Connect with us

Banking

HOW TRANSPARENCY CAN IMPROVE IDENTITY VERIFICATION FOR BANKS

Published

on

By Paul Dunphy, Research Scientist for OneSpan

In the Netflix series The Crown, a lead character exclaims: “Who wants transparency when you can have magic?” Magic and transparency can be thought of as different extremes of how large and complex institutions try to win our trust. Typically institutions choose “magic” due to the lack of insight they provide, which means we can only hope that they will act in our interest. We often depend on such institutions – but since we can’t trust magic, we need transparency instead.

Today, technology is providing new transparent approaches to identity verification for banks to improve issues with the customer due diligence phase of onboarding. Aite Group found that abandonment rates for financial account opening processes range between 65 – 95%, depending on the product. If this process is not conducted thoroughly, banks could face regulatory action and costly fines. When re-framing this problem from one that banks must solve individually, to one that banks can solve collectively, then new approaches become possible.

Banks can solve problems in identity verification by sharing a live log of data related to identities that have already been verified. Yet this can be difficult to realise, even in the digital age. Pragmatic challenges such as: tracking master copies; resolving version conflicts; and managing concurrent updates, can create an aversion to this type of arrangement due to the risk to the integrity of those records.

Distributed ledgers (blockchains), can help here. Over the years we’ve learnt that:

Given the attention that distributed ledgers have attracted in recent times, it is inevitable that the first forays into applying transparency to solve identity verification problems have used this technology.

Let’s look at two different approaches to how banks can create transparency by using distributed ledgers.

 

A Shared Log for Identity Verification

If banks are able to co-operate and maintain a shared log of data relevant to identity verification it can help streamline identity verification. KUBE (Know Your Customer Utility for Banks and Enterprises) is a technology that has been proposed by the Isabel group along with Belfius, BNP Paribas Fortis, ING, and KBC to achieve exactly that.

The technology aims to increase the efficiency of onboarding for business customers through a shared log of identity attributes previously checked by member banks. The technical details of KUBE are not yet clear, but the distributed ledger in the architecture will contribute to consensus between each bank on the latest version of the log, along with assuring the integrity and availability of the data. Once customers are registered in the KUBE system, the identity verification performed with one bank is available to another bank with the consent of the customer, who receives the benefit that they only need to verify their identity once amongst that federation of banks.

In this example, KUBE provides a verifiable and transparent log which creates transparency between banks on the network. But, the customer must rely on KUBE to protect the confidentiality of their personal information.

 

Decentralised Identity

One other option is to re-envision digital identity completely to place the customer on more of an equal footing with banks. Decentralised Identity (self-sovereign identity) is a model of digital identity whereby a user is equipped with cryptographic techniques to create, self-verify, and own a digital identity that is portable between relying parties. Its constituent components are a trustworthy shared log, public key cryptography, and verifiable credentials (now a W3C standard).

Sovrin is one exemplar of this approach and its technology comprises a public-permissioned distributed ledger based on Hyperledger Indy and cryptographic credentials following the W3C standard. For example, after identity verification the customer is provided with a verifiable credential from that bank, which is stored in an identity wallet on the customer’s mobile device. When the customer onboards with a new bank, they provide that credential along with a decentralised identifier (DID) that they use, and prove their ownership of both using properties of public key cryptography. The receiving bank must then check the validity of the credential on the shared ledger. Thus, identity need only be verified once amongst a federation of institutions and the customer retains control over disclosure of personal information.

This area is one of active investigation; as such, there is no product that is ready-to-go. One crucial challenge that requires research is the relationship between user experience and privacy, since in this model customers will inherit new responsibilities and software to use to manage their privacy.

 

Privacy is Important

Both examples require privacy for both customers and financial institutions. When designing a shared log for identity verification there might be an inclination to start with a minimum viable product that simply pools the personal information of customers. Pooling the personally identifiable information (PII) of customers creates an attractive honeypot for attackers, and a point in the system design where information can be accidently leaked.

In addition, banks have their own privacy concerns. Clearly, we shouldn’t design a system where banks can conduct surveillance on each other. In the design stage of a technology, we must consider how the benefits of transparency can solve new problems, while at the same time, finding acceptable levels of data confidentiality and privacy.

 

Closing Thoughts

The value of transparency-enhancing technologies such as trustworthy shared logs are subject to a network effect, which means that the value of an application in the financial industry is tightly coupled with the number of financial institutions that choose to use them. The exciting research direction of the future is to investigate how distributed ledgers and transparency-enhancing techniques more generally, can create new applications in banking, and reduce our need to trust magic.

