Best Practices in Identity Document Verification for Financial Institutions and Fintechs

In the financial services industry, there can be considerable fraud and compliance risk when onboarding a new customer or authenticating returning users. One of the most critical components is determining if the person presenting themselves is who they say they are. 

When applying KYC and fraud prevention solutions, scenarios exist where a new applicant is deemed neither obviously “good” or “bad.” In order to give the applicant a fair shot at approval, additional scrutiny may be appropriate. Here’s where some companies will apply knowledge-based authentication (KBA), asking applicants about prior address or credit history,  or they will take on the additional operational cost of a manual review. Both methods are cumbersome, expensive, and more a hurdle than a solution.

Knowledge-based authentication (KBA) has ruled supreme for many years, even with its reputation for delivering a lackluster customer experience and poor accuracy. In fact, KBA no longer meets NIST standards due to the ease with which an attacker can find answers to posed questions through breached data available on the internet. Paradoxically, many fintechs have found that achieving a 100% KBA score can also be a leading indicator of fraud.

Relative to manual reviews, applicants are left waiting for hours or days while a company works through their onboarding queue, where they risk customer abandonment.

A far better approach is employing a workflow that delivers enhanced identity verification and drives the process forward seamlessly. In practice, we’ve found that a passive third-party fraud model, a passive synthetic fraud model, and a fully automated ID document verification flow is the ideal countermeasure to KBA.  This smooth, scaleable, and cost-effective combination strikes the balance for optimized user experience and fraud capture.

There are three tenets to sound identity verification:

• Something you have (identification card, mobile device)
• Something you know (name, address, phone number, email)
• Something you are (biometric – face, fingerprint, voice, and more)

These principles suggest that any organization requiring an accurate identity verification assessment takes the extra step of ensuring that what you have and know are authentic and match who you are. This process may have proven cumbersome in the past, fraught with friction if done well and financial losses when done poorly. 

For some legacy vendors, identity document verification simply means verifying that a physical ID is authentic and has not been tampered with. That’s a good first step. But, far better is also ensuring the headshot on the ID and selfie of the person in possession of the ID biometrically represent the same individual.

In a digital-first world, online account openings have exploded, attracting more fraudsters than ever before employing sophisticated tactics. Modern ID document verification systems that enable the capture and authentication of identities online, while taking the additional step of accurately matching identity documents to the person, have proven to be vital in combating these advanced fraud vectors.

Socure Predictive DocV: Omnichannel, Accurate, Scalable

Socure’s DocV is a fully automated, omnichannel identity document verification solution. The most scalable, accurate service available, it combines computer vision-based image capture with advanced forensic analysis through machine learning to quickly confirm the authenticity of any identity document in circulation, including thousands of global identity document types. Applying advanced, real-time computer vision, Predictive DocV seamlessly guides a user through a quick image capture and verification experience, to minimize friction, errors, and frustration.

In our experience, we’ve seen three use cases stand out for their efficacy with financial institutions and fintechs when incorporating DocV in their onboarding workflow:

• Top of the funnel
• Step-up authentication
• Call center authentication

Top of the Funnel: Autofill an Application Form

ID document submission at the beginning of the customer acquisition funnel is quickly becoming a popular onboarding flow, especially for millennials. For this target demographic, capturing a photo of an ID is generally not viewed as added friction, but rather as a convenience by being able to pre-populate an application form with data extracted from the ID. DocV verifies ID security features and cross-checks selfies against the ID document photo. The PII is automatically extracted for verification against third-party data sources, ultimately returning a holistic assessment of the identity in  seconds. Because the service is 100% software-driven, manual review is generally not required.

Step Up Authentication: Approve More Good Customers

Socure delivers best-in-class frictionless identity verification. For applicants who fail passive identity verification, Predictive DocV automates the recapture of those applicants with low operational cost and at scale. Socure customers benefit from reduced false positives and incremental revenue from approving more good applicants who initially appeared to pose a high fraud risk.

This process is accomplished in automated fashion, without the need or cost of manual review. By verifying the authenticity of a government-issued ID, it becomes an authoritative data source which can serve as a means to remediate certain adverse decisions. As an example, if resolution of an address fails from an input form, we can extract address data from an authenticated government-issued ID to resolve this discrepancy. 

Call Center Authentication: Prevent Account Takeover

In the case of an account lockout or potential account takeover, a call center representative can perform a quick and highly accurate remote document ID verification request with a customer in real time. The representative simply sends a link via SMS through their CRM system.  An advanced computer vision, web-based image capture interface walks the customer through a fool-proof ID document and selfie capture submission process. The system then quickly determines if the ID document is authentic and if there is a biometric match between the extracted ID document headshot and self portrait. DocV proves the call center representative with an easy way to ensure that the person on the other end of the line is, in fact, who they say they are.

In Conclusion: Balance Fraud Mitigation with a Seamless User Experience

At its very core, an identity verification system should balance the effective mitigation of fraud while supporting a frictionless experience for the customer. Automation through Predictive DocV means you avoid high operational costs associated with human review and enable an economical way to scale. With DocV, Socure delivers a holistic response to provide a 360-view of the customer.

To learn more about Predictive DocV and see it in action, schedule a demo today.