curve

Compliance

Why real-time account verification should replace KBA in online banking

In an effort to verify that users are who they say they are and validate their identity, many websites used to implement a simple pre-shared KBA question when users were creating their online accounts. Something like “what is your favorite winter time activity?” or “what was your first pet’s name?”. The main issue is that hackers who were able to figure out consumers’ password can easily also find the answers to these questions. Although still largely in use, more sophisticated websites have since moved away from asking these questions to validate one’s identity because they can mostly prevent account takeover once an account is already established.

What about preventing fraud during the online account opening process?

Customer verification is similar during the online account opening process, when banks try to match someone’s real-world identity to a digital identity that may or may not be real.

This process starts by finding a real-world identity (i.e.: Driver’s license, Social Security number, Utility bill, etc.) provided by the customer or information gathered from public records to validate the information entered during the account opening process. However, with roughly 15 million U.S. consumers falling victim of identity theft each year, customer validation based on physical proof of real-world identify can also be challenging.

With so many “clones” using real customers’ Personal Identifiable Information (PII) ranging from addresses to credit card and Social Security numbers, how can you trust that anyone opening an online bank account is indeed who they say they are?

Better banking solutions to KBA questions

The best way to identify identity theft and stop someone’s “clone” from opening several bank accounts under his/her name is to gather as much information as possible and look for discrepancies. In the online world, this means checking the customer’s data against millions of data points in a matter of seconds. This sounds like common-sense practice that every online account opening solution should provide. Unfortunately, most online account opening solutions collect data in silos and fail to build a complete profile of each potential customer to assess risk. These shortcomings lead to two potentially damaging outcomes:

  • High abandonment rates: Websites take too long to check, validate and manually approve a customer’s account, which increases abandonment and cost of acquisition.
  • Increased fraud risk: With an incomplete picture of each customer, banks are more susceptible to fraudulent account activity from account opening to ongoing transactions.

Consider the following scenario: A customer is signing up for a checking account online from a computer in Ohio using a driver’s license from Chicago. Their utility bills are paid in Florida and their browser language is set to Russian. Unless your bank has access to real-time identity check during your online account opening process, it would be nearly impossible to cross-reference all this data in order to identify with a high degree of accuracy if this is a legitimate snow bird russian-american retiree who lives between Florida and Chicago and happens to be visiting a family member in Ohio when they decide to open a new bank account, or if this is a “legitimate fraudster”.

MANTL partners with Alloy to offer real-time customer identity verification throughout its online account opening software to stop fraud before it happens. On average, our customers automate 92% of BSA/KYC/AML decisions and reduce fraud by 67%.

*A similar article has been previously posted in Alloy’s blog.

Learn how MANTL can help you increase operational efficiencies by automating BSA/KYC/AML decisions, marketing campaigns and deposit operations.