3. AGENDA
PROTECTING CONSUMERS – IDENTITY VERIFICATION
16:00 OPENING REMARKS
RICK BIGGS
Managing Director – Software, Analytics & Fraud
Callcredit Information Group
16:05
ANNE GREEN
Managing Director Global Operations
Paycasso
16:20
MEL CAMERON
Senior Technical Sales Manager
Callcredit Information Group
16:35
DR RACHEL O’CONNELL
Founder and CEO
TrustElevate.com
16:50 CLOSING REMARKS AND Q&A
RICK BIGGS
Managing Director – Software, Analytics & Fraud
Callcredit Information Group
17:00 NETWORKING DRINKS, FOOD & ENTERTAINMENT
19:00 ENDS
22. Senior Technical Sales Manager
Callcredit Information Group
MEL CAMERON
VERIFYING IDENTITY IN THE FACE OF
REGULATORY CHANGES & FRAUD
PREVENTION CHALLENGES
23. Challenges presented by increased regulatory focus
4th AML Directive
• An increased focus on a risk based approach and the ability of an organisation to justify its
rationale around automated decisions
• More importance placed on keeping existing customer records up to date
• Fraudsters are becoming ever more sophisticated, making it increasingly difficult to validate that
the applicant owns the identity they are providing
Payment Accounts Directive
• From 18th September it becomes law for banks to provide a basic bank account to all EU
customers
Payment Services Directive 2
• Requirements for Card Issuers and other payment services providers to increase security
measures and adjust fraud prevention policies
24. Traditional approach to verifying identity
PEPs Sanctions SDNs
Address
Links
Gone
away
CIFAS
Address
Redirects
DOB
Mismatch
Deceased
Length of
Residency
Non
Standard
Addresses
ID
Velocity
Traditional Identity checks look for sufficient proofs of residency using various
data sources at the home address to enable organisations to meet internal
policy requirements and ensure compliance with regulatory guidelines:
SHARE data
Electoral Roll
Bankruptcies and Insolvencies
County Court Judgements
Clients are increasingly looking to configure datasets based on product type
and the level of customer risk represented
25. Greater focus on a wider range of fraud checks to highlight
where an identity is stolen
Clients are looking to deploy additional
fraud checks where the risk of financial
crime is greater;
• Flexibility is needed so that strategies can be
tailored by product and risk appetite
• Increased focus on confirming that the
customer is who they say they are through
fraud checks and KBA Questions
• Validation of identity documents without
disrupting the customers journey is challenging
for many organisations
• Any inconsistencies in application data need to
be highlighted
26. How are Callcredit’s solutions helping organisations to address
regulatory & fraud challenges?
We are providing our customers with flexible
solutions which address regulatory and fraud
challenges with minimal disruption to the
customer journey;
• Developing additional checks which look to pin
non-traditional data sources such as Mobile, Device
and Email to the identity
•Increasing the range of KBA Questions to make
them easier for the genuine customer to answer
and providing document verification checks
•Expanding the range of identity verification
datasets and fraud checks which can be used for
international customers
•Highlighting inconsistencies in application data and
looking to harness the power of social media and
dark web data
29. Q&A PANEL SESSION
Panellists:
Anne Green
Managing Director, Global Operations
Paycasso
Mel Cameron
Senior Technical Sales Manager
Callcredit Information Group
Dr Rachel O’Connell
Founder and CEO
TrustElevate.com
So first of all a quick recap on some of the challenges our clients are facing at the moment. So you’ll probably all be aware that organisation are coming under increased scrutiny as a result of changes in regulation which place more focus on accurately validating customer identities. The 4th AML directive is presenting significant challenges for many customers, particularly in sectors such as Gaming where the previous AML regulations were more lenient. Organisations are being required to look at strategies they have adopted previously and ensure that they are still in line with the regulatory guidelines, and also adapt them where necessary to ensure they are still compliant.
In addition, the European Banking Directive means that from 18th September all UK banks are obliged to offer a basic current account to EU residents so this presents additional challenges in validating identity for a customer demographic where data sources have traditionally been limited.
Also the Payment Services Directive comes into play soon and requires card issuers and payment services providers to increase security measures and adjust fraud prevention policies, so in summary there is more focus being placed than ever before on knowing not only that the customers identity actually exists at their address but also that they own that identity and have not just stolen someone else's.
Organisations have traditionally used automated ID checks to pinpoint an identity at an address, and a range of data sources have been used at the home address to confirm that the identity exists. The approach focusses on looking for sufficient proofs of residency at the address to validate that the identity exists there and in addition, fraud checks are also returned to highlight any potential risks.
While these types of checks definitely still have their place in verifying identity, more and more focus is being placed on finding ways to verify identity where little or no information exists at an address in order to stop the applicant dropping out of the process and maximise the customers who are accepted. At the same time, there is also pressure to ensure they are not trying to falsify someone else’s identity in order to obtain goods or services so there’s a fine balance in making sure you’re taking on the good customers, while still finding appropriate measures to pick up those who are impersonating someone else.
So this pressure for organisations to confirm that a customer is who they say they are is currently being addressed in a number of ways by Callcredit. We are still using the traditional method of looking for evidence that the applicants identity exists at the address provided, but in addition to this we are supplementing this data with fraud checks to highlight any inconsistencies which may indicate where an identity has been stolen. We have a range of fraud checks available which highlight the level of risk that the identity has been stolen and these take information that is available at point of application such as the Bank Account or Card Number, the Device, Phone Number and Email address and they highlight any anomalies relating to those and also any previous suspicious behaviour relating to them to indicate where there is a cause for concern. For exception handling, where an anomaly has been found on one of the fraud checks or little information can be found on the applicant at the address, we have also introduced KBA questions and will soon be launching document verification to validate a range of identity documents and also conduct facial recognition where required. So these solutions provide additional ways to carry out an automated check to ensure that the customer is who they say they are.
We have structured our ID and Fraud checks within a modular solution to ensure that the service is flexible and can either return a wide range of checks together in one scorecard or can be used in a tiered approach meaning that checks can be configured to only trigger if some cause for concern is found, so that the application time is still kept to a minimum with less customers falling out of the process along the way.
So where will our approach to identity verification take us next? It’s looking as though over time it will become more and more important to be able to link the individual to additional things provided at point of application and not just the name and address as individuals become more transient and take more and more of their financial relationships online. As a results, we’re developing Device, Mobile and EmailID to highlight how confident we are that the individual owns the Device, Phone Number or Email address, and we envisage that all of these checks could be used by our customers, to help validate an applicants identity, where little information exists at the address.
We’ve also recently developed a range of non-bureau questions within our KBA solution, to enable questions still to be asked where a thin credit file exists. The questions we have developed link to things such as vehicle details, email address and mobile number, so are linking to information which the genuine customer should find easy to answer but that the fraudster might find more difficult to get hold of.
We’re also seeing more and more of our clients dealing with new to UK customers or expanding globally, so as a results we now have multiple solutions which can be deployed across both the UK and International customer base in order to validate that the identity exists and that no information is present to indicate that identity theft might be taking place, again ensuring that those new to UK customers don’t fall out of the application process.
We will also be looking to expand these datasets overtime to harness the power of the information available within social media and also on the dark web, so that our clients can be truly confident that the person they are interacting with is truly the applicant and we’ll be able to tell you more about these developments as they become more clearly defined.
So hopefully that gives you a good overview of how Callcredit is working to help our clients address identity verification and challenges, so as I’m the only thing standing between you and the bar I’d like to thank you for your time.