A look into the future: customer onboarding

Over the past few years, identity and awareness around the concept of identity have changed dramatically. Identity verification and Know-Your-Customer (KYC) were once financial industry-specific jargon, with strict regulatory requirements under the USA PATRIOT Act driving a high-level of responsibility to prevent financial crime for both banks and money transmitters. Companies met minimum identity verification standards not to enhance the customer experience, but rather to meet minimum due diligence requirements and safeguard themselves from legal consequences. These ‘legacy’ anti-money laundering (AML) and KYC procedures have long been associated with high levels of friction and poor customer experience.

It is a storyline that has been told time and time again, but the explosion of the digital economy has forever altered the business calculus when it comes to digital identity. We’ve seen an explosion of the digital economy. More companies are relying exclusively on online customer touchpoints, which means they’re collecting customer data, and we’re all familiar with the challenges of maintaining and protecting customer data. The new digital economy comes with demands: customers expect trust to complete these online transactions. For all companies, not just fintech, assurance about who is on the other side of a transaction is now more important than ever.

The bottom line is that identity is no longer a niche, limited to banks and financial services. Awareness of digital id and the concept of controlling personal data is gaining mainstream momentum, thanks in no small part to the Cambridge Analytica/Facebook scandal and a seemingly never-ending list of data breaches. Even US Presidential candidate, Andrew Yang argued that data should be considered a property right. And while there is still a lack of use cases for identity solutions, the circumstances are creating demand for identity solutions that emphasise the customer role in owning their data.

This article will take a look at the status quo of customer onboarding and the problems with the current status quo before moving onto the future of customer onboarding.

Where onboarding stands now

Knowledge-based authentication (KBA) quickly emerged as one of the default identity verification (IDV) methods in the digital economy. A KBA process identifies users by asking them to answer specific security questions to verify their identity. For example, providing your social security number, selecting your previous address from a list of choices, or confirming your approximate monthly mortgage payment. While KBA-based IDV flows are still in use, superior alternatives exist. With an ongoing wave of data breaches and an unprecedented amount of personal data on the dark web, knowledge-based verification is often easier to complete for fraudsters than it is for consumers. A full set of personal information sufficient to pass KBA can be obtained for about the price of a fancy New York City cocktail.

As a result, we’re seeing many companies transition to document-based verification that generally includes scanning a physical ID document to prove identity. This is becoming a more common option for tech companies. Document-scanning is a step-up from KBA because it requires physical possession of an identity document, which while possible to fake requires more sophistication than purchasing or phishing personal data. Current-generation platforms are implementing AI and machine learning to increase the ability to quickly identify fake documents and approve valid ones, but manual review by human eyes is often required in some instances. For example, when a finger is mistakenly captured holding a document, or glare makes automated processing more difficult.

While document-based flows have helped to improve the user experience and reduce instances of fraud, the fact that users must separately prove their identities to each online platform they wish to join remains inefficient for consumers and costly for businesses. There is a growing buzz in the identity community about the functionality and potential of self-sovereign identity (SSI) platforms to solve these challenges by allowing for users to prove their identity once digitally, and then share that identity across platforms. Basically, you’re able to carry around a digital wallet with different types of attestations that prove you are who you say you are. It also represents a system where the users control their attributes, how they are collected, and when they’re shared, instead of each individual enterprise managing their own databases, each with millions of potentially duplicate identity records.

The next generation of identity

In this next generation of self-sovereign identity platforms, the initial verification of a user identity is still provided by a third-party document-based IDV provider. However, once a user is verified, they now have a digital identity credentials that can be used as many times as desired. This means consumers can onboard themselves simply and quickly without having to re-scan their documents while businesses are not forced to bear the cost of individually proofing each new user. This gives the consumer more ability to achieve a high-level of identity verification, and it also gives consumers more control of their data attributes and who they’re shared with.

Continued consumer embrace of federated digital identity platforms may continue driving towards an even more seamless future state, where a government API would exist to bridge the gap between consumers and government issuers of identity, cutting out the middle-men currently performing verifications. Under these systems, consumers would be able to connect directly to the source that issued their identity card or passport, for verification directly against the source database. Estonia’s eID is a good example of this. The country has one of the most highly-developed national ID-card systems that enables consumers to directly leverage their government-issued digital identity when applying for a bank account, applying for government services, or booking travel.

As demands for proven digital identities continue to grow across all sectors of the economy, the evolution of digital identity will certainly continue unabated. With data breaches and privacy laws continuing to dominate headlines across the globe, expect these issues to remain a focal point of both private and public-sector attention in 2020 and beyond.

The article was first published in the Digital Onboarding and KYC Report 2020, which offers insightful editorials on topics such as digital onboarding best practices and key challenges, financial crime and how to fight it, crypto, and more.

About Cameron D’Ambrosi

Cameron D’Ambrosi is a Principal at One World Identity and host of the State of Identity podcast. Cameron is responsible for supporting OWI’s advisory services platform by offering clients key insights into the companies and technologies shaping digital identity today.

About OWI

OWI is a market intelligence and strategy firm focused on identity, trust, and the data economy. Through advisory services, events, and research, OWI helps a wide range of public and privately held companies, investors, and governments stay ahead of market trends, so they can build sustainable, forward-looking products, and strategies.