FinTech is a buzzword in developing and developed economies, as seamless technology and banking services are increasingly embedding into the ecosystem. Think of FinTech and the countries that come to mind are the US, UK, Switzerland, and Sweden. We rarely think of Kazakhstan, a landlocked country in Central Asia, when discussing FinTech developments.

Kaspi Bank, an Almaty-based intrepid service provider, is now making waves in the FinTech space following its overwhelming IPO success in 2020. The bank, which offers financial and banking solutions and retail and commercial banking services, was listed on the London Stock Exchange and brought in over $1 billion at its listing. As per reports, Kaspi Bank’s IPO was the second-la …

Authorized Push Payment (APP) fraud, an advanced form of social engineering, has been on the rise globally. UK Finance’s 2020 report on financial fraud reported close to 150,000 incidents of APP fraud in the UK, a massive 22% increase over the previous year. Impersonation scams accounted for most of these incidents.

How Scamsters Execute APP Fraud

Fraudsters pose as authorized service representatives of trusted firms such as banks and trick unsuspecting consumers into transferring money into accounts under their control. The exponential rise in real-time digital payments has been a major driver fueling APP fraud globally. Since real-time payments cannot be revoked and the settlement is instantaneous, it has been the most attractive vehicle for criminals to execute APP fraud.

Red Flags to Watch Out For

APP fraud can be prevented by understanding the consumer’s digital behavior during the course of a transaction. Here are some risk indicators that point to a consumer being socially engineered into performing a fraudulent activity:

1. Long calls while making an online financial transaction are a common indicator of the consumer being manipulated. As per various industry estimates by carriers in the UK, a high percentage of APP fraud events have an active call that overlaps the event.

2. Network usage and call patterns that seem to match typical patterns associated with fraudulent activities could be a tell-tale sign of APP fraud.

3. Device usage patterns, such as typing and handling the phone, that appear different from the typical usage patterns followed by the user are also a red flag.

The Contingent Reimbursement Model (CRM) code in the UK sets out the standards to protect consumers from APP fraud and reimburse them for financial losses. However, it does little to prevent the occurrence and repeat of the same fraud for a consumer. Therefore, the industry and participating organizations need to collaborate and leverage innovative technologies to beat APP fraud.

Steps to Tackle APP Fraud

Using behavioral biometrics in identity verification and authentication is an effective way to beat APP fraud. Apart from thwarting the most evolved forms of impersonation fraud, behavioral biometrics provides frictionless authentication without compromising on user experience.

As a high number of APP fraud incidents are associated with long overlapping voice calls, industry participants are now working together to track phone usage in real time at the time of a transaction or digital engagement.

Companies need to move away from legacy 2FA, such as SMS-based OTPs, and invest in technologies that can run strong possession checks. For example, instant links provide higher immunity to 2FA interception than OTPs and ensure the flexibility to check if the transaction is being completed where it began—a case often violated when the customer is socially engineered to share credentials with a criminal.

Conclusion

In the UK, there’s been a strong push to include financial fraud within the scope of the Online Safety Bill to ensure consumer protection, fight terror financing, and stop the exploitation of the vulnerable sections of the society. APP can only be tackled effectively if the government, technology providers, and online consumer entities collaborate.

This article is a synopsis of a blog published by Prove.

Accelerate your onboarding

Contact us to learn how leading companies are using Prove Pre-fill to modernize the account creation process by shaving off clicks and keystrokes that kill conversion.

The past decade was a decade of digital and social disruption. Businesses, marketplaces, money, discussions, and insights—all became social and online. Social trading networks emerged as one such disruptor as they changed the way online trading is done. They provided low-cost, sophisticated technology-based alternatives to traditional wealth managers.

As social media is becoming mainstream, it is changing the way a number of investors manage their portfolios. Social investing or mirrored investing brings social networking into arguably the most private and important nooks of people’s lives: their investment portfolios. 

What is Social Investing or Mirrored Investing, and How Does It Work?

Social investing platforms allow investors to trade online with the help of other experienced investors and traders/peers. Social investing is an online investment strategy that allows investors to foll …

As we move into the last quarter of 2021 and countries worldwide continue to grapple with the pandemic, it is fair to say that COVID has impacted every industry. When nations closed their borders and mandated people to stay at home, digitization and technology adoption emerged as saviors. People had no option but to adapt to hybrid ecosystems consisting of work from home, online conferences, online classes, and digital communication and entertainment. The fear of virus transmission turned staunch supporters of cash economies into ardent believers of digital wallets and contactless transactions. As businesses went digital, people virtually purchased and completed financial transactions with a few clicks on their smartphones or computers. Businesses across sectors were forced to adapt and transition to a hybrid way of work and life, offering solutions via dedicated online platforms. However, no sector was as affected as the payments industry—it significantly ramped up capacity to cater to the burgeoning requirements of a slew of new and existing customers.

