Why Friction Is Not the Enemy in Identity Verification

Hal Lonas, chief technology officer at Trulioo, said organizations often face competing pressures during onboarding. Product teams want quick signups and fewer abandoned applications, while risk and compliance teams insist on stronger controls to keep fraudsters out.

“Everybody wants faster onboarding and easier onboarding and less friction when onboarding,” Lonas said. “But the product people and the business people want to see faster onboarding and fewer drop-offs. Then the compliance and risk and fraud people say, ‘faster is fine, but we want to make sure we have compliance and that we don’t let bad actors onboard.’”

Lonas made his comments as part of a three-part miniseries on fraud and friction in the age of AI, where establishing identity, and monitoring risk across a customer lifecycle demands fresh approaches to know your customer (KYC) and know your business (KYB) processes.

The tension between friction and conversion reflects a central problem in identity verification, particularly as relationships are established between customers and the platforms with which they are doing business. Speed and convenience attract customers, yet insufficient checks allow synthetic identities, account takeovers and other forms of fraud to enter the system.

Effective onboarding therefore requires a deliberate balance between speed, assurance and consistency, especially when companies expand across markets with different regulatory frameworks and identity systems.

When firms expand internationally, Lonas said, those factors often deteriorate simultaneously. Companies underestimate the differences between markets, from address formats to document standards to the expectations consumers bring to the verification process.

“All of those suffer,” he said, referring to speed, assurance and consistency. “Companies generally don’t appreciate the differences and nuances in those different markets. Little things like address formats can really throw off a new market for a company,” Lonas told PYMNTS.

These inconsistencies can create new forms of friction during onboarding, some of which protect platforms while others simply discourage legitimate users.

Distinguishing Good Friction From Bad

Friction has become a contentious concept in digital onboarding. Many organizations treat any additional step in the identity process as harmful to conversion. Lonas argues that this view misunderstands the role of verification.

“Good friction is the kind that keeps out bad actors,” he said. “If I’m trying to onboard using a synthetic identity or false documentation and I start getting asked questions I can’t answer, and I bail out, that’s good friction.”

Those barriers serve a defensive purpose. They create uncertainty for fraudsters who rely on stolen or fabricated identities. When properly applied, they encourage suspicious applicants to abandon the process before gaining access to a platform.

The challenge lies in avoiding what Lonas described as the opposite effect. When legitimate users encounter unnecessary identity checks, unclear instructions or repeated requests for documentation, they often abandon the process and seek services elsewhere.

This distinction has forced organizations to reconsider how they design onboarding workflows. Static rules and blanket restrictions, such as automatically rejecting applicants from specific geographies or age groups, can inadvertently block legitimate customers while providing limited protection against more sophisticated fraud attempts.

According to Lonas, the more effective approach involves adapting verification steps to the risk signals associated with each user.

When Verification Models Reject the Wrong Customer

Another costly problem in identity verification arises when systems incorrectly identify legitimate users as suspicious. These errors, commonly known as false positives, represent more than a compliance concern.

“They should matter to growth teams as well,” Lonas said. “If it’s a false positive, meaning I flagged somebody I didn’t want to flag, then I’ve prevented them or chased them off the platform. Maybe they’re going to a competitor.”

Such errors represent lost revenue as well as reputational damage. Customers who encounter excessive friction during onboarding often assume the platform is unreliable or poorly designed.

Lonas said organizations must treat these mistakes as opportunities for improvement. “Every time we see a false positive or a false negative, those are opportunities to learn,” he said.

The most effective systems create feedback loops that refine identity models continuously. When a verification error occurs, companies can retrain machine learning models, update rules or adjust the level of friction applied during onboarding.

That process increasingly relies on artificial intelligence and pattern analysis.

Organizations can analyze device information, transaction history and behavioral signals before a customer even reaches the most demanding verification steps. These early assessments provide a preliminary view of risk and help determine whether additional identity checks are necessary.

The Expanding Complexity of Digital Identity

Identity verification has grown more complicated as fraud networks adopt increasingly sophisticated tactics. Synthetic identities, shell corporations and layered ownership structures create new challenges for financial institutions attempting to determine who is actually behind a transaction.

For Lonas, that reality reinforces the importance of comprehensive verification strategies.

“The world has become a very complicated place,” he said. “You have synthetic identities, fake businesses, shell corporations and multiple levels of companies and individuals behind them.”

Organizations must therefore employ a range of tools to establish trust, from data-driven identity checks to document verification and behavioral analysis. The goal is not simply to confirm that an individual exists, but to determine whether the identity presented truly represents the person behind the transaction.

In practice, that means combining multiple verification methods while minimizing unnecessary friction for legitimate users.

Building Trust Through Intelligent Onboarding

Despite the complexity of identity verification, the central objective remains straightforward. Financial institutions and digital platforms must build trust while allowing legitimate customers to enter their ecosystems efficiently.

For Lonas, achieving that goal requires a disciplined approach that combines technology, data and adaptive decision-making.

“The big takeaway is the level of sophistication in verifying someone and knowing your customer or the business you’re interacting with,” he said. “You have to employ every tool at your disposal.”