Over the past few years, a massive surge of data breaches has exposed the personally identifiable information (PII) of millions of consumers.
With troves of PII data available to hackers around the world, fraudsters can easily create synthetic identities—accounts that combine both real and fake information—to manipulate systems and commit crime without being detected by legacy fraud prevention platforms. As a result, traditional Know Your Customer (KYC) platforms and fraud prevention solutions have been rendered unreliable.
This comes at a bad time for financial institutions and payment companies; e-commerce, digital banking, and other online activity is surging due to COVID-19, resulting in an uptick in fraud as well. Companies need to accommodate the increase in legitimate activity while also limiting fraudulent behavior.
To learn how organizations can move beyond PII data to secure their platforms without adding too much friction, PaymentsJournal sat down with Faisal Nisar, VP of Product at Acuant, and Tim Sloane, VP, Payments Innovation at Mercator Advisory Group.
During the conversation, Nisar and Sloane discussed current trends in e-commerce volumes, what these trends mean for FIs, the pain points related to compliance during the onboarding process, and how an effective solution can address these pain points.
COVID-19 has caused a significant increase in online transactions
Since the pandemic caused many physical stores to temporarily close, consumers have migrated their commercial activity into online channels. E-commerce, in particular, has seen an extraordinary surge in activity. Between the first and second quarters in 2020, U.S. retail e-commerce sales rose 31.8%, according to The Census Bureau of the Department of Commerce.
Although much of this growth comes from previous users shopping more frequently, a significant amount comes from new users. New users mean more account creations, causing the onboarding processes to become increasingly important. And it’s not just e-commerce that is seeing an increase in new users. A large portion of consumers have reported using new payment technology for the first time, including mobile wallets and QR codes, according to survey work conducted by Mercator Advisory Group.
Whether it relates to e-commerce or online banking, identity is at the forefront of securing the onboarding process and everything that comes after. As Nisar explained, identity is “the main building block in verifying that you’re dealing with an actual user, mitigating fraud risk, managing risk of new payment methods, and performing due diligence on who you’re doing business with.”
Sloane agreed, adding that the pandemic has also led to “a significant increase in phishing efforts and an increase in account takeovers, which [also require] improved identity and authentication capabilities.”
FIs need to evaluate the effectiveness of their identity solutions
It’s not just retailers that have been impacted by rising online activity; FIs are feeling the strain as well.
“Both issuers and merchants have the same problem,” said Sloane. They both need to enable frictionless access for low risk activity, while maintaining the ability to step up security measures as the activity gets more risky. This means FIs need to provide a consistent authentication mechanism that works across all channels.
“FIs should evaluate the effectiveness of their identity verification solutions, from onboarding to continuous monitoring, because identity plays a key role throughout the lifecycle of a customer with that institution,” said Nisar.
Three pain points in identity verification
Nisar identified three major challenges FIs face when trying to roll out identity verification solutions to keep up with the changing world.
- Time to market
- Effectiveness
- Balancing user friction with security
Time to market: Act fast
Many companies are still relying on legacy platforms that are simply not equipped to support the skyrocketing levels of online activity. “In order to integrate [into new platforms] or to have better solutions, companies have to make broader architecture changes,” explained Nisar.
After investing in new platforms, companies must then teach their employees how to use them. This requires time and money, two resources that many companies are short on.
Moreover, since consumer behavior and fraud trends are changing so rapidly, companies must act fast to make the necessary changes to their fraud prevention platforms. If a company takes too long to make the switch, it may end up rolling out an outdated solution.
Effectiveness: PII-based systems are inadequate
Many companies do not have effective solutions in place to cope with surging digital activity. As previously noted, legacy identity verification platforms often rely on PII, but this is no longer tenable. “Comparing [someone’s] personal information against a data source is not sufficient anymore,” noted Nisar, adding that this is partly because data breaches have exposed too many people’s PII. As a result, FIs need new solutions that transcend just PII.
Keeping friction low without compromising security
An effective identity verification platform must strike the right balance between friction and convenience. Friction refers to how difficult it is for someone to verify their identity. Requiring users to answer security questions, provide their fingerprints, or engage in some other verification method are all examples of friction.
If the verification method introduces too much friction into the process, legitimate customers will be negatively impacted. “High friction in the user experience is, in today’s world, a competitive liability,” said Nisar. Facing overly cumbersome security measures, many people will become frustrated and take their business elsewhere.
However, if there is not enough friction, criminals can easily conduct illegitimate activity. Thus, a balance is needed.
The takeaway: Find a solution that addresses these pain points
FIs looking to upgrade their verification systems should consider solutions that address the challenges identified above. AcuantGo, for example, was purposefully designed to be rolled out quickly, operate effectively, and strike the right balance between friction and convenience.
AcuantGo is not a code-based solution, meaning that a company can configure the platform to meet its unique needs without having to do any coding on the back end. “Settings are managed through an easy to use user interface, where the business teams can design onboarding forms and deploy in a matter of seconds,” said Nisar.
A code-free approach also improves the user experience. “Even if a user is applying for different product types, all those forms can be customized with a drag and drop editor,” said Nisar. Such an approach makes it easier for users to navigate the onboarding process.
The platform is also highly effective at determining if the real world identity of a user exists or not, and whether that is indeed the identity of the user behind the activity. Nisar noted that the platform handles identity verification as well as any compliance requirements.
“Being able to lower customer friction, while meeting compliance requirements and lowering your own risk and fraud exposure, that’s a homerun,” concluded Sloane.