The pandemic has transformed the entire payments ecosystem—contactless transactions have come to the fore much earlier than previously anticipated. In Southeast Asia, the pandemic and several other factors in the years prior have led to the rise of alternative payment methods that are disrupting the financial landscape in the region.

Heavy Digitization and E-Commerce

Google’s e-Conomy Southeast Asia report suggests that the region’s internet economy will be worth approximately $200 billion by 2025. Further, considering the population’s affinity to the online medium, products and services are being devised with the intention of leveraging Southeast Asia’s ‘internet friendliness.’ With a majority of upwardly mobile and urban youth using alternative payment methods such as digital wallets and payment platforms, Southeast Asia is on the cusp of a financial transformation. According to a BCG report, 49% of urban consumers, who are also commercial bank customers, already use e-wallets in their daily lives. The report also projects that this number could touch 84% by 2025, further accelerated by the social distancing mandates necessitated by the pandemic. 

While digital payments have picked up strongly in other countries, the Southeast Asian ecosystem is still in its developmental phase, offering tremendous opportunities to innovative FinTech and payments startups. As one of the world’s most populous and economically dynamic growth zones, the region is expected to evolve into a heavily digitized economy in the near future. Research by ACI Worldwide and YouGov states that people today are as comfortable with real-time digital payments as they used to be with cash payments before the pandemic. Reportedly, 61% of the people surveyed in Indonesia, Malaysia, Thailand, and Singapore now prefer real-time payments. This number is also higher than the preference shown for digital wallets requiring cash or card recharges and credit cards. The report further states that about 30% of Southeast Asian consumers have lowered their use of traditional payments methods in the aftermath of the pandemic, indicating that COVID, indeed, catalyzed the paradigm shift in the region’s payments landscape.

E-commerce has proved to be another catalyst for this transformation. It has been witnessing steady growth and has, in turn, promoted the adoption of alternative payment methods. According to a research study, e-commerce in Southeast Asia has spiked because of the pandemic, with Indonesia exhibiting the biggest appetite for the online marketplace, followed by the Philippines and Malaysia. E-commerce offers customers myriad benefits, ranging from the safety of shopping from their own homes to the convenience of pay on delivery to easy return policies. The report states that Southeast Asia has a higher prevalence of e-commerce than mature economies, with Indonesia depicting the highest e-commerce adoption globally (at 87% as of 2020). Thailand and Malaysia followed close behind, with 84% and 83% of their respective internet users purchasing things online. Southeast Asia has been a late adopter of the internet, and most of the region’s population accesses e-commerce and digital payment methods through increasingly affordable and accessible smartphones. Indonesia also topped the list of the world’s largest mobile e-commerce users, with 79% of the country’s internet users having bought items online using a mobile device.

Low Penetration of Traditional Banking 

Southeast Asia has a large number of unbanked individuals who are more than keen to embark on an alternative payments journey given the lack of banking penetration in the region. According to a report, a majority of the population in Southeast Asia is unbanked, with about 73% or 470 million people unbanked as of 2020. This is an extremely high figure, indicating the low penetration of basic financial services in Southeast Asia compared to other regions. Cambodia is among the countries lagging far behind, with traditional banking services accessible to only 5% of the population. In the backdrop of such a landscape, the presence of digitally powered alternative payment systems is enabling Southeast Asians to enjoy the perks of banking services without having to access traditional structures. The growing payments ecosystem encourages financial inclusion while also accelerating growth and development for the economies.

One of the primary reasons for the lack of traditional banking services in Southeast Asia was the extreme dependence on cash before the pandemic. However, post-COVID, the hybrid landscape is showing a drop in affinity to cash. An ACI and YouGov report states that 61% of consumers in Indonesia, Malaysia, Thailand, and Singapore preferred real-time payments and cash payments equally. 