Banking

Resilient technology is the most important factor for successful online banking services

Published

on

By

By James McCarthy, Director of Solutions Engineering, NS1

 

More than 90 percent of people in the UK use online banking, according to Statista and of these, over a quarter have opened an account with a digital-only bank. It makes sense. Digital services, along with security, are critical features that consumers now expect from their banks as a way to support their busy on-the-go lifestyles.

The frequency of cash transactions is dropping as contactless and card payments rise and the key to this is convenience. It is faster and easier for customers to use digitally-enabled services than traditional over-the-counter facilities, cheques, and cash. The Covid pandemic, which encouraged people to abandon cash, only accelerated a trend that was already picking up speed in the UK.

But as bank branches close—4865 by April of 2022 and a further 226 scheduled to close by the end of the year, Which research found—banks are under pressure to ensure their online and mobile services are always available. Not only does this keep customers satisfied and loyal, but it is also vital for compliance and regulatory purposes.

James McCarthy

Unfortunately, their ability to keep services online is often compromised. In June and July of this year alone, major banks including Barclays, Halifax, Lloyds, TSB, Nationwide, Santander, Nationwide, and Monzo, at various times, locked customers out of their accounts due to outages, leaving them unable to access their mobile banking apps, transfer funds, or view their balances. According to The Mirror, Downdetector,  a website which tracks outages, showed over 1500 service failures were reported in one day as a result of problems at NatWest.

These incidents do not go unnoticed. Customers are quick to amplify their criticism on social media, drawing negative attention for the bank involved, and eroding not just consumer trust, but the trust of other stakeholders in the business. Trading banks leave themselves open to significant losses in transactions if their systems go down due to an outage, even for a few seconds.

There are a multitude of reasons for banking services to fail. The majority of internet-based banking outages occur because the bank’s own internal systems fail. This can be as a result of transferring customer data from legacy platforms which might involve switching off parts of the network. It can also be because they rely on cloud providers to deliver their services and the provider experiences an outage. The Bank of England has said that a quarter of major banks and a third of payment activity is hosted on the public cloud.

There are, however, steps that banks and other financial institutions can take to prevent outages and ensure as close to 100% uptime as possible for banking services.

Building resiliency strategies

If we assume that outages are inevitable, which all banks should, the best solution to managing risk is to embrace infrastructure resiliency strategies. One method is to adopt a multi-cloud and multi-CDN (content delivery platform) approach, which means utilising services from a variety of providers. This will ensure that if one fails, another one can be deployed, eliminating the single point-of-failure that renders systems and services out of action. If the financial institution uses a secondary provider—such as when international banking services are being provided across multiple locations—the agreement must include an assurance that the bank’s applications will operate if the primary provider goes down.

This process of building resiliency in layers, is further strengthened if banks have observability of application delivery performance, and it is beneficial for them to invest in tools that allow them to quickly transfer from one cloud service provider or CDN if it fails to perform against expectations.

Automating against human error

Banks that are further down the digital transformation route should consider the impact of human error on outage incidents and opt for network automation. This will enable systems to communicate seamlessly, giving banks operational agility and stability across the entire IT environment. They can start with a single network source of truth, which allows automation tools to gather all the data they need to optimise resource usage and puts banks in full control of their networks. In addition it will signal to regulators that the bank is taking its provisioning of infrastructure very seriously.

Dynamic steering 

Despite evidence to the contrary, downtime in banking should never be acceptable, and IT teams can make use of specialist tools that allow them to dynamically steer their online traffic more easily. It is not unusual for a DNS failure (domain name system) to be the root cause of an outage, given its importance in the tech stack, so putting in place a secondary DNS network, or multiple DNS systems with separate infrastructures will allow for rerouting of traffic. Teams will then have the power to establish steering policies and change capacity thresholds, so that an influx of activity, or a resource failure, will not affect the smooth-running of their online services. If they utilise monitoring and observability features, they will have the data they need to make decisions based on the real time experiences of end users and identify repeated issues that can be rectified.

Banks are some way into their transformation journeys, and building reputations based on the digital services that they offer. It is essential that they deploy resilient technology that allows them to scale and deliver, regardless of whether the cloud providers they use experience outages, or an internal human error is made, or the online demands of customers suddenly and simultaneously peak. Modern technology will not only speed up the services they provide, but it will also arm them with the resilience they need to compare favourably in the competition stakes.

Continue Reading

Banking

Digital Banking – a hedge against uncertainty?

