KYC Verification: How Does it Work & How to Improve It

KYC verification is lengthy, expensive, unpleasant for the customer and – let’s be realistic – easy for criminals to bypass.

In fact, the cost of Know Your Customer checks is estimated to be $60 million a year for the average bank, which isn’t surprising considering that it slows down onboarding, increases churn, and requires dedicated resources to work effectively.

This is why anyone wishing to make the process safe and low in friction should carry out every step of their KYC verification effectively. We discuss the best ways to do this, what challenges to look out for, and other major aspects of KYC verification.

What Is KYC Verification?

KYC verification is a crucial part of the customer due diligence (CDD) process and involves ensuring that a customer is who they say they are and can be trusted. Along with other KYC checks, it sees organizations cross-checking a prospective customer’s personally identifiable information (PII) with identification documents such as passports.

In other words, KYC verification is a process of identity verification that is focused on the CDD process of ensuring KYC compliance. It is also an essential part of preventing and mitigating fincrime, such as money laundering and the financing of terrorism.

How Does KYC Verification Work?

To process and complete KYC verification, you need to ask your prospective customer for their details (usually their name, address and date of birth), ask for official ID documentation, and then cross-check those received items to determine if they are all in agreement.

The way the cross-checking process is carried out depends on the level of automation (if any) that’s involved. For example, some organizations may digitally scan a person’s ID documents to automatically pick up on the details printed on them, whereas others may opt to check it manually.

It is advisable that anyone doing KYC verification uses both IDV (identity verification) software and their own perception because this will increase the likelihood of spotting tampered documents.

The process is only complete once the organization doing the KYC verification has determined whether or not it deems the applicant eligible for the full Know Your Customer process.

The 3 Components of KYC

1. first and last name
2. date of birth
3. residential address

The customer needs to provide proof of these details using official documentation, such as a passport, driving license, or national ID.

For iGaming and online casinos, KYC checks must also include age verification and self-exclusion lists.

Why Is the KYC Verification Process Important?

KYC verification and authentication processes help organizations know the extent to which their clients are trustworthy, and they also allow business owners to avoid fees and other penalties that would arise from compliance issues. They help us know which customers are legitimate and which may be linked to criminal activity, such as money laundering and the financing of terrorism.

In other words, both KYC verification and authentication processes are important because they help organizations to be compliant and able to determine which of their accounts should be retained and which should be blacklisted.

In fact, both processes are not just vital to decision-making in the management of accounts and customer relationships, but they also help police work itself. It is often a legal requirement for organizations to use KYC verification and authentication, and this reflects their application to crime reporting.

The use of KYC software and authentication processes mean that criminals have to undergo a process that may build evidence against their malicious activity. And this is all assuming that those criminals aren’t put off by the identity checks in the first place.

They are also important thanks to their collective ability to prevent crime by acting as a deterrent to criminals from the very beginning of a sign-up process.

KYC Verification vs Anti-Money Laundering (AML)

These two are often coupled together in a business’s risk management segment and, to an extent, they have similar goals. Indeed, they can both be mandated by local authorities. But they are not synonymous.

The easiest way to understand the difference between KYC and AML is by thinking about the goals of each:

• KYC is introduced at onboarding, when a new customer is about to sign up, and it has to do with verifying who this person is.
  
  On a practical level, this could involve document verification checks or biometrics.

• AML are measures taken continuously by a financial or related organization to prevent money laundering. They have to do with securing that the funds brought in by the customer have a known, legitimate source.
  
  On a practical level, AML involves actions such as flagging unusual transactions and/or those over a certain amount, and filing suspicious activity reports with the authorities.

We should also note that in principle, both of these fall under the umbrella of CDD.

Challenges of KYC Verification and How to Solve Them

Let’s look at a number of reasons why – and preview how this can be ameliorated.

Consumer Apathy

Unfortunately, there is a lack of awareness of the benefits of KYC among the public – so much so that many consumers view such measures as something to avoid.

In fact, research by Accenture shows that a convenient digital experience is among the top three reasons customers switch from traditional banks to challenger banks and neobanks.

Being overzealous when onboarding new users can cause churn – and especially so for digital-first institutions, where it goes against consumers’ primary reasons to choose you.

• Solution: This is an issue of convenience. No customer wants to have to jump through hurdles to open a bank account or access a financial product. Robust, comprehensive pre-KYC checks can keep friction to a minimum, giving your organization a leg up over competitors.

