Participant Verification to Reduce Fraud and Abuse
Last Updated Nov 3, 2017
We have several solutions for confirming participant identities. Some are done automatically. Some are optional, added as a “study task” depending on the study needs.
First, to reduce fraud and abuse, ProofPilot uses behavioral analytics to assess the validity of participants. For example, users that enroll using Facebook federated login. Facebook automatically shares a birthdate. If that birthdate is outside of the eligibility criteria, and the user changes that date to be within the eligibility requirements, that’s a red flag that gets highlighted for review. There are many checks like this. While this doesn’t verify the participant identity, I wanted to include this as it describes how we maintain quality participants and mitigate fraud.
In cases where there is no in-person interaction with study staff, and participant verification is required, we have several options. The more aggressive the option, the more scrutiny the IRB will require. All studies on ProofPilot automatically go through a 3-5 day IRB review (also or instead of any review conducted at your institution).
Note on social login: About 70% of participants on ProofPilot studies enroll using Facebook federated login. While this is not a legal verification process – we do find that Facebook does some “checking” – that gets them some bad publicity occasionally (i.e., their policy of not allowing alternative egos in the form of cross-dressers). Not an exact verification, but is helpful. We don’t find Google does similar checks. We feed this information into the fraud checks described above.
1) Verify mobile telephone number. This is the most benign and works in the US (but less so overseas). Our systems can tell the difference between bulk telephone numbers (like Google Hangout). Since monthly phone plans usually require a credit check, and few have multiple devices, it’s a good way to verify the legitimacy of a participant and reduce fraud. It does NOT verify the particular person’s identity.. This is imperfect because prepaid phones – particularly outside the US are not screened out. And in lower socio-economic groups, users can switch phones frequently.
2) Checks on social media: Even if a user did not login via social media, most e-mail addresses are linked to a social media account somewhere on the web. We can pull and compare demographic data between what the user stated on ProofPilot and what is available elsewhere and flag inconsistencies for review. While not specific participant identity verification it does mitigate fraud.
3) Emerging: Credit card entry: While not specifically created to verify a participants identity, for reward purposes, ProofPilot has integrated credit card charge-backs (we provide the reward to participants existing credit card). Credit card companies do their verification – so, this information can be used to improve participant pool quality.
4) Financial record check: We can do this in some countries (The US included), but not all. It’s the same process and experience a user goes through with the US financial industry when they open an account. The user must share a social security number (or in other countries the equivalent) and are asked a series of questions based on their credit report. There must be very specific, and necessary reasons for this as IRBs are unlikely to approve without it. We find the case with this is usually limited. But the functionality is available.
5) Emerging: Photo of ID Cards: We have the functionality available, but have not implemented where users take a photo of a passport or drivers license. We are hoping this isn’t necessary, but are watching researcher needs, IRB approvals within other studies, and the quality of participants/fraud. Things are set up to add quickly if we need to. We hope we don’t