Announcement

Faster verifications and less risk with Reusable Personas

Verify more users while assessing more risk signals with reusable identities.

An image of a phone screen and a verification app.
Last updated:
11/14/2024
Read time:
Share this post
Copied
Table of contents
⚡ Key takeaways
  • To date, no reusable identity has succeeded in comprehensively addressing companies’ compliance and flexibility needs while offering the privacy and security assurances end users desire.
  • Reusable Personas, Persona’s reusable identity, offers the best of both worlds by allowing users to seamlessly store and reuse their verified PII via Passkey while enabling businesses to holistically evaluate risk without sacrificing the user experience.
  • Even though every Reusable Persona is based on verified PII, all the data on board is still passed through the verification process without requiring the end user to resubmit everything. This allows companies to seamlessly maintain their risk assurance with their unique set of checks and step up or step down verifications via Dynamic Flow.

When was the last time you walked into a bank or bought furniture in a store? As more of our daily activities and services transition online, the onus continues to be on companies to transform high-touch, in-person transactions into equally seamless and enjoyable digital experiences.

Fraudsters have taken notice too, undergoing a digital transformation of their own. The FBI reported that Americans lost $10.3 billion to internet scams last year. Emboldened with generative AI and more stolen PII than ever, fraud has only become more adaptive, pervasive, and costly to remediate. 

This has put companies in a difficult position as they face increasing regulatory and fraud prevention pressures while still attempting to deliver streamlined experiences to digital-savvy customers. 

The result? Similar to how we have been asked to make more complicated passwords with special characters and numbers, companies are now asking us to verify our identities with more documents and checks — a pattern that multiplies across every online service we use. These new measures may be more secure for companies but have only created new headaches for people who just want to send money or buy a new couch.

The challenges of reusable identity

With increasing requests for information across different sites, the need for reusable digital identities is clear. However, to date, no reusable identity has succeeded in comprehensively addressing companies’ compliance and flexibility needs while offering the privacy and security assurances end users desire.

So why does a good solution not yet exist? 

Unique risk and compliance requirements

Every company has unique risk and compliance requirements — there is no universal set of information that will meet a universal level of risk assurance for businesses. For example, fintechs and financial institutions need to meet Anti-Money Laundering (AML) compliance focused on individual or business verification, whereas e-commerce platforms need to collect tax numbers on top of the standard KYC process to meet INFORM Consumers Act requirements in the US and Directive on Administrative Cooperation 7 (DAC7) requirements in the EU. 

From a customer lifecycle perspective, different activities, such as onboarding or high-value transactions, also require different levels of risk assurance. To live up to their name, reusable identities need to be dynamic enough to handle each company’s unique requirements.

Securing the reusable identity

Even if you can collect information from users in a compliant manner, you need to ensure each reusable digital identity is only being used by the individual who created it. While two-factor authentication approaches such as phone numbers might be more secure than a simple password, they can still be spoofed. 

Biometric approaches can be more powerful, but they're subject to many regulations and still capable of being spoofed by emerging fraud techniques such as deepfakes. The right approach here needs to prioritize verification — not trust.

Meeting consumer expectations for seamless and secure experiences

Like businesses, people understand the benefits of a reusable identity experience and the convenience of not having to repeatedly submit their personal information. But they’re tired of having to install yet another app and worry about the privacy and security of their most valuable asset — their PII. With so many data breaches and privacy scandals around data brokering today, they need assurance that their reusable identity isn’t going to be in the next leak they read about or used in an AI training model without their knowledge.

Reusable identities need to meet individuals where they are — not only supporting the various ways they verify themselves and use the internet, but also, more importantly, their expectations for privacy and security. Consumers need to be able to access their identities across the applications, browsers, and devices they use.

Introducing Reusable Personas: Persona’s reusable identity

At Persona, we understand the challenges businesses face needing to balancing their unique risk and compliance considerations with providing a seamless end-user experience. 

We are pleased to introduce Reusable Personas — our reusable identity solution that allows users to seamlessly store and reuse their verified personally identifiable information (PII) across devices and the ever-growing Persona network while enabling businesses to holistically evaluate risk without sacrificing the user experience.

Allow users to store their identity and securely reuse PII across multiple devices and platforms

Every reusable identity product needs to make it easier for the user to verify themselves, save their data in a way that protects their privacy, and then reuse their PII across the internet without additional friction. As a baseline, all companies using Persona already have access to Persona’s broad coverage of data sources and verification checks, blocking fraudsters from being able to create Reusable Personas. Moreover, as we roll out Reusable Personas to our customers, users will be able to seamlessly reuse their Reusable Persona across our broad base of companies spanning different countries, industries, and use cases.

