On September 22nd, the KNOW Identity Digital Forum took a look into the growing ways that alternative data can expand services to new customer groups as well as combat fraudulent attempts worldwide. We gathered experts in the financial services and digital identity industries to discuss inclusion and security balances in our current banking systems.
Each session was jam-packed with unprecedented insights, but a few standout takeaways included:
- Fraud rates have accelerated in 2020 with more and more transactions happening online as a result of COVID-19. However, regulation is still slow to catch up to or empower technologies to ward off bad actors’ tactics.
- Openness and data sharing across governmental bodies and private institutions are going to be critical to expanding service offerings to new customer groups, such as immigrants and previously thin-file consumers. Data collected from mobile devices can also help level the playing field for previously un- or underbanked consumers.
Combating Synthetic Identity Fraud
In the first session, Ghost in the Machine: Combating Synthetic Identity Fraud, in partnership with Acuant, tackled the ever-moving target of synthetic identities. Even difficult to define, these data mashups present unique threats for companies verifying relationships between user and data attributes. In 2020, the SSA in the U.S. will be rolling out its Electronic Consent Based SSN Verification Service (eCBSV), but is this the end-all solution to stop synthetics? Jose Caldera (Chief Product Officer at Acuant), Lauren Day (Compliance and Risk Manager at Binance.US) and Chuck Christofilis (Chief Compliance Officer at CoinZoom) discuss how businesses better detect and remove synthetic identities as fraudsters adapt their strategies.
OWI: One solution that has come to the fore on the synthetic identity fraud front is the eCBSV that has begun to be rolled out by the Social Security Administration to allow for verification of SSN and the tying a user-submitted social to the actual issuing database. Is this a magic bullet that can end synthetic identity fraud as we know it, or do we need to continue pushing ahead in terms of identifying ways as an industry to combat synthetic fraud?
Acuant: I think that thinking of any solution as a silver bullet is probably not the right way of thinking. It is the components that make that solution, they are not necessarily available to every application where identity fraud or synthetic identity fraud is present. Certainly those applications that rely on the data and the data attributes are going to benefit from it. No question about that. But then you have to deal with the consent issue. I think a lot of other practitioners may be put off by the fact that you need to get consent from your end customer to let the Social Security Administration give you permission to access that data.
Other countries have similar solutions, but one of the issues that they have had is that one to one relationship. It is unclear whether those databases actually maintain that relationship between the security number and the entity of the person. It is unclear whether within the database itself, there might be multiple identities associated with the same person. So that is one to end or one to one relationship has been a problem in other countries with similar solutions.
OWI: What are we seeing in the current fraud landscape from the bad actors? Is synthetic fraud accelerating in 2020? Does this remain as one of the favored fraud vectors?
Binance.US: As we move online, more and more, our transactions move online. Companies move online and we’re just going to see more and more of these fraudsters trying to get around certain controls. We’ve definitely seen an increase. On top of not only synthetic fraud, we’ve also seen a lot of classic scams that essentially trick people into giving away certain elements of their personal identity.
OWI: Data offers greater visibility into quantifying synthetic fraud, and potentially being able to strengthen the models being used to predict or identify current parts of the portfolio or applicants who are believed to be synthetic fraudsters. What are some of those techniques that we’re seeing success with? And what are some of those new types of data that we are leveraging successfully in this fight against synthetic fraud?
CoinZoom: We’ve seen [success] specifically in potential elder abuse cases where someone is using the same device. That’s a data point. And it’s information that just a few years ago was unthinkable. Now we’re able to prevent a lot of what could potentially be elder abuse when we just see people trying to set up accounts with different people on the same device.
OWI: Do you foresee any challenges from the device data from a regulatory standpoint that is often a strong indicator of fraud? What are you seeing in terms of the evolving landscape, in terms of what we have access to to help make these fraud decisions?
Acuant: Just a couple of years ago was when FinCEN allowed that the collection and the reporting of data had to do with devices and IP as part of the source. I think from the regulatory standpoint, there is now a recognition of the detailed aspects of those transactions.
So how are they used for prevention? I think, regulatory-wise, it is being accepted as those reportings have more information about the detailed components of those transactions. By FinCEN adding this data to their [reports], it seems to be a recognition that this data is relevant and it’s important–it’s reliable to do analysis on.
The Alternative Data Revolution
Shifting gears from fighting fraud to expanding services, OWI next welcomed Robin Weiss (Sr. Technology Advisor at Fidelity Investments), Schan Duff (VP of Strategy at Kiva), and Steve Polsky (Founder and CEO at Juvo) to the virtual stage for The Alternative Data Revolution: Fast Forward to Today’s Inclusive Lending Through Big Data & AI. Weiss moderated the discussion on how each company has utilized mobile data and other digital touch-points to build alternative credit files for the previously un- and underbanked and what we have learned through grappling with the repercussions of the COVID pandemic.
Fidelity: How are you each using alternative data sources to broaden financial service access through your work?
Juvo: What we are trying to do is using the ubiquity of mobile phones and cloud computing to build what we call a financial identity, to establish who is thought of as credit worthiness, but with a broader perspective that their financial identity starts with their everyday usage of their mobile phone.