Popular Alternative Payment Methods 

The Southeast Asian payments landscape underwent a dramatic transformation in 2020. For the first time ever, growth in digital payment methods exceeded growth in credit and debit cards, indicating the rise in popularity of alternative payment methods. Contactless payments became the norm, and retailers began to accept payments from various in-person channels including touchless interbank transfers, mobile-based payments, and QR code payment methods. Experts expect the stickiness factor of alternative payments to persist, with few consumers likely to revert to cash once the pandemic is under control. Even though card payments did not make a significant mark in the Southeast Asian landscape, the lack of adequate banking penetration and widespread digitization has ensured an influx of alternative payment methods aimed at offering seamless and optimal services to the new-age customer. Alternative platforms such as e-wallets and microcredit platforms have grown in number and popularity, giving stiff competition to the more traditional financial players in the region.

Here’s how the payments landscape in some of the larger economies in the region looks like:

Singapore

Singapore is at the forefront of the alternative payments ecosystem. As per a report, the total transaction value in Singapore’s digital payments segment is expected to touch $11.2 billion in 2021, posting a 22.7% CAGR between 2021 and 2025 and reaching $25.4 billion by 2025. Further, according to a Visa survey, 66% of Singaporean consumers have now formed cashless payment habits, choosing to pay using cards or mobile apps. Major players in the country include CardUp, 2C2P, FOMO Pay, and Liquid Group. 

Malaysia

Malaysia is following close on the heels of Singapore when it comes to adopting alternative payment methods. A report suggests that 40% of the country’s use the technology. The top alternative payment service providers in the country are Boost, Touch ‘n Go, GrabPay, and PayPal. Boost is widely accepted at over 140,000 locations. According to the Global Payments Report by Worldpay and FIS, 14% of all e-commerce payments in Malaysia were made using digital/mobile wallets. 

Indonesia

Indonesia is at the forefront of digital adoption in Southeast Asia. According to reports, Bank Indonesia stated that the value of electronic money transactions reached $13.95 billion in 2020, depicting a 38.62% growth year-on-year. GoPay and OVO are the major contenders among digital wallets with the highest number of active monthly users. Dana and LinkAja have gained traction in recent times. According to the Global Payments Report by Worldpay and FIS, digital/mobile wallet was the most preferred payment method for e-commerce transactions.

Cambodia

With COVID cases seeing dramatic spikes in Cambodia, the country’s central bank and the Microfinance Association have urged people to limit the use of cash. As per a recent report, as of 2020, the adoption rate of digital payments in Cambodia was 40%. Popular alternative payment methods include TrueMoney Cambodia, Ly Hour Paypro, Pi Pay, and SmartLuy. 

Thailand

Since the pandemic broke out, this Southeast Asian country has recorded strong growth in digital payments and alternative payment channels. As per a recent Reuters report, Thailand’s digital payments in February 2021 surged to double the volume in the year-ago period, with the number of transactions made via the PromptPay platform averaging 22.3 million per day. Major digital payment players are Pay Solutions, Bangkok Payment Solutions, SiamPay, and 2C2P.

“At FIS, we are seeing a marked shift toward the acceptance of alternative payment methods (APMs) in Southeast Asia driven by innovative, frictionless solutions being offered. Regionally, FIS is supporting our clients to enable various APM options, facilitating a true omnichannel experience—be it local real-time payment schemes or domestic debit schemes, including closed-loop channels. For instance, riding on the digital payments trend, we recently enabled an innovative wearable payments product launch in the Japan market. In the near future, we see a substantial opportunity in providing avenues to connect these locally prevalent APMs in the cross-border scenario, helping to take adoption to the next level.” 
– Kanv Pandit, Group Managing Director, Asia Pacific, Banking Solutions at FIS

With the catalyzing effect of the pandemic and Southeast Asia’s affinity to digital services, there is no doubt that the underbanked region is primed for an alternative payments revolution. While the pandemic will wind down going ahead, the future is certainly bright for the rising digital payments market in the region.

The Nordic financial landscape is no stranger to FinTech-powered disruptive technologies and innovations. As per a Deloitte report on the Nordic FinTech ecosystem, the region has seven banks, each with balance sheets exceeding EUR 100 billion, indicating the tremendous growth potential of the region. The underlying statistics and scope for scalability imply a rapid influx of FinTech players in the Nordic financial ecosystem even though incumbent stakeholders are overwhelmed by sluggish economic growth and fast-changing regulatory norms. The factors dampening the traditional financial ecosystem are, in fact, lending a helping hand to disruptive FinTech players that are making the most of a dynamic financial landscape in the Nordic region, especially Sweden.  

