This customer is a part of a major European banking group, issuing credit cards, store cards, personal loans and retail finance directly to its customers and via a network of well-known high street retailers.
This customer is a part of a major European banking group, issuing credit cards, store cards, personal loans and retail finance directly to its customers and via a network of well-known high street retailers.
The Client
This consumer financial services company is a part of a major European international banking group (one of the top 10 global banks by asset value) offering retail and investment banking services in over 60 countries worldwide.
Our client is a UK operating division of the banking parent company whose business centres around the issuing of consumer credit products to UK citizens, including credit and store cards, personal loans and retail finance both directly and via its network of high street retailers.
The Challenge
Like all financial institutions, our client is mandated to comply with a number of anti-money laundering (AML) and Know Your Customer (KYC) regulations as part of their new customer onboarding processes. These regulations have been created to ensure that financial institutions apply risk assessments to all new customers in order to detect potential customer risks and implement control mechanisms to address them.
Online financial crime is prevalent and on the increase. Global online fraud losses are estimated at a little over 6% global GDP annually, equating to a total global fraud loss of £3.89 trillion per year. Since 2009, international fraud losses have increased by 56.5%, driven by major issues with the ability of financial and payment companies to securely verify the identity of their customers at the point of onboarding and during transactional flows, and as a consequence of the relative ease of implementation of financial fraud techniques, especially where new digital and mobile user experiences are immature and not optimised with security, fraud and AML in mind.
In the context of this market reality, our client – as a UK-based consumer financial services provider – had a strategic imperative to align all internal customer onboarding flows with current UK KYC and AML regulation in order to ensure the maintenance and growth of their business portfolio, and as a consequence of their retail clients’ directives to ensure regulatory compliance as a basic element of their ongoing supply agreements.
With this as the basis of their requirement, the client approached Sekura Mobile with a request to evaluate the UK Mobile Operator KYC Match service to enable the verification of new customer name and address data as a part of the onboarding flow for newly acquired customers. By matching the name and address held in the mobile operator records with that supplied by the new customer during the onboarding flow, they hoped to be able to verify the core name and address data on an individual basis and apply this, as part of a ‘waterfall’ of other third party data, to meet the KYC regulation prevent fraudulent account set up.
The Solution
The Sekura KYC Match service Name and address matching service allows service providers to generate a secure one-way encrypted name and address string (using a technique known as ‘hashing’, which encrypts the data into a random set of characters that cannot be de-encrypted)and compare this with the same data held by the end user’s mobile operator to enable them to confirm separate matches on name, address and (where enabled) date of birth. A match is presented back to the service provider simply as Yes or No.
Our client created the logic on their platform to submit the KYC Match request via API to Sekura, supplying the mobile number (MSISDN) of the user plus the hashed name and address strings. The Sekura platform applies a ‘discovery’ logic to identify which mobile operator the MSISDN belongs to, makes a request to that operator for a KYC Match response for the name and address elements, and returns a Yes or No for each to the client, with some additional parameters.
As a real-time or batch service, the KYC API is able to return responses quickly within the client user flow to enable in-transaction use cases, or – as in the case of this client – as a batch process involving the supply of a high-volume batch of MSISDN and Name/Address data records to which we append the KYC Match results and return.
Privacy was maintained through the application and confirmation of user consent on the client side prior to the processing of the data and, through use of a ‘match’ model no personal data that is not already known by the both parties was shared between parties. The Sekura KYC Match service is built to return a simple Yes/No and is therefore providing data signals only and is not sharing customer data or making decisions on behalf of the customer.
The Benefits
With an initial test using one of UK Mobile Operator partnerships (representing around 25% UK mobile market share), we were able to deliver a ‘match’ or ‘no match result for almost three quarters of new client applications in our test batch.
The client was able to use the resulting data as a core part of their decisioning engine in the acceptance or rejection of new customer credit applications, allowing them to apply the KYC Match service to ensure that legitimate new customer applications had a maximised chance of success whilst filtering out those that required further verification or were fraudulent.
The client is working with Sekura to implement further batch and real-time KYC Match services for this and other client use cases.
To learn more about this use case, how we work, or to discuss the Sekura approach with any of our team, Contact Us.
Copyright 2023 © Sekura Mobile Intelligence Limited
