Customer verification is crucial for any financial establishment and its existing customers. Failure to do so can lead to financial losses, data breaches, loss of reputation, and genuine customer loss to name just a few of the several possible adverse effects. Unfortunately, doing so has become a complicated task since fraudulent parties have become alarmingly good with their deceits.
Fortunately, a combination of human diligence, digital technology, and precise awareness can help banks, credit unions, investment firms, and other financial companies see past the deceit. It is possible to verify every customer ID through the implementation of the following.
1. Know Your Customer (KYC)
Know Your Customer or KYC is a set of standardized and recommended processes for verifying customer identity and their financial profile through assessment and verification of related documents. Both the FinCEN and the SEC have set forth minimum and recommended KYC standards which every financial establishment in the US must try and adhere to. You can find a detailed analysis of the KYC standards for different types of financial companies here.
2. Instant Bank Verification (IBV)
Instant bank verification is an important element of maintaining anti-money laundering and KYC standards online. Brought forth by Envestnet | Yodlee, their customer identity verification API is a tool used by banks for initiating an Instant Bank Verification (IBV). IBV is a process aided by the customer verification API for immediately verifying whether the claimed identity of a potential or existing customer is indeed genuine. It quickens a process that would otherwise take a much longer time, and thus would not be useable as a pre-transaction verification method.
3. Two-Factor Authentication (2FA)
Before the implementation of two-factor authentication by banks and especially credit card companies, committing fraud was far too easy. Customers bore the brunt of this fraud and credit card companies were often sued for being disingenuous in their efforts to protect their customers from fraud. A brief intro is necessary to explain how 2FA changed the game.
In the absence of a 2FA protocol, a fraudulent party would only need the credit card number and CVV to use it as their own for online transactions. As was often the case, anyone with access to such information would sell sensitive financial information in deep web black markets at a high price. 2FA introduced a second authentication method which significantly reduced the success rate of such frauds.
Each time a customer would attempt a transaction, they would not only need the credit card number and the CVV number, but also a time-sensitive, unique code. This code would be sent to the user’s registered email ID and/or phone number through text/electronic voice call. Unless the fraudulent party has hold of the individual’s phone or they have also hacked into their registered email ID, they would not be able to authenticate the transaction.
It should be noted that biometric authentication can also be used as the second step of authentication, instead of a text message or a voice call. If the user’s device has a fingerprint scanner or approved face recognition technology, they can authenticate a transaction through biometric authentication.