Major Sectors Experiencing FinTech Revolut …

Imagine you wish to purchase a car on loan. However, this is the first time you have considered taking a loan. Till now, all your purchases were paid up front, and you never opted for easy monthly installments. How do you assure the loan provider that you are not a credit risk when you do not have a credit score? Enter credit-builder loans. These loans offer the uninitiated a chance to build a loan repayment record, thereby enabling easy loan access.

Credit-Builder Loans – An Introduction

Credit-builder loans help people who have little or no credit history build a credit record. Good credit scores not only open up the world of credit cards b …

Last month, US President Joe Biden issued an executive order aimed at the consumer financial services industry. The order encourages the Consumer Financial Protection Bureau (CFPB) to issue regulations under Section 1033 of the Dodd-Frank Act. The Act governs financial data access rights for customers of FinTech firms and banking institutions, and the executive order is in line with the US’ aim to encourage Open Banking standards.

Open Banking – An Introduction

Previous administrations kept US banking as a relatively closed ecosystem—banks and financial institutions served as gatekeepers that controlled account information and other customer-related data. However, with an uptic …

Digitalization has made it easy for fraudsters to manipulate individuals to gain access to sensitive data or bank accounts. Today, scamsters execute fraud using far more subtle and effective methods such as social engineering techniques that target humans through multiple social interactions.

Phishing, vishing, smishing, pharming, Business Email Compromise (BEC), and Email Account Compromise (EAC) are commonly used social engineering methods. Here’s how these techniques work:

• Phishing: Fraudsters pose as executives from reputable firms to send emails to working individuals asking them to reveal personal information such as passwords and credit card numbers.

• Vishing: These are phishing techniques that use voice calls or messages purporting to be from reputed companies to mislead individuals into sharing personal and financial information.

• Smishing: Fraudsters send text messages from credible-looking sources to retrieve personal information from unsuspecting individuals. Smishers leverage this technique to retrieve SSNs, credit card numbers, and passwords.

• Pharming: Swindlers redirect the web traffic of a legitimate website to a fake website for stealing usernames, passwords, financial data, SSNs, or any other personal information.

Business Email Compromise & Email Account Compromise: Fraudsters pose as seemingly genuine institutions/persons and send mails, for example, a CEO making a purchase request. In 2020, 19,369 BEC victims lost $1.8 billion in the US alone.‍

High-profile individuals such as executives, business owners, IT professionals, and government officials are usually the victims of social engineering fraud. Last year, social engineers turned the COVID pandemic to their advantage by exploiting businesses and individuals leveraging viruses, vaccines, and COVID relief themes. As per the FBI Internet Crime (IC3) Report, phishing, vishing, smishing, and pharming incidents registered a 110% growth between 2019 and 2020 in the US.

While educating employees is crucial for preventing social engineering fraud, organizations must also insulate their systems from social engineering hacks. Sending numerous OTPs to a victim’s phone number and phishing/smishing (to steal identity) using fraudulent links are techniques deployed by social engineers to gain access to systems.

Businesses need to implement authentication systems that can protect their customers and employees from this fraud vector. Legacy authentication methods such as OTPs must be replaced by modern methods such as Phone-Centric Identity™ to ensure that the actor is indeed who they claim to be. Multiple verified identity sources and device and phone number-related characteristics can enable companies to measure the trustworthiness of digital interactions.

Instant Link™ leverages secure SMS link messages. The technology uses a combination of active (SMS delivery with user action required) and passive (checking against phone intelligence signals) to authenticate identities in real time when users click the link.‍

‍Trust Score™ thwarts social engineering attacks by analyzing behavioral and Phone-Centric Identity™ signals from authoritative sources at the time of a potential transaction.‍

GaitAuth™ behavioral biometrics passively authenticates a user by analyzing their gait.

This article is a synopsis of a blog published by Prove.

Accelerate your onboarding

Contact us to learn how leading companies are using Prove Pre-fill to modernize the account creation process by shaving off clicks and keystrokes that kill conversion.

Challenger banks and neobanks started riding high in 2014. Neobanks gained instant popularity with their online, legacy technology-free banking. The UK leads the neobank segment; UK-based neobanks have almost 20 million customers. Over the past few years, FinTechs and neobanks focused on addressing shifting customer demand and targeted needs of SMEs—such as cross-border and B2B payments, SME lending, working capital optimization, cash flow management, KYC, invoicing, and accounting—have emerged. The neobank segment is also now a key focus for VCs.

