How mobile can offer increasing protection against modern fraud
In a world where interaction is increasingly made through screens rather than face-to-face, it is often difficult for companies to tell exactly who their customers are online, which poses a serious risk to security and compliance.
This threat is doubled by increasing legislative pressure. A host of new regulations passed at the end of 2017 mean that companies have to focus more and more on knowing exactly who their customers are.
The end of January was the final deadline for financial services firms to register ‘ultimate beneficial owners’ so that the individuals behind every account, and those who benefit from it, are clearer. The Fourth Anti-Money Laundering Directive (4AMLD) stipulates that companies need to be aware of the ultimate identity of business entities in order to help prevent the development of shell companies for tax evasion and money laundering, among other financial crimes.
Under the Second Payment Services Directive (PSD2), which also came into effect in January, many transactions above £30 are subject to a two-factor authentication process, which verifies the identity of the customer through two separate pieces of information.
This can be based on something they know, such as a password; something intrinsic about them, such as biometric data like fingerprints or facial appearance; or something they possess, such as specific documentation.
In a digital age, this is easier said than done. Gone are the days when customers walk into a branch to set up their bank account in person. The vast majority of financial interactions nowadays are carried out simply through the click of a mouse or, more recently, the swipe of a phone. The number of mobile phone users in the world is expected to surpass the 5 billion mark by next year. Last year, mobile transactions overtook those made online and in branches – according to data by Visa.
Mobile Network Operators (MNOs)
But this increasing shift to mobile devices can provide a KYC opportunity, offering another item that customers possess, and can use to identify themselves. With access to Mobile Network Operators (MNOs), financial services firms can access another form of identification – possession of a specific handheld device.
This usually involves an SMS text message being sent with a verification code to the user’s mobile. The code can then be used to authenticate that the account being accessed is by the owner of the phone, verifying identity through possession of the device. MNOs already have access to extensive identity information on their subscription holders, as they are also expected to meet stringent KYC requirements. Financial Services firms can use this vital layer of identification and compare it against other pieces of evidence, such as document and passwords, for the benefit of all parties.
Another useful function of handheld devices is their capacity to record biometric data. The majority of smartphones include a front-facing camera that can be used to take a photo, capturing inherent data about a person’s appearance.
As technology on phones improves, this opens up opportunities for further layers of authentication. Many iPhones have the capacity to register fingerprints, as well as the facial recognition capacity extensively advertised in the iPhone X.
At the moment, these innovations are limited to higher-end devices. However, as this capability becomes more widespread amongst devices, using further biometric data proofs for customers will become increasingly feasible.
Additionally, the ability of mobile devices to verify identity has a wider potential for citizens of the world. Vast numbers of the global population are unbanked, not included in the financial system, and without a financial identity. But the extreme reach of mobile technology could change this.
In Mexico, for instance, only 40 percent of adults have a bank account, yet there are 80 phone subscriptions for every 100 people. Being unconnected to any formal bank can leave many people financially disempowered, unable to access any kind of financial services, which leaves their funds insecure and without growth potential. The ability to verify identity through mobiles means that previously unbanked individuals can be provided with access to financial services in the future.
In an increasingly globalised world, borders are becoming more fluid. The global population is more mobile than ever, with many people moving between borders for work or shopping in foreign countries over the internet. Cross-border eCommerce, for instance, is growing at 25 percent annually. As individuals and money routinely travel increasing distances between geographical and legislative areas, this makes securing identity and tracing transactions more difficult than ever.
But mobile devices can be taken across borders and connected to their original MNO via other local networks. In a growingly interconnected world, as fraud threats become more sophisticated and regulation more stringent, mobiles and their networks can provide a consistent proof of identity that brings security and increased access to financial services for everyone.