Reflections on Money2020 from a First-timer

As the premier outlet for vendors and customers in the financial services industry, Money20/20 is THE place to see the latest products in fintech, as well as learn about future trends. But like with Gartner Conferences or Oracle OpenWorld or the Identity Summit, you still have a measure of vendors who seem to be saying similar things. How can every vendor truly be the best? It takes a lot to rise above the noise and differentiate. We like to think Socure did that very thing this year. We were loud and fun, but we also proved that we’re three steps ahead when it comes to identity fraud prevention and auto-acceptance.

I want to mention a few observations from the biggest to-do in the market for securing, automating, and consolidating financial use cases:

1)    First, our founder, Sunil Madhu, was a featured speaker on the Sunday panel (chaired by Dan Rosen of Commerce Ventures) regarding the use of artificial intelligence in fraud prevention. I don’t want to belabor the excellent points the panel made about using AI and machine learning to automate and short-circuit the process of preventing fraudulent entities from opening accounts, applying for loans and credit cards, or otherwise creating a platform for committing crimes. But I would like to call out a couple of points that might have gotten lost in the shuffle:

  • Dan Rosen pointed out that a couple of the panelists noted the importance of user experience before even mentioning fraud prevention.

    As a very smart guy told me years ago, user experience is more than a fancy interface, although a fully functional one is certainly a value-add. A great user experience is one that reacts well to your requirements, your actions, and your own objectives and those of the organization you’re trying to interact with. The process should be intuitive, friendly, transparent, and efficient. And it should go beyond the original registration to deliver the desired outcome. So here’s an example in this industry.

    Financial institutions want legit customers (not those pesky third-party or synthetic creatures) to establish a relationship. They don’t want to turn good actors away. But the fear of fraud often leads to false positives, i.e. applicants being rejected for all the wrong reasons. These represent lost business for them and aggravation for the users who haven’t done anything wrong, but get treated badly anyway.

    On the other hand, a great user experience leads to a happy registration, a successful application, and the beginning of a beautiful relationship. To that end, fintechs, banks, lenders, and CC issuers need to verify identity to prevent the most fraud and accept the most legit customers—both accomplishing their goals and allowing the users a positive experience.

  • The question came up of the use of consortia for aggregating trusted identities.

    Sunil pointed out that like-minded institutions could share their respective caches of validated identities and that Canadian banks are starting to do this very thing. This is the theory behind blockchain consortia (since consensus is in fact the foundation behind blockchain). Other technologies also exist to enable these sorts of networks. But Sunil made the brief observation that the issue here isn’t technology but rather liability.

    So let me fill in the blank there. I spend the time and budget to verify the identities of consumers who apply to my bank. You do the same for yours. Now if one of my consumers clicks a link on my site to go do business with you (because we’re doing some cross-marketing), our agreement allows you to trust the guy, because I’ve already vouched for him, right? And vice versa.

    But what if the guy I thought was okay turns out to be a crook, and he commits fraud at your bank? You get the liability. You get blamed or potentially sued, or at the very least you take the financial hit. Do we necessarily have the same standards for verification in the absence of a common verification framework? Doesn’t uneven standards defeat the purpose of the consortium? And what about people who say, “I applied to your bank, and I don’t want my identity readily available to some other outfit,” or “I don’t want to do business with you because a certain institution in your consortium”?

    For now, the most likely route (IMHO) is, everybody rolls their own in the verification space.

2)    The wristbands for show attendees were awful.

They put them on so tight, you couldn’t take them off for the duration of the show (unless they kept them loose enough, and even then it ain’t easy). You had to worry about accidentally scratching your eyeball out in your sleep, and it was no fun getting in the shower with the thing. They need to figure out a better option.

3)    It’s reeeeeeeal easy to get lost between the Palazzo and the Venetian.

If you want to get from the Palazzo to the Venetian, the signage is fairly adequate. If you want to go the other way, nope. A few in our party and others, including customers we expected to see at our meetup places, got flat-out lost if they had wandered too far in search of food.

4)    This is THE show in the financial services space. I can’t wait to go back next year.

Topics: Money 20/20, Sunil Madhu, Artificial Intelligence, Identity theft

Jeff Scheidel

Jeff Scheidel

Jeff Scheidel is a technologist with 34 years in software, including 26 years in security solution design. He is the author of numerous white papers on security and regulatory compliance, as well as a McGraw-Hill book on identity, access, database, and application protection. Jeff is an expert on compliance requirements across a number of industries, and has presented at a wide variety of security events.