Europe is a neobanking hotspot. In 2020, the region accounted for 30% of global neobanking revenue ev …

In one year, the average 9-1-1 emergency service dispatcher will answer 2,400 phone calls, many of which will be of life-or-death importance. As call answer time is critical during an emergency, national standards dictate that at least 90% of all 9-1-1 calls should be answered within 15 seconds. Dispatch centers responsible for answering emergency calls, i.e., public safety answering points (PSAPs), are failing to meet this standard, thus increasing wait times for panicked callers. 

Staffing shortages plague the efficiency of PSAPs, and non-emergency calls made by telemarketers only make matters worse. Fortunately, the Federal Communications Commission (FCC) is penalizing companies that autodial PSAPs. A growing number of businesses are investing in phone management technologies to ensure smooth PSAP operations and avoid hefty FCC fines.

An audit found that in Colorado Springs, just 68% of 9-1-1 calls were answered within 15 seconds. Kansas City and its surrounding suburbs, too, are impacted by slower than average PSAP response time. Despite public outcry against cities failing to meet national standards for PSAP response time, 9-1-1 wait times continue to increase. 

Understaffing caused by a tight labor market is the primary reason why wait times are growing at PSAPs. Overtime for existing employees, increased burnout, low retention rate, stressful work conditions, and modest salaries (the average New York City 9-1-1 dispatcher earns $50,400 a year) make hiring and retaining emergency service dispatchers difficult.

Telemarketer calls get in the way of emergency service dispatchers trying to promptly answer legitimate calls. While it’s illegal for anybody to call a PSAP when there is no emergency, fines are especially steep for telemarketers. Today, a telemarketer who calls a PSAPs will have to pay a fine between $10,000 and $100,000 per incident. Companies are now finding new ways to avoid accidentally dialing one of the thousands of PSAP numbers by improving their phone management system.

Phone numbers are widely used to track customers in-store and online. However, many companies lack a robust phone management system. Because millions of phone numbers are continuously updated every year, a number that once belonged to a customer could now be a direct PSAP line. Prove’s Fonebook™ helps companies manage customer phone numbers while authenticating customer identity and preventing fraud. The platform automatically removes PSAP numbers from company registries, helping them avoid hefty FCC fines.

This article is a synopsis of a blog published by Prove.

Accelerate your onboarding

Contact us to learn how leading companies are using Prove Pre-fill to modernize the account creation process by shaving off clicks and keystrokes that kill conversion.

The Nordic FinTech market, known for innovative practices and stringent security measures, offers customers a combination of advanced technology and unparalleled safety. Norway’s FinTech landscape has grown exponentially over the past years, thanks to massive digitization. As per a recent survey, Norway had 5.39 million internet users as of January 2021, with a 99% internet penetration. The meteoric rise of FinTech in this Nordic country can be attributed to easy smartphone access. The COVID-19 pandemic has further fueled the adoption of FinTech and digital banking services.

Evolving FinTech Landscape

Studies suggest that Norway’s financial landscape may experience disruption followin …

The promise of neobanks, digital banks, embedded finance, and so on has changed how financial services are accessed and experienced. Players, ranging from banks to startups to big tech companies, are thus exploring the multifarious ‘as-a-service’ offerings and infrastructure, such as Open Banking APIs, UPI, and the upcoming Open Credit Enablement Network (OCEN). Many of the resulting arrangements manifest as a layer on top of banks and other regulated players. To access the financial services they offer, compliance with the applicable KYC mandate, the service, and the player or the underlying player is an essential first step.

Customers expect a seamless and digitized identity verification procedure, particularly during the pandemic that has made traditional contact-based and in-person KYC processes a health risk. Integrating a completely digitized and scalable identity verification layer is thus essential for innovation in this space to achieve its full potential. Regulatory steps relaxing individual and business KYC and technological infrastructure for API-based verification play a crucial role in creating this layer.

The Digitized Identity Verification Layer and Scaling an Experimental Service

The explosion of API-based services has facilitated numerous new arrangements. Take, for example, banks and FinTech companies partnering to launch digital banks to add new distribution and onboarding channels, companies signing up as TPAPs to launch UPI-based payments services, and tech/FinTech companies riding on the licenses of regulated players to offer digital lending and other services. In fact, dedicated financial infrastructure players that partner with multiple banks, NBFCs, and other entities via APIs enable companies to simply ‘plug and play’ to launch their financial services. 

