Biometric reverification: the key to secure customer journeys
David Thomas
Head of Documents & Biometrics
As digital services expand, so do the risks. Account takeover (ATO) fraud is now one of the most damaging forms of identity fraud, costing consumers and businesses billions annually. In 2024 alone, reported losses from fraud reached $12.5 billion, a 25% increase year over year.
Traditional KYC (Know Your Customer) checks play a critical role during customer onboarding, but they’re no longer enough to keep up with today’s evolving threats.
Biometric reverification empowers organizations to maintain trust and security throughout the entire customer lifecycle, not just at the start. By continuously confirming a customer’s identity, businesses can reduce fraud and ensure compliance at every stage of the relationship.
Build confidence throughout the customer journey
KYC is typically a one-time process performed during onboarding. It verifies identity at a single point in time but doesn’t account for the need for ongoing transactions. Additionally, considering threats like ATO have increased 15% year-over-year, static checks leave businesses vulnerable to trending fraud.
“KYC is no longer a one-and-done exercise. In today’s fraud landscape, identity verification must be continuous, not static.”
Biometric reverification allows for continuously verifying an identity at key moments such as during a new application process or during high-value transactions. This continuous verification ensures that the person accessing an account is still the legitimate owner, not a fraudster.
Where biometric reverification adds value
Strategically layering biometric checks into the customer journey strengthens identity verification and minimizes friction. Key trigger points include:
- Login and account access: prevent unauthorized access even if credentials are compromised
- Account recovery: replace outdated methods like OTPs, activation letters or call centers with secure self-service options
- High-value transactions: add friction only when necessary to protect sensitive actions
- Periodic reverification: maintain trust through scheduled identity checks
- Preventing family fraud: trusted individuals can re-enroll their biometrics on shared devices, preventing unauthorized access to banking apps by family members who might have access to the device. Social engineering in situations where call center employees are trying their best to help is a risk and can be avoided by only allowing back access to a caller after they have gone through ID proofing using biometric verification.
- Device intelligence: detect new devices or login locations and trigger reverification
- Peer-to-peer platforms: verify users before high-trust interactions like rentals or shared access, ensuring both parties can transact safely and confidently. These applications not only improve security but also reduce operational costs. For example, biometric reverification can eliminate the need for costly call center interactions or slow recovery processes, saving time and resources while drastically improving the customer experience. Instead of waiting for mailed activation letters or calling support, users can verify their identity instantly using a selfie.
A low friction solution that’s familiar
Consumers are already familiar with using biometrics to access and unlock their phones. Extending this experience to accessing their account makes the process intuitive and low friction. Importantly, biometric reverification doesn’t access device-stored biometrics. It uses a live selfie matched against the original onboarding image, ensuring privacy and security.
Authenticating the user vs authenticating the device
Many organizations rely on device-native biometrics like Apple's Face ID to secure access to their services. Customers use this feature daily to access their device and various apps, which brings a high level of familiarity and comfort.
Shared devices present a potential vulnerability in the fight against account takeover. When biometric authentication is tied to the device rather than the account, anyone with access to that device can potentially unlock sensitive applications.
For instance, a user might unknowingly allow someone to add their biometric profile to a family tablet or shared phone. Once added, that person can access banking apps or financial services without ever needing the original login credentials. This bypasses traditional identity verification and exposes institutions to fraud risks that are difficult to detect. Without session-level biometric reverification, financial platforms are relying on a false sense of security that doesn’t truly confirm the identity of the account holder.
Biometric reverification solves this by authenticating the person, not the device. It works by matching a newly captured selfie against the trusted image taken during onboarding.
Add biometric reverification into a layered approach
While some vendors specialize solely in biometric tools, GBG offers a comprehensive layered approach to identity verification and fraud protection. By integrating biometric reverification with existing KYC and fraud prevention tools, GBG simplifies implementation, vendor stacks and enhances the customer experience.
“By integrating biometric reverification with KYC, businesses can reduce vendor complexity and improve fraud resilience.”
Choosing a single vendor for KYC and biometric reverification reduces integration complexity, streamlines vendor management and ensures consistent performance. Many financial institutions are already moving toward unified solutions to reduce costs and improve efficiency.
Traditional banks and financial institutions risk falling behind if they don’t accelerate their digital transformation efforts. As neo-banks and fintech challengers continue to offer faster, more intuitive experiences, customers are increasingly choosing convenience over legacy processes.
Outdated methods like mailed activation letters, call center authentication and in-branch visits can frustrate users, which may introduce the risk of abandonment. Additionally, these methods can expose institutions to higher fraud risk. To retain customers and stay competitive, traditional FIs must adopt modern fraud protection strategies like biometric reverification that deliver security without sacrificing user experience.
Static identity checks like KYC are no match for today’s fraud tactics. Biometric reverification offers a scalable user-friendly way to deter account takeover and protect high-value digital interactions. Relying on a single platform to layer in biometric checks into the customer journey, businesses can deliver seamless secure experiences while staying ahead of fraud.
Get a demo to discover how biometric reverification can help you prevent account takeover, streamline identity verification and enhance your KYC processes.
Frequently Asked Questions
What is biometric reverification?
Biometric reverification is the process of confirming a user’s identity using biometric data at key moments after initial onboarding. Biometric reverification ensures the person accessing an account is still the legitimate owner of the account.
How is biometric reverification different from device biometrics?
Device-native biometrics authenticate the device-holder, not the account owner. Biometric reverification matches a live biometric sample against the verified and trusted “anchor” image captured during onboarding, ensuring that the person who created an account is the one accessing it.
Why is biometric reverification important for fraud protection?
It helps prevent account takeover by adding a secure layer of identity verification at critical points like login, account recovery and high-value transactions. This reduces the risk of fraud from stolen credentials that can then lead to Account Takeover (ATO).
Does biometric reverification replace KYC?
No, it complements KYC. While KYC verifies identity at onboarding, biometric reverification ensures ongoing identity assurance. Together, they form a layered fraud protection strategy.