Absence of a Universal Method

KYC regulations are different across the globe, and the type of documentation deemed acceptable varies too.

In the US, for instance, the Financial Crimes Enforcement Network (FinCEN) creates the regulatory framework digital banks follow. On the other hand, UK banks comply with the Sanctions and Money Laundering Act of 2018 and the Sixth Anti-Money Laundering Directive (6AMLD) governing the EU. 

Each jurisdiction has restrictions unique to them, and its own passports, credit/debit cards, driver’s licenses, utility bills, etc.

This can create a logistical nightmare for companies working with an international user base. There are currently 150 different types of passports and national IDs worldwide. How do you verify every document when there is so much disparity between, say, an Italian ID printed on paper, and an Indian passport which does not contain a hologram?

• Solution: One way to improve upon this is by leveraging pre-KYC checks. As individual KYC verification checks are costly, every business would benefit from not having to pay to have them conducted for fraudulent customers. By implementing pre-KYC checks, you can weed out obvious fraudsters so that you don’t waste money checking their (fake) credentials.

Insufficient Customer Data

Too many people around the globe are either underbanked or entirely unbanked.

The World Bank’s 2021 report says that nearly 1.7 billion people remain unbanked. The latest research by Merchant Machine corroborates that finding, and highlights Egypt, Mexico, Morocco, Philippines, and Vietnam as the most unbanked countries, with more than 60% of their population unbanked each.

In fact, even in the US, 25% of households are unbanked or underbanked, according to figures published on CNBC.

Fintechs considering serving these countries face great difficulty in sourcing reliable customer information. This is even worse if they provide lending services, as they need some sort of credit check to do so safely.

• Solution: Such data scarcity can be overcome via alternative data, which creates a complete, real-time customer profile starting with just their email address and phone number and using sources such as the 50+ online and social networks checked by SEON’s modular APIs – as we will see in more detail below.

Identity Checks (IDV) Are Easy to Fool

Increasingly, we’ve seen evidence that legacy identity verification methods can be much easier to fool than expected.

In fact, document scans are welcomed by fraudsters who want to pass customer identification checks, as it’s one of the easiest ways to get around user KYC authentication. There is no shortage of options, as they can:

• acquire original financial and personal documentation on the dark web
• create synthetic IDs based on real and made-up user data
• phish for personal info themselves using fake job posts, online scams, etc.
• fool biometrics and liveness checks using freely available tools

In fact, we even conducted an experiment to see how easy it is to apply for a loan with a stolen ID – and the results are not encouraging for lenders.

• Solution: Don’t rely on documentation alone to gauge how safe a customer is. Make the most of sophisticated data enrichment and fraud prevention tools on the market.

KYC + 3DS/SCA = Payment Friction

Other measures put in place to protect consumers that can cause friction and churn in payments are 3DS and SCA.

In fact, cart abandonment due to 3DS can be as high as 40% (in Spain and France, according to Forter). These are not sales any merchant wants to miss out on – which gives them ample reason to avoid implementing 3DS if they can help it, or even avoid specific banks.

• Solution: Fraud detection software running under the hood can perform quality pre-KYC checks, letting you know if the user is coming from a known device and/or they have a good social presence. This intel can inform the 3DS process, applying it only when the set-up is not known and trusted for that customer – always subject to local legislation.

Information Siloing

Often, when a bank expands its services across savings, loans, and investments, its departments tend to work in silos, leading to a lack of mutualization. 

For example, the lending team might not share customer information with the investments team, meaning a customer can be asked to submit the same information on multiple occasions. This leads to poor customer experience and confusing risk decisions for the bank’s team. 

• Solution: Leverage a platform that standardizes your digital bank’s entire fraud management protocols, and give permissions as needed to the right teams, so all changes on their end sync. Sophisticated fraud prevention solutions allow teams to work seamlessly, as you can see in SEON’s screenshot below.

Trusting Customers Too Much

With identity theft on the rise, relying only on KYC information provided by users leaves your bank vulnerable to fraud. 

Documents can be forged, identities hacked, bought and generated, and even biometric verification has been shown to be susceptible to spoofing.

Yes, KYC mandates usually require you to look at such proof of identity, but you can add more layers of protection – especially so if it’s frictionless.

