Frictionless KYC might be compromising security in customer onboarding

Payment firms, fintechs, and crypto entities may see a boost in new customers when they implement streamlined KYC platforms that use open banking APIs, some of which may not even require an ID. But criminals can surpass safeguards in automated KYC, including biometric verification, by exploiting onboarding weaknesses, according to Thomson Reuters.

Entities that pass the UK’s FCA could be using onboarding to maximize pass rates and expand faster. While it may help meet regulatory compliance, marketing easy KYC could attract criminals. Financial firms should check databases of fake and stolen IDs to ensure someone isn’t using them to open a mule account.

The UK’s Payment Systems regulator published a report in 2023 showing that nine smaller payment firms ranked in the top 20 highest receivers of authorized push payment (APP) fraud. Dzing Finance topped the list with APP fraud accounting for 187,695 per 1 million of its transactions, Reuters reported.

Some customer onboarding tools are identity verification, rather than KYC, according to Uri Rivner, chief executive at Refine Intelligence in Tel Aviv.

“Banks knew the customers but also knew the life story of the customer. They knew why the customer was doing what they’re doing. They understood the context around those activities,” explains Rivner. “This knowledge has been deteriorating over the years with the move to digital.”

Because identity verification doesn’t provide insights to determine suspicious activity, financial institutions might freeze accounts too often to investigate legitimate transactions, which could actually be worse for the customer experience than a lengthier onboarding process.

Article Topics

biometrics  |  digital identity  |  identity verification  |  KYC  |  onboarding