Do you know who your customers are? This sounds like a trick question, but it isn’t. Although organisations must have Know Your Customer (KYC) and Anti-Money Laundering (AML) checks, the certainty around identity isn’t as high as it should be. For financial services organisations, failure to verify identity carries heavy fines and reputational costs. According to UK Finance, instances of credit card ID theft (new cards using stolen identities or account takeovers) were up 101%, with a reported gross loss of GBP 21.4 million for H2 2022.
Identity verification is a powerful capability that helps defend against new account fraud, application fraud, card ID theft, and account takeover. When utilised with best practices, organisations can protect themselves and their customers while delivering delightful digital experiences.
Leveraging verification throughout the customer journey helps manage financial, identity, and compliance risks.
When customers initiate their first interaction, verifying identity against an official document should include matching the name and face on the document and verifying the document’s validity. Verifying validity decreases the likelihood of fraudsters opening accounts with stolen/synthetic identities.
Verifying identity should be a prerequisite for releasing borrowed funds. Whether part of the account opening or re-verifying again before allowing access to funds, proofing at this point in the customer journey significantly reduces money misappropriation.
Many financial institutions require MFA before allowing large transfers. However, re-verifying the identity at this point is a better way to stop fraudulent transfers initiated as part of an account takeover.
Digital identity proofing stops certain types of fraud that occur in bank branches.
Whether the individual is an existing customer or not, verifying identity can mitigate most in-person check fraud. Ping estimates that identity verification reduces this type of fraud by over 90% when implemented correctly.
Legitimate customers require support and identity verification helps ensure that the support agent doesn’t accidentally aid a fraudster in a crime. For password resets, account closures, and disputes it’s imperative to know that the identity of the person requesting support matches the identity of the customer who owns the account. This protects against account takeover and stops fraudsters before they create lasting harm.
Not all identity verification solutions are equal. A strong service, like PingOne Verify, should allow you to quickly, reliably, and confidently ascertain two things: 1) the real-world identity exists, and 2) the person undergoing the proofing is the actual owner of that identity. The verification process should be done in real-time and be as easy as presenting a physical ID.
Biometrics (voice and facial recognition) is a key differentiator. The service should be tested for racial bias, accurately match all skin tones, and verify physical and digital government-issued ID validity. Finally, a good identity verification service should match the face of the user to the face on the document, performing a liveness check. The liveness check prevents spoofing by confirming that the individual is alive and physically present during the verification.
Decentralised identity is an approach to IAM that allows users to control their identity information. Sometimes referred to as self-sovereign identity, it eliminates the need for users to provide unnecessary amounts of personal information to access a service. Organisations issue users’ verifiable digital credentials that are stored in a digital wallet. Users present their credentials to organisations that verify the information instantly without contacting the issuer.
Decentralised identity helps financial institutions comply with Know Your Customer (KYC) and Anti-Money Laundering (AML) regulations by using robust verification mechanisms to create an immutable record, reducing the risk of fraud, and improving the accuracy of compliance checks.
PingOne Neo is Ping’s new decentralised identity solution. Neo verifies IDs, documents, and identity claims and issues digital credentials based on those. Users can share credentials with organisations to quickly and effortlessly prove who they are.
Implementing verification and credentialing at the appropriate moment in the customer lifecycle is critical. Most customers expect to verify their identity at least once, but it should only happen occasionally, even if the process is easy. ID proofing is a valuable component of a larger threat protection strategy, and it works best when integrated with other fraud detection, authentication, and authorisation tools. This integrated approach allows organisations to challenge users when needed without overwhelming them with unnecessary security steps. Getting the balance right may take trial and error, but the results are worth it.
This editorial was initially published in the Financial Crime and Fraud Report 2023 which dives into the captivating world of fraud management, digital onboarding, and financial crime in the financial services industry. You can download your free copy here.
Maya Ogranovitch Scott is a Solution Marketing Manager for Ping’s financial services solutions. She is passionate about leveraging the power of identity to help enterprises deliver exceptional customer experiences that are simultaneously secure and seamless.
Ping Identity delivers a comprehensive set of identity and access management services. Customers may choose any or all they need without vendor lock-in. Our platform makes it easy to integrate services with speed and precision, streamline multi-vendor architectures without custom coding, and explore and optimise journey flows with minimal disruption.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now