The Authentication Crack In Bureau Data

Socure KYC Authentication

Canada just said that it was OK for FIs to use “non-traditional” data sources to validate a consumer’s identity. It’s seen as a big victory for thin-file customers, and an important crack in the “it always has to be bureau and nothing but the bureau” information when authenticating consumers. Nash Ali, Socure’s VP of Product & Data Science, recently discussed the implications for FIs and consumers everywhere.

 

Despite the fact that we live in a world where digital technology is redefining the way financial services are consumed by people and businesses, many of the tools used to validate identities and authenticate customers are stuck in the past.

But as KYC continues to gain recognition for its impact on financial services, will the tools and methods associated be able to digitally keep up?

Nash Ali, VP of product and data science at Socure, explained that, as KYC is being pushed to the forefront of risk management practices, there is an increasing pressure to put KYC programs in place that can perform with the influx of new technologies, new data sources and new methods.

“KYC is broadening to include really all financial services and instruments; that’s the mandate,” Ali said. “With that, it becomes even more important for financial institutions to have precision in their KYC process and also look broadly at a hot topic these days, which is financial inclusion.”

With the more traditional methods for identity verification, financial institutions have relied primarily on credit bureau data.

The problem with using those traditional methods, Ali pointed out, is that there are entire groups of consumers — such as millennials, immigrants, people who do not have thick credit files and even those who don’t have any credit files — that cannot be verified very well with credit bureau data alone.

This contributes to a widening gap where financial institutions begin to exclude a segment of the population from their ability to do business with a bank, open a card or open a financial instrument.

However, financial institutions are beginning to realize that they can take alternate data sources and still get the type of correlation information needed to verify that a consumer’s identity is indeed representative of a real person, Ali said.

“That correlation then becomes proof that this identity and these elements do go together and they represent a real consumer,” he added.

 

The Digital Data Evolution

Traditionally, the data used to confirm the correlation or validity of a consumer’s data is credit bureau-based, but in the world of alternate data, information can also be corroborated by a consumer’s “digital exhaust.”

Think about an online social media presence, like a LinkedIn or Facebook profile, which may include identifying information, like a name, email address and phone number, but also includes strong and unique social data that is not so easy to replicate.

“That’s really the strength of looking at digital as a secondary method of authenticating a consumer,” Ali pointed out.

He explained that, if a fraudster was to go so far as to set up a fake social network account using a synthetic ID or a taken-over identity, they still would have a difficult time spoofing the behavior a consumer has on these digital sites.

Authentic job or education history, personal posts and connections just can’t be duplicated; this type of behavior is what’s very hard to replicate because it’s built over time.

“When you model against this behavior on social sites and non-social sites out there in the online world, you can create an identity profile for any individual with a great level of confidence, and then that serves as proof point on that identity,” Ali added.

 

The Global View Of KYC

As the world continues to move towards digital-only processes, the ability for companies like Socure to take data from the digital world and use it bring identity authentication into the digital age is rapidly increasing.

“Being able to tap into that digital data and create consumer authentication methods out of that and use that to perform KYC is really where we see the world going,” Ali emphasized.

Just this week, Canada’s financial intelligence agency took a very progressive stance on KYC by announcing it will support Canadian financial institutions using a dual method of verification to perform KYC beyond just the traditional bureau-based verification.

Ali described the move as a “game changer” as it relates to financial inclusion because financial institutions in Canada will now have the option to move away from solely using bureau-based data and open the door to the type of digital data that can help KYC to securely verify more people into the financial world.

“It’s an interesting shift for financial institutions to be able to use this alternate data now, which allows them to chase after these very lucrative consumer segments that have typically not been able to bank with them or apply for a financial instrument simply because they didn’t have bureau-based data on these individuals,” Ali said.

Could this breakthrough also stand as a precursor for how other countries may be thinking about their own regulatory constructs?

It looks like the answer is yes.

According to Ali, Socure has already seen increasing interested from companies wanting to know how they can utilize this duality and the digital data to perform KYC.

“There’s going to be a huge adoption of this,” Ali said confidently. “I absolutely see this as a model that more and more countries will start to adopt.”