In the financial services industry, there is much at stake when onboarding a new customer or authenticating returning customers in terms of fraud risk. One of the most critical components is determining if the person presenting themselves is who they say they are.
While there are many commercially-available KYC and fraud prevention solutions on the market, there are scenarios where the applicant is neither obviously good or bad. They may fall into that gray area where, in order to give them a fair shot, some extra scrutiny is appropriate. Some FI’s will apply KBA (“Of the following 3 streets, which did you previously live at?”) or they will take on additional operational costs through manual review. Both are cumbersome, expensive, and more of a hurdle than a solution.
KBA has ruled supreme for many years even with its reputation for delivering a lackluster customer experience and poor performance. In fact, KBA no longer meets NIST standards due to the ease with which an attacker can find the answers on the Internet. Oddly enough, many fintechs have found that achieving a 100% KBA score can also be a leading indicator of fraud.
A far better approach is employing a flow that provides additional verification and drives the process forward without interruption. In practice, we’ve found that document verification is a smooth, scaleable, and cost effective answer to KBA.
Best practices dictate that there are three tenets to sound identity verification:
- Something you have (identification card, mobile device)
- Something you know (name, address, phone number, email)
- Something you are (biometric - face, fingerprint, heart beat pattern)
These principles suggest that any organization requiring an accurate assessment takes the extra step of ensuring that what you have and know are authentic and match who you are. This process may have proven cumbersome in the past, fraught with friction if done well and financial losses when done poorly.
For some vendors, document verification simply means verifying that a physical ID has not been tampered with. That’s wonderful. But far better is also ensuring the headshot on the ID and selfie of the person in possession of the ID biometrically represent the same individual.
In a digital first world, new account openings are exploding and largely moving online. This has led to more sophisticated fraud tactics. New document verification systems that enable the capture and authentication of identities online, while taking the additional step of accurately matching identity documents to the person, have proven to be vital in combating these sophisticated fraud vectors.
Socure Document Verification (DocV)
DocV from Socure is a fully-automated omnichannel document verification service. The most scalable, accurate service available, it combines computer vision based image capture with advanced forensic analysis through machine learning to quickly confirm the authenticity of any identity document in circulation, including more than 3,500 identification types from around the world. Through the use of advanced real-time computer vision, DocV seamlessly guides a user through a quick image capture and verification experience, minimizing friction, errors, and frustration.
In my experience, we’ve seen three uses cases standout for their efficacy with FIs when incorporating DocV:
- Top of funnel
- Call center authentication
Document Verification at Top of Funnel
Document submission at the beginning of the customer acquisition funnel is quickly becoming a popular onboarding flow, especially for millennials. For this target demographic, capturing a photo of an ID is generally not viewed as added friction, but rather as a convenience by being able to pre-populate an application form with data extracted from the ID. DocV automatically verifies ID security features and cross-checks selfies against the document photo. The PII is automatically extracted for verification against Socure’s added modules, ultimately returning a holistic assessment of the identity in under 15 seconds. Because the service is 100% software-driven, manual review is generally not required.
Document Verification as a Step-Up
Socure delivers best-in-class passive identity verification. For applicants that fail passive identity verification, DocV can automate the recapture of those applicants with low operational costs and at scale. Socure customers have reduced false positives and recaptured lost revenue opportunities of good applicants that initially appeared to pose a high fraud risk. This is accomplished automatically and without the need or cost of manual review. By verifying the authenticity of a government issued ID, it becomes an authoritative data source which can serve as a means to remediate certain adverse decisions. As an example, if resolution of an address fails from an input form, we can automatically extract address data from an authenticated government issued ID to resolve this discrepancy.
Call Center Authentication
In the case of an account lockout or potential account takeover, a call center representative can perform a quick and highly accurate remote document verification request with an end user in real time. The representative is able to send a link via SMS through their CRM. An advanced computer vision web-based image capture interface walks the end user through a fool-proof document and selfie capture submission process. The system then quickly determines if the document is authentic and if there is a biometric match between the extracted headshot and self portrait. This offers the call center representative an easy way to ensure that the person on the other end of the line is in fact who they say they are.
At its very core, an identity verification system should balance the effective mitigation of fraud while supporting a frictionless experience for the customer. Automation through DocV allows us to avoid the high operational costs associated with human review and enables an economical way to scale. With DocV, Socure delivers a holistic, single response to assess an identity from multiple dimensions.