Intelligence solutions company Melissa is focussed on establishing who individuals and companies are beyond reasonable doubt. And in the shadowy world of online identity fraud, where the masks are always changing, that’s a level of proof that’s increasingly hard to obtain, as Barley Laing, its UK MD, outlines.
It’s perhaps hard for some to believe but, only a decade or so ago, most companies would happily accept a photocopy of an ID document to verify who you are.
How times have changed… now it can be the blink of an eye on a selfie video.
In 2020, the obligations to comply with increasingly demanding know your customer (KYC) and anti-money laundering (AML) regulations alongside a constant war of attrition with the digital bad guys, has led to the birth of an entire industry offering high-tech and constantly evolving ID and verification (ID&V) solutions.
Financial services companies, of course, want the Holy Grail of near-instant onboarding for new customers, as well as bullet-proof identity verification.
But this demand is also being made at a time when the world’s complex mix of financial databases remain hugely vulnerable to sophisticated criminals who operate at mind-boggling scale.
So mainstream is money laundering now that, as well as being so hard to detect, it represents between two and five per cent of global gross domestic product (GDP), or $800billion to $2trillion, according to the United Nations Office on Drugs and Crime.
One technology company heavily involved in trying to protect its customer firms both from fraudsters and falling foul of increasingly prescriptive regulations when onboarding customers, is California-based Melissa, which can count Bank of America, Aviva and MetaBank among its blue chip clients.
Barley Laing, managing director of Melissa’s UK operations, acknowledges that taking on cyber crooks is a war without end, and the industry must continually devise better ways to verify identities.
“As soon as technology companies like ours come up with a solution, the fraudsters are thinking of ways to get round it,” he says. “That’s why it’s important we continue to develop our technological capabilities, to make not just a single check on one identity attribute, but all the surrounding attributes that add up to providing a good degree of confidence that the person a merchant is dealing with is a bona fide individual and not a fraudster.”
Among the weapons in Melissa’s armoury is biometrics. For instance, potential customers may be asked to provide a selfie video that is scrutinised for a blink to ensure proof-of-life while the image is then cross-matched against conventional ID photographs, such as passports or driving licences. Among its other capabilities is verifying emails to ensure they are not spam traps; checking the registration of mobile phones and whether they are callable, and checking the IP location of a device being used to make the application.
None of this is a time-consuming process – in a world that demands almost instant onboarding, it can’t afford to be.It is carried out in seconds, in the background, as the potential customer’s finger hovers over the next step in their online application.
Laing says: “One of the things we get asked for a lot is to ensure that the end user’s, or customer’s, experience is clean, quick and efficient.
“So, a lot of the things we provide involve the ability to autocomplete some of that process. That makes the customer journey much smoother, the transition to a successful goal is achieved more quickly, and it is also better for the merchant because the less the end user has to do, the better you can avoid errors and bad data being brought into your system at the point of capture.”
Consolidation for security
Specialist firms like Melissa are seeing a growth in demand for their services as KYC and AML compliance and regulation become ever-more rigorous. Laing believes established giant financial corporations, more than neobanks or challenger banks, can find themselves most vulnerable to falling victim to fraud.
“If you think of an established organisation, one of the big players, one of the big corporates, they have legacy systems that have been amended and added to over many decades,” he says. “That gives them a very complicated structure, so introducing new technologies takes a lot of time, a lot of effort, and can cause huge complications, as we’ve seen in the news most recently with some of the banks. A startup, a challenger or a neobank, has a golden opportunity to embrace new technology straightaway. They can be at the forefront of technologies that will enable them to most rapidly engage with customers in the way customers expect to be treated. They can embed that technology into their platform very easily.
“Our services are delivered through web services, application programming interfaces (APIs), software development kits (SDKs) and apps; these things for a new company that is used to dealing with technology solutions, are very simple to integrate, very easy-to-use tools.
“We’ve spent a lot of time and energy making sure that process of embedding into their platform is very straightforward, and non-obtrusive to their customers. So, we would argue that, for the challengers, it’s a great time to get into these technologies, because they will give them a competitive advantage over some of the large corporates.”
Laing also believes the days are gone when financial services organisations could employ several different firms to provide them with individual solutions, such is the continuing pace of change.
“The best strategy is to go with a supplier that offers you the broadest range of capabilities,” he advises. “If you go with a one-trick pony supplier, you’re going to be limited to being able to just deal with that area of your business. As your business evolves, you’re going to have to look for alternatives, or additional service providers. And that introduces complexity and issues, inefficiency and cost. So, choose a supplier with a broad range of capabilities that can grow with you as your business evolves.”
Laing also advocates that firms, particularly smaller ones that operate internationally, should also fall back on a specialist to help them adhere to global regulations. “Trying to understand all of the global requirements is very difficult, and very time-consuming, so it’s important that these organisations reach out and use a supply chain that has knowledge of what is required in different marketplaces, in different jurisdictions around the world,” says Laing.
Melissa, which has been in the business for more than 34 years, has recently formed a new division investigating particular areas of artificial intelligence (AI).
“Semantic technologies are something we’re looking at very closely, to see how they can improve our identity verification capabilities by using those additional AI functions,” Laing says.
But its new core focus is on developing ways to carry out identity verification for businesses – know your business or KYB – something Laing describes as a ‘new frontier’ and a capability that could eventually be used to root out rogue or shell companies set up specifically for criminal gain.
“This is a more complex area we’re developing but one we see huge potential for,” Laing says. “We’re all very familiar with KYC, but the new frontier is KYB.
“There are already some checks we can do for this; obviously we can look at directors’ status to make sure, through AML, if individuals who are heading up these organisations have any sanctions or are politically exposed. But the future for our business is to make sure we have a clearer and cleaner KYB capability.
“This is really determined by the availability of data from other countries. For countries like the UK and the US, the data is available to make these checks. It gets more complicated in some parts of the world and these are interesting growth areas. So, we’ve got some work to do, but it is a core focus for us.”