Evaluate risk more holistically with additional usage-based risk signals

Even though every Reusable Persona is based on verified PII, all the data on board is still passed through the verification process without requiring the end user to resubmit everything. This allows companies to seamlessly maintain their risk assurance with their unique set of checks and step up or step down verifications via Dynamic Flow. Any additional information verified in this process will be stored on the Reusable Persona going forward. 

In addition, Reusable Personas contain usage-based network and device signals that allow companies to holistically evaluate the risk of the Persona as well. Businesses can leverage risk signals such as when a Reusable Persona was created, how many times it has been successfully verified, whether it has been used on the device before, and more. For example, if a Reusable Persona was created over a year ago, businesses can ask individuals to resubmit their ID in case it’s been changed or renewed.

Built with privacy, security, and reusability in mind on Passkey technology

Reusable Personas automatically sync across devices (mobile web, desktop) and operating systems (iOS, Android) without requiring app installation. They are also easier to use and more secure than passwords and one-time codes that can be forgotten or stolen. Additionally, Persona cannot read a Reusable Persona without end-user consent. This gives consumers additional assurance that their data is only being shared directly with the companies they choose to activate their reusable identity with.

These user-friendly security features are enabled by Passkeys, a passwordless authentication method based on W3C and FIDO standards. As an added benefit, Passkeys are harder to compromise than traditional passwords and phone number verifications, as they can be secured by device-native security mechanisms such as Touch ID or FaceID. 

With Reusable Personas' robust privacy and security features, end users gain peace of mind knowing no one can access their passkey and they can use their Reusable Persona to safely and securely access the services they need.

Chat with a product expert
See how Reusable Personas work

Unlock faster, more trustworthy experiences for you and your customers with Reusable Personas

Identity is not a one-off transaction — it is an ongoing relationship over time. 

With Reusable Personas, your IDV processes can stay dynamic and keep up with your customers’ shifting wants and needs. From supporting changes in a user's profile (addresses, phone numbers, devices, and more) to surfacing usage-based risk signals, Reusable Personas can help you build trust and loyalty — all while mitigating risk, meeting compliance needs, and keeping fraudsters out.

Interested in learning more about what Reusable Personas can do for you and your customers? Talk to a Persona expert today.

Published on:
10/23/2023

Frequently asked questions

No items found.

Continue reading

Continue reading

Persona ranked 1st across all evaluated Use Cases in 2024 Gartner® Critical Capabilities report, positioned highest for Ability to Execute in inaugural Magic Quadrant™ for Identity Verification
Persona ranked 1st across all evaluated Use Cases in 2024 Gartner® Critical Capabilities report, positioned highest for Ability to Execute in inaugural Magic Quadrant™ for Identity Verification
Announcement

Persona ranked 1st across all evaluated Use Cases in 2024 Gartner® Critical Capabilities report, positioned highest for Ability to Execute in inaugural Magic Quadrant™ for Identity Verification

See how Persona was evaluated in the inaugural Gartner® Magic Quadrant™ for Identity Verification and Critical Capabilities report, and learn more about our configurable approach to identity.

Workforce security redefined: Persona and Okta partner to verify identities and protect against phishing and deepfakes
Workforce security redefined: Persona and Okta partner to verify identities and protect against phishing and deepfakes
Announcement

Workforce security redefined: Persona and Okta partner to verify identities and protect against phishing and deepfakes

Enforce identity verification throughout the employee life cycle using Persona and Okta’s out-of-the-box integration for identity verification.

Build bespoke age verification with Persona
Build bespoke age verification with Persona
Announcement

Build bespoke age verification with Persona

When thinking about age verification, balancing regulations and privacy can seem overwhelming. That’s why we offer a configurable age verification solution built to serve the needs of your business.

Fight fraud at every angle with Persona
Announcement

Fight fraud at every angle with Persona

Introducing new capabilities to help fight complex fraud.

Power all of your identity operations with Persona's identity infrastructure
Announcement

Power all of your identity operations with Persona's identity infrastructure

Businesses can build and unite any part of their identity operations with Persona’s configurable building blocks.

Persona achieves ISO 27001 certification
Announcement

Persona achieves ISO 27001 certification

Learn what this certification means for you and what's next.

Ready to get started?

Get in touch or start exploring Persona today.