Services in the experimental stage and trying to scale, such as a new service or a new way to access a traditional service, must minimize customer onboarding friction—a valuable lesson learned the hard way by the m-wallet industry in its initial years. Business models in the m-wallet industry were originally built around low-cost Aadhaar-based eKYC (approximately INR 20, as opposed to INR 200–250 for regular KYC). The 2018 withdrawal of eKYC, combined with the mandate to convert to full KYC, took away convenience—a key factor that drove the early adoption of m-wallets. M-wallets have since completely reinvented themselves, but this still leaves lessons to be learned on the KYC front. 

A digitized identity verification layer, much like IndiaStack’s integrated ‘presence-less’ and ‘paperless’ identity layer (via eKYC, DigiLocker, etc.), thus plays an essential role.

How KYC Verification and Account Linking with API-Based Services Work Today

Neobanks can partner with multiple banks or other regulated players. Customers can access the services of a neobank if they have an account with any of the underlying partner banks. KYC compliance is then defined by the norms applicable to the banks.

A neobank and its partner bank can set up ‘connected banking’ models, enabling customers having accounts with the partner bank to simply link their account via a net banking process. KYC must be completed first if a new account needs to be opened. Account linking and KYC vary across banks, with varying levels of digitization. For example, a URL can be redirected from the neobank’s website/app to the bank’s website to complete the process. Alternatively, some or all of the required data—to be shared with the bank—can be collected at the merchant’s portal that conducts and confirms the verification via APIs. The bank can also conduct Aadhaar-based verification depending on the service.

Similar steps are deployed when accessing a new service requiring separate KYC, say, accessing insurance, lending, or mutual funds after linking an existing savings account. The same goes for an embedded finance offering, for example, a savings account or wallet service embedded as a feature directly in a merchant app.

KYC verification and account linking with API-based services are not yet completely digitized. Video KYC primarily eases individual KYC; business KYC is still a far cry from digitization. KYC here also often ends with a mandatory in-person verification by the bank before account activation.

Benefits of the Verification Layer and the Vast Potential of Real-Time KYC

An identity verification layer undoubtedly eases verification at the technological level, covering the multiple API integrations with banks, public databases, and other sources as required. In addition, API-based data access can further ease verification, for instance, allowing consent-based predictive auto-filling of KYC forms to reduce human error, accelerate onboarding, and support the overall due diligence and fraud checks.

While KYC has specific requirements such as accepting only official ‘equivalent e-documents,’ data from government databases and other sources can also be used for digital identity verification outside of the legal mandate for KYC. For instance, apart from KYC for customers, verification is equally important, say, for onboarding vendors, partners, and employees. Sector-specific rules can also have requirements that may not be KYC per se. For example, the Consumer Protection (e-commerce) Rules, 2020 require marketplace e-commerce entities to keep records, allowing identification of sellers.

Even with regulated entities, a modular approach can help platforms set up staggered KYC policies on a need-to-know basis instead of full KYC. A step in this direction was RBI’s guidelines—that differentiate between account-based and onboarding relationships—for payment aggregators (PAs). With this, PAs onboarding merchants with an underlying full KYC bank account need not conduct the entire KYC process again; a board-approved KYC policy will suffice.

Features to ease the process have already been introduced. For instance, using GSTIN, data such as legal entity name, business address, registration date, GST status, and beneficial owner information can be pulled from the GST portal and auto-filled. Trusted sources such as the account aggregator framework and other Banking-as-a-Service (BaaS) facilities can all be leveraged here. Even payment credentials need to be verified, for instance, verifying payment credentials prior to processing employee salaries and vendor payments. The traditional ‘canceled check’ technique can also be made instant and paperless with online bank account verification via APIs.

Open Banking, thus, has tremendous potential to create reliable ‘instant’ identity verification.

Defining a Verification Layer’s Functioning – Features and Key Business KYC Challenges

Several factors impact how a digital identity verification layer works—what KYC and verification entail, restrictions on data storage, etc. Although regulatory steps have eased the process, several challenges still need to be addressed.

1. Different KYC requirements for different services

KYC—a multi-step process that starts from pre-onboarding and continues until the relationship ends—includes checking identity documents, such as Aadhaar and passport, and business documents (licensing, registration), verifying PAN and GSTIN, beneficial owner KYC, and bank account verification. Many of these steps can be digitized via a verification layer, thanks to regulatory relaxations and government databases that have opened API access to enable direct verification.

