Director for Healthcare Identity Solution Strategy
Using physical and digital identity attributes to identify bad actors
Protecting online users has become a critical part of business operations for any organization with a website. On a personal level, we can see how automated and accepted the processes have become when we have a credit or debit card that was hacked. Healthcare users are starting to expect the same conveniences but also want protection. From the business perspective, it leaves a lot of responsibility and risk for healthcare organizations to manage.
Healthcare organizations focus on knowing who their trusted users are so they can protect user identity data. You should also focus on knowing your bad actors or “cybercriminals.” Knowing anyone visiting your website helps you make better trust decisions. Gaining as much identity information is key.
Physical Identity Data
Most fraud solutions are helping you know your trusted users which is critically important to protect identities. You can use verification and authentication depending on your risk/friction balance you’ve established. Verification or identity proofing solutions are verifying against a database of user information, usually using “physical” identity information like from a credit report or other public records. The most current database is essential to confirm new users because user information often changes. Also, the more comprehensive the physical data is, the more accurate identifying a user can be.
Digital Identity Data
Your website is receiving visitors everyday as are websites all over the world. Each person has a digital footprint that is left behind at each website which includes elements such as IP address, device ID, geographic location and the use of a private browser.
The next-generation cybersecurity solutions also include behavioral data to help identify bots or automated attacks. The speed of typing, mouse movements and form autofill are the types of behavioral data that can be used to spot suspicious behavior.
Cybercriminals are active across the globe. It’s possible to verify digital attributes against known bad actors from previous activity around the world. The same principle applies – the more digital data you can verify against, the more accurate your ability to identify suspicious behavior. With the evolution of technology, linking digital attributes of an individual identity has become possible and is how all this digital identity information is tied together to use in identity proofing. This allows you to verify the identities visiting your website against potentially billions of data points.
The Power of Using Physical + Digital Identity Information
Unfortunately, there will always be someone trying to get your data, but advanced cybersecurity solutions are able to help you harness the power of physical and digital identity information. Individually, both are good, but not enough. Each type of data prevents different types of fraud. For example, good physical data can help identify synthetic identities.
Digital data can identify other types of criminal activity. For example, if a device moves from the US to Russia in a matter of 30 minutes, you know there is a problem. ID spoofing can be identified through a mismatch between devices/locations or identity information usually associated with a digital identity.
The best identity verification or authentication includes both physical and digital data attributes. Make sure when you choose your cybersecurity solutions you include both. Next-generation solutions that work in real time, are very effective and can apply any risk/friction ratio you choose. With the right solution, you get to know your bad actors, making it possible to gain confidence and offer a near-frictionless user experience.
The DNA of Healthcare
At LexisNexis Risk Solutions, our goal is to provide the healthcare industry with insights and innovations to improve outcomes, grow market share, reduce fraud and increase compliance.
These blogs are published for information purposes only and can be statements of opinion. Although we LexisNexis rigorously check the accuracy of all information at the time of publishing the blogs, no representations or warranties are expressed or implied as to the blog, its contents and any accompanying materials and it should not be relied upon for acting in specific circumstances. Although links to external websites on any blog posts are tested and deemed accurate at the time of the blog posting, we LexisNexis accept no liability for such links to external websites and do not endorse or warrant in any way any materials available through such links or any privacy or other practices of such sites. In addition to this blog disclaimer, access and use of the blogs is governed by the LexisNexis website.