July 28, 20208 min read
Authors: Mikołaj Saik
It shouldn’t come as a surprise that trust towards mobile apps increases steadily. In the US alone, there are already more than 260 million smartphone users (of all 328 million citizens), and those who use mobile apps tend to have over 100 apps installed on their smartphones. In China, on the other hand, the number of citizens that actively use the most popular super app WeChat exceeds 983 million.
Why is WeChat an interesting mobile app example, though? As a super app, it offers a variety of services used by the Chinese nationals on different occasions. As a result, the application collects a significant amount of data (payment information included) on its users. The trust towards it, however, is extremely high. This proves that app users might easily share their sensitive information, as long as they can be sure about their safety.
Unfortunately, the increasing popularity of mobile applications (also in a business setting), paired with the rising number of app users around the world, means that frauds and misuses are much more common these days.
As an app owner, you have to be aware of the potential data security risks and know how to prevent them. That’s precisely why safety standards like KYC exist. Here’s our take on data security in the world of mobile and solutions that bring KYC to life.
Due to the COVID-19 crisis, many retailers transferred their operations to the online world. As can be seen on the chart below, the number of retailers leveraging e-commerce and mobile solutions piked in the face of pandemics.
Of course, there’s nothing wrong with that - apart from the fact that a higher number of transactions also means higher risks when it comes to frauds. The most common types of frauds in the online shopping realm are:
Friendly fraud - when a customer purchases a product and keeps it, while also applying for a refund (i.e. because it doesn’t meet their expectations, or is said to be purchased with a stolen card),
Clean fraud - the purchase was made with a stolen card,
Identity theft - the purchase was made with another person’s data.
Interestingly, there were 3.2 million frauds and consumer complaints reported in the US in 2019 alone, and 650 thousands of them were cases of identity theft. When it comes to e-commerce, specifically, identity theft is the most common type of fraud that causes concern among 71% of surveyed merchants.
It’s worth keeping in mind that illegal malpractices of this sort are not only caused by customers, though. On the other side of the fence, there’s also phishing, data breaches, or triangulation frauds that retailers might have to struggle with.
That’s precisely why retailers are forced to take necessary measures and, in turn, often trust dedicated tools & solutions to prevent fraud from happening. We’ve described one of such anti-theft systems implemented by FutureProof Retail into their Scan & Go solution here.
Of course, problems with frauds don’t only concern online retailers. All financial and insurance companies (or any organisation that deals with sensitive data, for that matter) is prone to misuse of data. As a result, companies that operate online and deal with sensitive data have to look into solutions that improve data security one way or the other.
Along the way, they often encounter AML and KYC standards. What is KYC and how does it relate to AML, then?
According to the Financial crime and fraud in the age of cybersecurity report published by McKinsey, the efforts aimed at fraud prevention can be divided into 3 stages that follow AML (Anti-Money Laundering) standards:
Identification: “Who is my customer?”
Monitoring: “What transactions are legitimate?”
Response: “How do I respond to a thread?”
At the same time, KYC (meaning “Know Your Customer”) also gains more popularity on the market, across e-commerce, bank, finance, or insurance apps. The approach is consistent with the AML standards, as the goal here is also to minimise losses caused by e-frauds. What’s more, it also focuses on bringing the above-mentioned stages into life by implementing procedures aimed at authorising & identifying customers, monitoring & analysing all operations initiated by them, and minimising risks in the process.
Very common in terms of bringing the principles of KYC and AML to life is asking the users to provide a scan or photo of their personal documents. At the same time, however, physical counterfeits and forgeries are the most common type of ID fraud, according to the 2019 Onfido’s Global Fraud Index. That’s one of the reasons why technology and AI is a key to detect frauds, provide safe experience for both app users and secure the business of the app owners.
In the majority of cases, KYC technologies revolve around linking the customer account with their photo and documents that prove their identity, such as personal ID. That might not seem like a lot at first, but such a solution can bring a lot of value companies and app owners as well. According to Forbes, some major financial institutions already spend up to $500 million annually on KYC and customer due diligence. Even though the average annual spending happens to be $48 million, it's still pretty impressive.
Apart from the increased spending on KYC, there’s one more thing that proves its growing popularity: the data on existing innovation when it comes to KYC solutions. The authors of the Identity Verification Market Report predict that till 2023, the worldwide identity verification market size will double - to 12.8 billion, to be exact.
The situation of individual KYC verification tech providers reflects that tendency. New ideas on the market definitely attract the attention of new clients and investors - and this interest is not dropping in the midst of the COVID-19 crisis. Quite the contrary: the need to turn to the digital channel encourages app owners to look into data identification, verification and security measures.
Here are a few examples of successful tech providers:
Payfone, a B2B2C platform dedicated to identifying and verifying people, has raised $100 million to expand the business.
Biocatch, a developer of biometrics security technology, has recently raised $145 million in its latest round of funding.
Onfido, an AI-based ID verification platform now raised $200 million in total, with the support of well-known investors like Microsoft or Salesforce.
Actually, Onfido it’s an interesting case for us in particular. It identifies people based on the photo of their personal ID, as well as face recognition. You might know such a solution thanks to Revolut’s verification - and rightly so. As a matter of fact, Revolut increased the number of verified and onboarded users by 39% in just 1 month after implementing Onfido’s solution.
We’re proud to welcome Onfido on board as our partner. Since we believe that data security and user experience are crucial for mobile app development, we’re now open to collaboration with local companies and its implementation in existing applications. Take a look at Onfido and the technology behind it that attracts plenty of customers and investors.
The magic behind Onfido: How does it work?
Document verification - Onfido asks users to scan identity documents (personal IDs) with their phone or computer, which gives the app owner assurance that the ID they’re using is genuine. In fact, it’s said to catch up to 98.7% of ID fraud attempts, thanks to a hybrid of AI and human analysts for the highest completion rates.
OCR autofill - Once the user submits their document, Onfido’s OCR Autofill solution is able to extract their ID data and use it to auto-populate signup forms. It can perform additional validations (i.e. age verification) at the same time.
Biometric verification - To protect against identity thefts and other misuses, Onfido offers adding biometric verification to the flow of logging in. In order to comply, all the users need to do is take a selfie or a short video. Onfido then compares their facial biometrics to the photo on the ID and generates a score based on the similarity of the recognised faces.
That’s it. Online identity verification at its best.
Online identity verification that follows KYC standards can be successfully used in other apps as well, whenever there’s sensitive data involved - be it in healthcare, transportation, gaming, or retail. The truth is that plenty of applications out there require user verification. At the same time, every app user would like their account and personal information to be safe and sound at all times.
Thanks to bringing KYC standards to life, solutions that enable online identity verification minimise the number of chargebacks and frauds caused by identity thefts and make app users feel more secure about their data. This way, risks and financial losses stemming from these malpractices are also kept to a minimum.
Interested in improving data security and exploring online identity verification? Give us a shout.