KYC norms vary from service to service and, sometimes, entity to entity. Businesses, therefore, need to assess their business requirements, applicable regulatory norms, and the facilities their verification layer requires. For example, consider a business using an embedded finance feature for wallets to credit salaries to its unbanked vendors/partners or facilitate specific authorized purchases by employees. Seamless issuance of wallets will also require an integrated ability to complete KYC. The following points specific to KYC for wallets must be kept in mind:

• KYC must include the facility for collecting data for minimum KYC (OTP-verified mobile number, self-declared name, and OVD identity number) and converting to full KYC (say, via V-KYC) under RBI PPI norms.
   
• Voluntary Aadhaar-based eKYC also comes in for bank-issued wallets.
   
• KYC levels also vary based on the type of wallet facility required. For example, converting to full KYC isn’t required for low-limit (INR 10k) wallets loaded only from a bank account. In this scenario, minimum KYC will suffice as long as the issued wallets are loaded by the business only from those company bank accounts that have completed KYC.
   
• In all other cases, full KYC is mandated within two years. Even here, full KYC wallets allow features such as interoperability (upcoming), cash withdrawal, and increased balance limits (INR 2 lakh), which allow wallets to become substitutes to bank accounts. Depending on business requirements, these additional features may support earlier conversion to full KYC.
   
• e-RUPI now adds a KYC-free option for prepaid vouchers via UPI, but this comes with restrictions such as a INR 10,000 cap and one-time use only.

 2. Important regulatory steps for digitizing KYC

Regulatory steps to digitize KYC play a crucial role with seamless identity verification. With m-wallets, the initial regulatory flip-flop around KYC was a big part of the challenge. Moreover, the respite that came (permitting minimum KYC low-limit wallets and increasing time for converting to full KYC to two years) was slow. However, steps are now being taken to digitize and relax KYC.

In addition to relaxing KYC for wallets, there are initiatives that relax KYC for particular services or entities. For example, customers can link an underlying bank account for which the bank has already conducted full KYC. Similarly, PA guidelines approve board-approved KYC policies when onboarding merchants with such accounts. The distinction between account-based and onboarding relationships mentioned in the guidelines is important and is, in fact, also found in the KYC Direction that requires the ‘customer due diligence aspect’ of KYC to be carried out only when “establishing an account-based relationship.” Yet another example is UPI that requires linking the account to the UPI app. As a result, UPI is favored more than wallets. Minimum KYC wallets, loaded only from such accounts, are also an example.

Yet another step toward digitizing KYC is using Aadhaar OTP based e-KYC as a simple KYC option for opening savings and lending accounts. While these are subject to limits of INR 1 lakh and INR 60,000, respectively, and must be converted to full KYC (via V-KYC again) within a year, these are a good option, say, for issuing short-term, small-ticket loans.

Digitizing KYC, in general, includes essential steps such as permitting the use of ‘equivalent e-documents’ for KYC from DigiLocker or the issuing authority (e-PAN, e-AoA, and e-MoA). Operationalizing C-KYC for individuals and, recently, for businesses and permitting V-KYC for individuals first and now businesses are among the other steps. V-KYC was eased recently to accept identity documents apart from Aadhaar via the C-KYC Identifier and DigiLocker. The increase in API-accessible government databases (such as NSDL for PAN, GST Portal, and MCA) is another benefit.

All these steps increase the possibility of an end-to-end digital KYC process. The key benefit at present, however, is for individuals. For businesses, KYC is still not adequately digitized.

3. Key challenges with digitized business KYC

Individual KYC is comparatively more digitized than business KYC, thanks to V-KYC, C-KYC, and DigiLocker, though practically, even these run into issues. V-KYC, for example, still hasn’t been adopted widely. KYC sharing via C-KYC is not highly reliable due to the risk of fraud at the other institution. For business KYC, despite recent welcome steps, there are several additional challenges:

• All business documents not digitized: While many government databases have enabled API-based access, digitization does not cover the complete spectrum of documents needed and every type of business. Partnership deeds, trust deeds, registration proof, board resolutions are some documents that are often unavailable in a digital format. Company MoAs and AoAs can be downloaded from the MCA portal, but these are usually scanned copies of physical documents. One may encounter the same issue while submitting ITRs, IEC certificates, and other documents even though PAN or IEC in itself can be verified online.
   