• Solution: Leverage frictionless alternative data without asking your customers for anything extra, by looking at their hardware and software configuration (via device fingerprinting), their digital footprint (via reverse email and phone number lookup), IP address analysis, and similar information.

Best Features for KYC Verification Processes

Digital Footprint Analysis

It all starts with gathering as much information as you can about each customer. A great fraud prevention tool helps you get a 360-degree view of your users.

The way SEON’s engine does this with zero friction is by examining the customer’s digital footprint, starting with just their email address, IP address, and phone number.

The result of this search will be a comprehensive profile of their public data, sourced from 50+ social media and online services. What this tells us is whether they behave like a real person online, and thus how likely they are to be a legitimate customer.

For instance, digital footprint analysis at SEON has demonstrated that the average good user has five to six online profiles on some service or another, while they are also likely to have fallen victim to a data breach.

On the contrary, an email generated by a fraudster will have very little online presence – which means they should be funneled towards more rigorous KYC checks, if not banned outright.

Device Fingerprinting

Device fingerprinting paints a vivid picture of how a user connects to your platform. By examining their software and hardware configuration and generating browser, cookie and device hashes, SEON is further able to conduct velocity checks, behavior checks and real-time monitoring.

• Has this person connected before with a different user name?
• Does their actual location match their stated location?
• Are they using suspicious device configurations that hint at spoofing?
• Are they employing common fraudster tools such as Tor or mobile proxies?
• etc

These data points add even more information to the assessment of the new user’s intentions. As a case in point, SEON’s solution gathers the following data, among others:

How to Save on KYC Costs with Pre-KYC Checks

As we have seen, KYC checks are costly. Identity verification vendors charge anywhere between $13 and $130 per customer verified. This can very quickly add up.

The fewer fraudsters reach KYC verification, the more money the organization can save.

By implementing SEON’s solution at signup and letting it work behind the scenes, you’re introducing a traffic lights system that greatly reduces the number of junk users who reach true KYC. So you don’t have to pay up to $130 to reject each fraudster.

In other words, SEON’s solution funnels fewer bad users through, and increases the ratio of good to bad users who get verified.

Beyond compliance and costs, this also helps minimize overall fraud at your company, as fraudsters and money launderers are significantly less likely to gain access to your products.

How SEON Can Augment Your KYC Verification

Since anyone working in your vertical should have the same KYC risk assessment requirements, it’s all about implementing them in a smart way, for instance by using dynamic friction.

Here is how SEON can optimize your KYC to give you a competitive advantage:

• saves you KYC check money
• runs under the hood, frictionlessly
• filters out junk users
• gathers valuable user data
• works even with few data points
• spots stolen, fake and synthetic IDs
• verifies customers without relying on 3DS/SCA
• keeps the customer journey smooth for good users
• flags fraudsters automatically
• speeds up the digital onboarding process
• spots suspicious connections between users (as seen in the image below)

This also creates the basis for further financial services functionality. For instance, loan providers trying to perform alternative credit scoring through digital ID profiling don’t have to worry so much about finding financial info: They can use digital footprinting to build their scoring models instead of using details from banks and financial institutions.

SEON lets you onboard good users as soon as possible, applying the least amount of KYC possible – while you block obvious criminals, as well as request more documentation from suspicious users.

Our solutions have allowed leading neobanks and fintechs to grow faster and serve more customers without any compromise to their safety or compliance – by filtering out bad users pre-KYC, triggering exceptions for 3DS checks, reducing transaction fraud, eradicating defaulting customers, and enjoying peace of mind in the process.

As just one case in point, fintech Felix Pago reported 90% more confidence in accepting or rejecting payments and 100% improvement in detecting multi-accounting.

Frequently Asked Questions

Sources

• Accenture: Banking Consumer Study: Making digital more human
• World Bank: The Global Findex Database
• Merchant Machine: The Countries Most Reliant on Cash In 2021
• CNBC: 25% of US households are either unbanked or underbanked

You might also be interested in reading about:

• SEON: Email Profiling: What Can an Email Address Reveal About Your Users?
• SEON: What is KYC (Know Your Customer)
• SEON: KYC in Banking: What is it, How it Works & How to Save Costs

Learn more about:

Browser Fingerprinting | Device Fingerprinting | Fraud Detection API | Fraud Detection with Machine Learning & AI