Published

on

By

Ankit Shah, Head of Digital Banking, Apex Group

 

The story of the 2020’s thus far is one of crisis. First the world was plunged into a global pandemic which saw the locking down of people and economies across the world. Now we deal with the inevitable economic consequences as currencies devalue and inflation bites. This has been compounded by Russia’s invasion of Ukraine and subsequent energy politics.

And the outlook remains uncertain. Tensions continue to build between China and Taiwan and inflationary conditions are forecast to continue well into 2023. This uncertainty is impacting everyone, and every sector. And finance is no exception with effects being felt everywhere from commodity and FX markets to global supply chains.

But it’s not all doom and gloom. Rollercoaster markets and an ever-evolving geopolitical situation have made 2022 a tricky year far, but, despite the challenges, digital banking has proven resilient. In fact, the adoption of digital banking services has continued to grow over the last few years, and is predicted to continue.

So, what are the forces driving this resilience?

In an increasingly digital world and economy, digital banking comes with some advantages baked in, which have seen the sector continue to succeed despite the tumult in the wider world. In fact, the crises which have shaped the decade so far may even have been to the advantage of digital banking. Just as during the pandemic, technologies which could facilitate remote working saw a huge uptick in users, so to digital banking is well suited to a world where both people, and institutions demand the convenience that online banking services offer.

And while uptake of digital banking services is widespread amongst retail consumers, a trend likely to continue as digital first generations like Gen Z become an ever-greater proportion of the consumer market, uptake amongst corporate and institutional customers has been slower. This is largely down to a lack of fintech businesses serving the more complex needs of the institutional market, but, in a post-Covid world of hybrid working business, corporate clients are looking for the same ease of use and geographic freedom in their banking that is enjoyed by retail consumers.

This is not just a pipe dream – with the recent roll out of Apex Group’s Digital Banking services, institutions can enjoy the kind of multi-currency, cloud-based banking solutions, with 24/7 account access that many of us take for granted when it comes to our personal banking.

Staying compliant

One significant difference between retail and business accounts however, for banking service providers, is the relative levels of compliance which are needed. While compliance is crucial in the delivery of all financial services, running compliance on multi-million pound transactions between international businesses brings with it a level of complexity that an individual buying goods and services online doesn’t.

For digital banking services providers, this situation is further compounded by guidance earlier this year from HM Treasury – against the backdrop of the Russia-Ukraine conflict- requiring enhanced levels of compliance and due diligence when it comes to doing business with “a high-risk third country or in relation to any relevant transaction where either of the parties to the transaction is established in a high-risk third country or with a sanctioned individual.”

So, can digital banks meet these standards while also providing institutions with the kind of easily accessible, mobile service which retail customers enjoy?

The answer is yes and again, once initial hurdles are overcome, digital banking brings with it features which give it the edge over traditional banking services. Paperless processes, for example, mean greater transparency and allow for better and more efficient use of data. This means AI can be employed to search documents, as well as provide verification. It also means compliance processes, often notoriously complicated, become easier to track. Indeed, digitising time intensive manual process means the risk of human error in the compliance process is reduced.

Digital banking can also better integrate transaction monitoring tools, helping businesses identify fraud and irregularity more quickly. This can be hugely important, especially in the times of heightened risk we find ourselves in, where falling foul of a sanctions regime could have significant legal, financial and reputational consequences.

Cross-border business

Our world is increasingly globalised, and so is business. For corporate and institutional banking customers, being able to operate seamlessly across borders is key to the operation of their business.

This brings with it challenges, which are again compounded by difficult geopolitical and economic circumstances. In recent weeks for example, we’ve seen significant flux on FX markets which can have real consequences for businesses or institutional investors who are buying and selling assets in multiple currencies and jurisdictions. The ability to move quickly then, and transact in a currency of choice, is vital. Advanced digital banking platforms can help – offering automated money market fund sweeps in multiple core currencies to help their clients optimise their investment returns and effectively manage liquidity.

Control admin uncertainty

In times of uncertainty, digital banking can provide additional comfort via customisable multi-level payment approvals to enhance control of what is being paid out of business accounts, with custom limits available for different users or members of a team. Transparency and accountability are also essential, with corporate clients requiring fully integrated digital reporting and statements and instant visibility with transaction cost and  balances updated in real-time.

Outlook

For some, the perception remains that digital banking is the upstart industry trying to offer the services that the traditional banking industry has built itself upon. Increasingly however, the reality is that the pressure is on traditional banks to try and stake a claim to some of the territory being taken by digital first financial services.

