Financial Crime World

Here is the article in markdown format:

Guidelines for Digital Identity Systems in Customer Due Diligence

Key Points

Ensuring Secure Authentication

  • Biometric authentication: Employ phishing-resistant authenticators that use public key encryption to secure customer authentication.
  • Digital ID authentication: Traditional authentication occurs at onboarding, but continuous authentication solutions monitor data points throughout the online interaction using biomechanical biometrics, behavioral biometrics, and dynamic transaction risk analysis.

Managing Identity Lifecycles

  • Identity lifecycle management: Actions taken by identity service providers (IDSPs) in response to events affecting authenticators include:
    • Issuing and recording credentials
    • Binding new authenticators
    • Handling compromised or expired authenticators
    • Revoking or terminating authenticators

Enabling Portability and Interoperability

  • Portability and interoperability: Digital ID systems can enable portable identities across different entities, but this is an optional component.

Relevant Context

The guidelines appear to be targeted towards financial institutions (FIs) in the United States. The focus is on using digital ID systems for customer due diligence (CDD), specifically customer identification and verification at onboarding or account opening and ongoing monitoring.