That gives us a macro ability to impact a large portion of populations in the countries that we serve. We can then turn this around and create a feed to financial service providers. A data feed that effectively bridges the gap between financial services providers who don’t have information on a group of consumers and a group of consumers who are unable to access financial service to close this gap through a new source of data.
Kiva: The thesis behind all of our work is that unbanked borrowers are not riskier borrowers. They’re not inherently uncredible. They’ve just been denied the opportunity and access to the formal financial system.
In Q2 2020, the United States in the height of the COVID pandemic, default rates on credit cards were somewhere near 3.8 percent or 4 percent. Over our time at Kiva, our default rates across those 90 countries, including conflict zones, is about 3.6 percent. This is lending to populations who aren’t included in credit bureaus, who don’t have bank accounts and don’t have access to formal financial services. So that experience proves to us that, in the words of William Gibson, the world is awash in credit data. In financial transaction data, it’s just not evenly distributed.
Fidelity: Inherent in both of your models is the fact that they are dependent on government-issued foundational identities that clearly vary from geography to geography. Can these or should they be replaced by a constellation of non-foundational identities? In other words, alternative data points to arrive at a high assurance I.D.
Juvo: There’s essentially three parts that need to come together to provide someone financial services. One, you need an anchor: you need the government to step up and provide a system of identities, something you can tie into. Two, we need some form of biometrics. It’s not NSA always biometrics; that person needs to prove they are who they say they are just to eliminate fraud. Then the third piece is that we need to know that the person qualifies for the particular service they might be offered. To me, stitching these three things together is the key thing to enable someone to get access to a financial service. Juvo’s focus is on the last piece: understanding qualification and giving like a whole new group of people the ability to establish qualification.
Kiva: Our view at Kiva is that there will always be a role for a centralized identity issuer and that in some ways is going to be the most easy way to compliantly onboard an individual into regulated financial institutions.
FATF, the Financial Action Task Force, which is the intergovernmental body that thinks about things like MLSE, a key compliance, has issued some really interesting guidance in the last year on the use of digital identities for compliant onboarding. Yet they leave the door open for what we’re thinking about risk-based approaches to this question. They haven’t gone as far as to say official identity is not required or is not recommended for financial sector onboarding…but I do think that it’s possible technologically to prove with a high level of assurance who a person is without reliance on an official identity. I think we’re still a little ways away from having regulators fully embrace that concept but I think it’s a conversation that if we’re serious about financial inclusion, we should be having.
Identity & Immigrant Banking
For the final session of the day, OWI was joined by Alka Gupta (Co-Founder and Board Director of GlobaliD) to discuss how growing non-citizen or new citizen populations are able to access financial services in Coming to America: Immigrant Banking in the U.S. The conversation identified some of the current gaps and possible solutions in providing user-friendly services to these communities.
GlobaliD: For context…51 percent of [U.S.] foreign-born non-citizens are either unbanked or underbanked. Of those that are banking, 80+ percent of the immigrants are with one of five financial institutions, which means about 18 percent of them are spread across 60-70 other smaller banks or credit unions, with none of them making up more than 2 percent. Why is this happening? How do we help? What does this next chapter look like?
The challenges are three-fold. Banking has historically accepted limited forms of identity. Identity more traditionally is a driver’s license and Social Security, which many immigrants may not have. So how do we open that aperture? And many have, since government-issued I.D. vary from country to country. Banks have expanded the list, whether it’s the individual taxpayer numbers, passports, consular I.D., etc.. That’s a huge area. There is also fear. There’s just a fear of even walking into the bank. So how do we provide culturally-specific guidelines? And lastly is minimizing fees or not maximizing those types of schemes. This is frankly not true just with financial services, but also with international calling and other type of infrastructure needs.
OWI: Where do we see the solutions coming into play? What role do we see governments playing? What role do we see nongovernmental organizations playing and what role do we see private sector players playing in solving this challenge? And where do you see the most progress being made in the near-term future?
GlobaliD: I think there’s been some progress whether it’s startups or neo-banks looking to address some of the issues we’ve talked about, there are immigrant banking focused startups. So there is a cottage industry around migrant banking, migrant tech, but we need to step back and talk about the larger ecosystem. I do believe that the more meaningful improvements are going to happen, not just from a technology perspective. In fact, I might argue that this is not about the technology. This is about the silos coming down. We do see the world opening up more and more, but at the same time, sometimes we see more and more walls going up, given the times that we’re in. I think that much of the advancement is going to need to come from…cooperation and openness, open access to data and silos coming down.
I also think it’s about there being more user control and portability of that data and that information. Users need to control their data. Institutions need to respect the portability of data. And those that don’t know how to either keep data secure or store cetera are better off in focusing on their core competencies and allowing more of these horizontal plays. Whether it’s the identity, the chat, the calling, et cetera, to be to be frankly, you know, built within a horizontal stack that can be leveraged across whether it’s financial services or others. I think we’re at a time where we would be all well-served to consider how it is that the user is experiencing the data, the frustrations, the frictions. We would be better served really thinking about is that just neat and cool? Or if I were a user, would I actually engage? Would I trust it? I really think that’s what this next chapter is about and why I am so passionate about this space.
There’s always more to dive into (we recommend you secure your seat at our next digital event now,) and we’re looking forward to seeing how the industry drives further inclusion in financial services through this data. Take a moment to catch up on the sessions from this event or other KNOW Identity Digital Forums you may have missed!