New Zealand has launched a trust framework for digital identity, a crucial step towards the country's digital transformation.
Digital identity verification is on the rise
Many efforts are focused on trying to regain stability in the midst of the social alarm created by the Coronavirus. Since March 2020 we have been forced to change our habits in most circumstances, as with measures such as confinement, without leaving home everything has to be done remotely.
Since March 2020 many more things happen behind the screen of our mobile phones or computers. And, of course, this has positively affected the world of banking with the increased demand for digital transactions.
The possibility of being able to carry out any digital transaction from home opens up a range of advantages and opportunities for users, but also some risks that did not exist before. Therefore, remote banking processes require a high level of security and trust between banks and consumers. Banks interacting with new and existing customers online need to know that the customer is who they say they are. They need to conduct Know Your Customer (KYC) processes in accordance with local regulations and need to be sure that the individual is not a fraudster or a bot. Therefore, the ability to verify an individual’s identity online in real time during the customer onboarding process through digital identity verification is crucial.
In this post, we show you the evolution and rise of digital identity verification, and how banks are responding to this new digital challenge.
1. Rising trend in the use of digital identity verification
Identity verification has always been a key issue for companies that need to comply with KYC regulations and mitigate the risk of application fraud during in-person customer onboarding. Typically, identity verification takes place when a customer produces valid identification documents during the onboarding process. For remote customer onboarding, financial institutions have turned to digital identity verification in order to onboard remote customers in a secure and compliant manner.
We know that most Financial Institutions (FIs) have already started this digitisation process for account opening processes. In fact, 85% of FIs provide some form of digital account opening.
We also know that, before the current pandemic, budgets allocated to digital account opening programmes had almost doubled in size. So the desire to digitise already existed, along with the financial backing.
While the basic requirements for digitisation remain the same, financial institutions now have a more pressing driver: speed to market. Prior to COVID-19, many FIs had partially digitised customer processes. For example, a customer could initiate a loan application online and then finalise it with an in-person visit to a branch to show their identity documents. These hybrid scenarios contributed to some extent to meeting consumer demand for online access to financial products.
Today, FIs that want to win new customers must figure out how to fully onboard a physically distant customer. For many FIs, this means adding digital identity verification to their online capabilities. The faster they can achieve this goal, the better they can adapt to a situation where digital services are a necessity as well as a preference.
2. Strong security, privacy and compliance requirements for digital identity verification
Financial services customers want to be able to open an account or access banking services with minimal friction, but they also want to feel confident that the right level of security is in place to protect both their account and their identity. Any adoption of digital identity verification must include careful consideration of all security, anti-fraud, data privacy and compliance requirements, with the security of the customer’s data and account being the primary concern.
Anyone involved in work programmes aimed at the digitisation of an account opening process will be well aware of the many requirements that need to be met when developing functionalities in-house or selecting external providers to provide certain capabilities.
The following requirements should be taken into account when implementing new solutions:
- Cross-channel identity verification. Does the solution support digital identity verification across all channels? Online, mobile, branch, call-centre and face-to-face with advisors.
- Geography. Does the solution support document IDs in the countries, states and provinces in which you do business?
- Risk and fraud management. Remote and faceless transactions are more susceptible to fraud. Does the solution adequately manage fraud risk and actively help reduce application fraud?
- Quality assurance and due diligence. Does the solution require manual quality and credit control or are these automated as part of the solution?
- Elimination of paper-based processes and in-person signatures. Does the solution eliminate paper while electronically capturing intent/consent and audit trails?
- Legal enforceability and compliance. Is the resulting agreement between the customer and the financial institution legally enforceable and does the identity verification process comply with relevant regulations?
- Security of infrastructure, devices and applications. Is the solution secure at all times, and does the solution/provider secure all infrastructure, devices and applications against cyber-attacks and malicious actors?
It should be noted that not all digital identity verification methods are equal. When used alone, some older forms of verification, such as KBA-Knowledge Based Authentication, can lead to friction during the account opening process. It is important for financial institutions to consider user experience when analysing digital identity verification to ensure that the method they use is appropriate.
FIs should verify that digital identity verification services and providers can offer the latest digital identity verification methods, such as facial biometrics and automated identity document verification, including the ability to verify an identity remotely using identity and “life” detection technology. These digital identity verification methods offer a good user experience while protecting the FI against fraud in the application.
3. Some financial institutions have a strong competitive advantage in enabling digital identity verification by adapting to new customer needs
We have seen that FIs that are already digitally enabled and whose employees work from home are best suited to situations of social distancing and online financial services.
Banking and financial institutions that already have a mature digitalisation channel will be well positioned for success, while others will now need to accelerate their digitalisation programmes, or face an uncomfortable future. COVID-19 has magnified the shortcomings of some banks’ digital offerings and also created an urgency for them to eliminate any manual steps or physical touch points in onboarding processes.
4. Digital identities take precedence in financial, health, and government services
It is not just financial institutions that need to look closely at digital identity verification. Governments and healthcare providers are increasingly working with digital identity verification services to find identity solutions for services that are moving online.
During the 2020s, there has been a need for rapid adaptation in the use of e-signature technology, among other services, thus providing the opportunity for financial institutions to process loans remotely. Banks that have been slow to digitise have struggled to process loan applications and meet the needs of their small business customers.
By 2021, governments, insurance brokers, healthcare providers and financial institutions are expected to be able to serve their customers digitally and securely. Even the US Treasury Department now allows the unbanked to receive their relief cheques through mobile payment services.
5. Digital transaction volume increases, but so do fraudsters and cyber-attacks
Fraudsters are also taking advantage of the chaos and confusion during COVID-19 to take advantage of insecure online transactions and trick vulnerable demographics into scams through the use of text messages and phishing emails.
A clear increase in loan fraud attacks was evident when the WHO declared the pandemic. These attacks took the form of first-party application fraud, third-party application fraud and synthetic identity fraud.
Therefore, financial institutions onboarding unknown and remote customers must be extremely vigilant in their onboarding and digital identity verification processes to detect and prevent application fraud. Similarly, financial institutions with existing customers who are transacting online for the first time and who may be susceptible to phishing scams and fake websites must be able to detect and prevent account takeover attacks in real time to avoid financial losses.