The Open Web Application Security Project (OWASP) Tbilisi was held on June 10th and Identomat’s CTO, Rezo Imnadze presented his insightful take on customer onboarding in the Digital Age.
OWASP works to improve the security of software through its community-led open source software projects by hosting local and global conferences as well as through many other resources. Identomat was invited to present at such a platform to highlight the importance of Know-Your-Customer and Anti-Money Laundering processes.
The presentation began with the explanation of KYC and Identification and how it helps secure businesses from financial fraud through Identomat’s example. Before delving into how KYC has changed the client onboarding process, Rezo focused on prior KYC tendencies and the associated challenges, such as long queues at service branches, the need of gathering many documents etc.
‘ The interesting thing with digitizing services is that not only does it give an edge to companies, but also makes it easier for customers to access services without leaving the comfort of their home and saving funds. ‘
As for businesses, they are able to better secure their data, have a digital footprint of all actions in their workflow and also cut their expenses all while accelerating processes.
So What Is KYC And How Does It Work?
Unfortunately, online fraud has been growing these past years and criminals are getting more and more creative with their techniques. What KYC does is that it ensures that the person is truly who they say they are by using the latest AI technologies. For example, Identomat identifies hoaxes, such as corrected MRZ and papers, printed documents, other people’s documents shown through the screen. But since this is just one part of compliance, biometric parameters need to be taken into consideration as well. Therefore, masks, recorded videos, photos and other techniques are easily detectable by AI.
Organizations need a reliable way to determine that the user is indeed who they claim to be online. To take our system for an example:
- The user is asked to take a photo of their ID
- A photo of themselves (selfie)
- The software checks the ID validity, cross-checks watchlists, performs liveness or similarity checks
- If all the information matches, the customer is safely onboarded
To ensure that the AI system does not go over the line, certain laws and regulations are in effect. GDPR (General Law on Data Protection) is one of them. Being GDPR compliant means that you, as a business, are required to protect the processed personal data and privacy. Another similar safety measure is the ISO-27001 certificate that allows companies to demonstrate to regulatory authorities and the public that collected information is fully secure and adequate tools are in effect to address possible risks. Identomat is proudly ISO-27001 certified and GDPR compliant and has the seal of approval from the State’s Inspector Service of Georgia on compliance with the Georgian Law on Data Protection.
What challenges is KYC facing?
According to Rezo Imandze, the main difficulty is distrust from the public’s side in digital services. Another major topic is the inaction from companies to change organizational practices. Though, the process was kickstarted by the pandemic and the need for business to adapt to the new reality in order to stay afloat.
‘Overall, the greatest wall that we have to overcome is the public’s perception. The market size is huge, so we really need to tap into the unsalvaged territories that will truly make customer onboarding much safer.’
If you wish to watch the full OWASP Tbilisi 2021 meeting in Georgian, visit this link.
If you have any questions about Identomat, our services or pricing don’t hesitate to reach out to our team by visiting our website: https://identomat-329a23.ingress-baronn.ewp.live/