With a whole range of features built in which make them well suited to business in a digital world, digital banking is on a growth trajectory. Until now, much of the focus has been upon the roll-out of services to retail consumers, but with features such as automated compliance, effortless international transactions and powerful AI coming as standard for many digital banks, the digital offering to the corporate world looks increasingly attractive.

Continue Reading

Magazine

Trending

Business9 hours ago

Solving the Future of Decarbonisation in Real-Time

Jamil  Ahmed, Distinguished Engineer at Solace   The energy sector has faced many disruptions and challenges in recent years, from...

Banking16 hours ago

Resilient technology is the most important factor for successful online banking services

By James McCarthy, Director of Solutions Engineering, NS1   More than 90 percent of people in the UK use online...

Technology16 hours ago

Why anti-spoofing fingerprint technology is essential for the continued growth of digital payments

Anthony Eaton, CTO, IDEX Biometrics   The digital payments revolution is being driven by consumer demand for ever increasing convenience....

Finance16 hours ago

Why Financial Services must ‘Change its Change’ to deliver results

By Hervé Mazenod, Managing Director, Financial Services Sector at Webhelp  You can almost hear the collective sigh of relief from financial...

News16 hours ago

Real-time payments are here to stay and with good reason 

Real-time Payment (RtP) models are here to stay for the foreseeable future alongside traditional payment schemes. But as businesses increasingly...

Business17 hours ago

Criminal Minds: Account Opening Fraud Tactics put to the Test

By Raj Dasgupta, Director, Global Advisory, BioCatch   The last two years have created a perfect storm for account opening...

Business4 days ago

Know Your Business (KYB): Exceeding KYC

Victor Fredung, CEO at Shufti Pro   Money laundering costs the UK more than £100 billion pounds a year, according...

Finance1 week ago

Mini-Budget 2022:

Tax giveaway is a boost for business, but will it drive growth or fuel inflation?   Chancellor Kwasi Kwarteng has...

Finance1 week ago

A zero trust environment is critical for financial services

Boris Bialek, Managing Director of Industry Solutions at MongoDB Not long ago security professionals were still focused on protecting their...

Banking1 week ago

Digital Banking – a hedge against uncertainty?

Ankit Shah, Head of Digital Banking, Apex Group   The story of the 2020’s thus far is one of crisis....

News2 weeks ago

Union Bank of India goes live with RuPay Credit Card on UPI with Kiya.ai as a technology partner

Nitesh Ranjan, ED Union Bank of India with Rajesh Mirjankar, Managing Director & CEO, Kiya.ai at the launch   Kiya.ai,...

Finance2 weeks ago

Anyone Can Become an R&D Tax Expert with the Right Foundations

Ian Cashin is a Customer Success Manager at Fintech company and R&D tax software provider WhisperClaims   For accounting firms,...

Business2 weeks ago

Addressing the ongoing global pilot shortage issue

By Bhanu Choudhrie, Founder of Alpha Aviation   The Covid-19 pandemic brought the aviation industry to a halt, causing vast...

Business2 weeks ago

How exporters can mitigate risks and operate smoothly in stormy, post-Brexit waters

By Morgan Terigi is Co-Founder and CEO of Incomlend   The past few years have presented a series of hurdles...

Business2 weeks ago

From employees to customers, workforce management can benefit the entire banking ecosystem

Michael Cupps, SVP of Marketing of ActiveOps explores the significant impact workforce management can have on the employees and customers...

Business2 weeks ago

Redefining the human touch with digital transformation

Simon Kearsley, CEO of bluQube   It may not be a new phrase, but digital transformation is still inducing anxiety...

Finance2 weeks ago

CFOs – the forgotten ally in the fight against ransomware

Justin Vaughan-Brown, VP Market Insight at Deep Instinct   Ransomware attacks have nearly doubled in the past couple of years....

Technology2 weeks ago

7 cost benefits of cloud accounting software

By Paul Sparkes, Commercial Director of iplicit, an award-winning accounting software developer   Is your accounting software having a laugh...

Business2 weeks ago

How does Identity Access & Privileged Access Management help in PCI DSS Compliance?

Narendra Sahoo is a director of VISTA InfoSec. Introduction The Payment Card Industry Data Security Standard also commonly referred to...

Finance2 weeks ago

Listed private debt deserves a closer look from investors

By Michel Degosciu, Managing Partner, LPX AG Over the past few years, the private debt asset class is attracting serious...

Trending