• Issues with scanned documents: Uploading scanned documents prevents API-based access to the data in those documents while also necessitating traditional ‘original seen and verified’ checks for many of them. Another challenge is converting the scans to the supported formats and size of each portal before uploading, which hampers smooth onboarding.
   
• C-KYC not operational: Although the legal entity template has been shared, C-KYC is not operational yet and will be plagued by the lack of digitized business documents.
   
• Mandatory on-site verification: Recent V-KYC relaxations for sole proprietors and beneficial owners may allow completely digitized KYC processes for onboarding some MSMEs, one-person companies, and similar small businesses with entirely digitized processes. Higher risk and larger businesses, however, still need to wait. Banks, for example, often mandate on-site verifications for businesses as a key due diligence check. The physical aspect of business KYC thus becomes unavoidable for business address verification, activity checks, etc.
   
• Multiple business owners and ownership setups: Multiple business owners and ownership setups make business KYC a lot more subjective than individual KYC. A significant challenge is correctly identifying current beneficial owners, such as the current majority shareholder or relevant director. This, in fact, is also a common source of fraud.

Moving Closer to Real-Time Identity Verification

A verification layer thus takes many factors into consideration and plays a crucial role in easing customer onboarding for businesses. Regulators can certainly take the next steps, like increasing the number of API-accessible business documents, recognizing API-based verification as original seen and verified, resolving operational issues with C-KYC, and increasing data available on merchant fraud. These steps can play a pivotal role in digitizing onboarding, particularly for business KYC, including small businesses and MSMEs. The regulatory focus and initiatives in this regard cannot be undermined. Each step brings fully digitized and real-time verification closer to reality.

Over 100 million Americans have an auto loan. The auto financing sector is thriving, thanks to a scorching hot car market driving up the cost of vehicles. With an average loan for a new car totaling $35,392, competition between financial institutions to issue auto loans is fierce. A growing number of auto loan providers are leveraging Phone-Centric Technology™ to cut down on time taken to complete the necessary forms, improve customer experience, and increase sales while staying competitive.

Despite historical, social, economic, and political uncertainty, Americans are eager to purchase cars and hit the road. On average, consumers are paying 99.9% of the sticker price for new vehicles. Besides, “Americans are borrowing record sums to buy new vehicles — and used ones — and they continue to pay relatively high interest rates.” As a result, competition among auto loan lenders is intense, and profit margins are high. 

Americans have two primary choices when financing their car: direct and indirect financing. Regardless of the type of financing, consumers should seek the best option and expect some serious paperwork. As applying for a loan is a fairly laborious process, lenders are investing big in technology to accelerate form-filling and cut down on user errors.

Filling out the forms necessary to finance a car can be quite frustrating, both in-person and online. Financial institutions require stips (industry shorthand for stipulations) like proof of income to ensure that a customer can pay back their loan. After providing copies of their stips, a customer fills out their CIP (Customer Identification Program) forms. With so many repetitive forms to complete, customers are prone to making errors which can lead to increased processing time on the part of lenders and higher rates of rejection for customers.

Prove Pre-Fill™ improves customer experience by drastically cutting down on the time it takes for a customer to fill out their CIP and stips while reducing fraud and improving compliance. Pre-Fill leverages Phone-Centric Technology to autofill forms using an authoritative source and then asks the consumer to simply confirm the answers.

Without Prove Pre-Fill, the average time it takes to fill out a five-line application (industry speak for the auto loan application) is 40 minutes. With Prove Pre-Fill, a five-line application can be completed in just a few minutes. Cutting down on a customer’s time spent filling out forms is especially critical for car dealers because it allows salespeople to get back to the floor faster while improving customer experience.

This article is a synopsis of a blog published by Prove.

Accelerate your onboarding

Contact us to learn how leading companies are using Prove Pre-fill to modernize the account creation process by shaving off clicks and keystrokes that kill conversion.

MEDICI Team

The content team at MEDICI, comprised of research analysts, editors, and designers, produces FinT…
Read more

FinTechs have always aimed to improve business models created by incumbents to introduce innovative business models for the financial ecosystem. FinTech startups approved by the market usually seek investments to expand their services or offerings. Successful startups that receive more investments have higher valuations. Many startups have joined the Unicorn club, thanks to their business models and mega funding rounds. In this article, we will focus on the mega funding rounds fueling the FinTech space.

Mega-rounds refer to large-scale funding (over $100 million) received by startups. Since 2018, 450 mega-roun …