fraud, telehealth fraud, and many other newer forms of fraud have skyrocketed.
In today’s mobile-centric world, what cybersecurity measures do you think are a must to combat such threats?
In today’s mobile-centric world, we don’t often have the luxury of seeing our customers face-to-face, which is why finding convenient but effective forms of digital verification is paramount. At Prove, we leverage unique phone-centric identity signals and utilize a 3-step process we call “possession, reputation, and ownership.” Through these checks, if you can verify that an individual owns and currently possesses a phone that has been deemed trustworthy (no history of recent SIM swaps, for example), you can combat a number of common fraud vectors.
As work from home becomes the new normal, what would you consider to be the worst cybersecurity habits that can put not only an organization’s workforce but also its customers at risk?
Working from home can bring a new set of security challenges, but Prove has the tools to protect these processes. Regardless of whether an employee is working from home or in the office, it’s critical for companies to check the possession, reputation, and ownership of an employee’s phone prior to verification in order to prevent data breaches. This is why Prove has had many companies upgrade their legacy OTP to Instant Link in the last two years, not just for customers but also for their employees.
What are some of the lesser-known threats a company can be exposed to if proper identity verification methods are not in place?
If you can’t verify that a customer really is who they claim to be from the very beginning with confidence, you are exposed to a threat, because fraudsters love nothing more than to use fake accounts to shield their criminal activity. Take banks, for instance. Recently, criminals have begun targeting ATMs by depositing dozens and dozens of bad checks into fake accounts, then withdrawing the maximum amount of funds they can get instantly (typically $200) from the ATM. This is a current example of a basic form of fraud that can be prevented by leveraging digital identity during the onboarding process. Similar examples can be tracked and applied to almost every industry.
What technologies do you think will emerge in the near future as digital identity becomes a significant part of our lives?
It’s no coincidence that digital identity is entering the mainstream, just as discussion over web 3.0 and emerging tech is taking off. With so many paywalls and endless verification processes, the magic of the internet has really disappeared. Prove anticipates that digital identity will revolutionize not only futuristic technologies like the metaverse and wearables but also simple tasks like surfing the web.
Share with us, what’s next for Prove?
This is an exciting time for digital identity as a whole and Prove especially. With so many businesses prioritizing digital experiences for their customers as a result of the COVID-19 pandemic, we’re seeing a ton of creative, new ways for customers to use our products. Whether you manage the digital experience at a fast-food restaurant or the booking platform of a company chartering private jets, organizations can leverage Prove’s technology to reduce customer abandonment, improve user experience, and dramatically reduce fraud. With so many new customers coming from so many different sectors, it’s safe to say the best is yet to come.