Video Transcript
Mike Engle:
Hi everybody. My name is Mike Engle. I'm joined today by Maureen from our marketing department. Today we're going to demonstrate how we do remote caller verification. This is a common practice done by nearly every service desk. Somebody has a problem with their account, it's locked out, there's a password reset needed, or their MFA has broken, et cetera, and you need to engage with that user and help them. The traditional way to do this is to ask them for some secrets, they have to sort of prove who they are, but that proof is very hard to obtain until now.

So what we're going to demonstrate is Maureen calling into the help desk and needing to have some type of account-based service. On my screen, you will see the view of the help desk administrator. This is somebody who's working with the remote callers and how they will engage with Maureen to have her prove who she is remotely using identity and document verification. So the first step in this journey is to log into the administrative console. There's several ways to do this. We could simply click on an existing session. If you don't have one, this is an example of how this user could use their mobile. Authenticate with face ID, and they're in staring at the tool now.

Another way would be to use your local device biometrics. So for example, a FIDO passkey on this machine by simply pressing a button like this, scanning my finger, this is Windows Hello in action, and I'm at that same screen. So many ways to get into the tool. Very flexible, very easy integration. Now, I'm on the phone with Maureen. Hi Maureen. How's it going?

Maureen:
Hey, doing well, Mike. How are you?

Mike Engle:
Fantastic. I understand you're having some problems with your password today.

Maureen:
Yeah, I do need to reset my password. Can you help me out with that?

Mike Engle:
Oh, I sure can. So let's go through a quick verification exercise. All right. Maureen, do you have a driver's license or passport handy?

Maureen:
I do. I have a driver's license.

Mike Engle:
Excellent. I am going to send you a link to your phone. Simply have to click it and follow the instructions. Are you ready for that?

Maureen:
Sounds good. I'm ready.

Mike Engle:
All right, excellent. What's your phone number? Okay, Maureen, I have your phone number in here. Obviously we've blurred this out for privacy purposes, but you should now receive a text message and we're going to route this over to you. Just let me know how it's going and when you're completed with the process.

Maureen:
Thanks, Mike. I got the text. So now I'm getting started with my license verification. I'll scan the front of my driver's license and then it prompts me to scan the back. All right. The driver's license capture is done, so now it's asking me for a live selfie. Selfie was captured and my ID is being checked for authenticity. All right. I think that'll go back to you, Mike.

Mike Engle:
All right, great. Yes, I see the results, Maureen, and we are good to go. Your identity has been verified, your documents are legit, and I can now go reset your password. You give me about five seconds and you'll be on your way and getting back to work in no time.

Maureen:
Great, Mike. Thank you.

Mike Engle:
You're welcome.

Maureen:
Are you able to see any of the person's data who called in the help desk?

Mike Engle:
No, that's right. We cannot. So by default, the personal information, the driver's license data, your date of birth, your home address, your driver's license number, et cetera, are purged as soon as everything is verified. So this keeps privacy front and center. Normally when you're verifying somebody's driver's license the legacy way, you're holding it up. There could be pictures taken, there's PII flying around. That is not the case here. It's processed in real time, decisioning is made.

Behind the scenes, the data about the session, for example, it would say in the logs, Maureen presented a New Jersey driver's license, it was verified against database XYZ and the attributes came back with 92% this and 84% on that, et cetera, et cetera. Those thresholds can be changed, but it would not have your driver's license number in those logs. For some instances, some organizations like banks may want to keep that data and that can be tuned in the system to meet your privacy and retention needs. So by default, it is incredibly privacy friendly and you can have these types of disclosures with your users and your privacy lawyers, and everybody is very comfortable with the system.

Maureen:
Awesome. Thanks, Mike. Thanks for being on our Unplugged episode.

Mike Engle:
My pleasure. Come again soon.