The integration of merchant risk monitoring solutions like Fraudio has the potential to save a wide variety of businesses time, money and manpower.  Nevertheless, the adoption of fraud detection systems based on artificial intelligence and machine learning remains relatively slow.

In the meantime, the worlds of compliance, identity verification and fraud detection remain intrinsically intertwined. Online businesses in particular often find themselves with little choice but to combine a number of separate solutions to make sure the customer experience is not excessively time-consuming or fragmented.

When polled, business owners spoke of several major trends in how they approach their user journeys and create a smooth, straightforward and streamlined onboarding experience. Of which, the following were the most prevalent of all:

Low-Friction Checks

This encompasses the relatively straightforward activities that require no user action, aside from the provision of the basic information needed to facilitate the transaction, such as:

Address Verification

A simple yet effective approach to identity verification, which attempts to verify that the address provided by the customer at the time of the transaction is actually where they live. The support of credit agencies and third-party databases can be instrumental in conducting such checks.

Phone-Based Checks

This typically involves sending a text message (or a recorded voice message) to the phone of the customer, in order to ensure that the phone number they submit is both valid and their own. Verification can also be sought by linking to the databases of telecom providers and mobile networks.

Email Checks

Simple email verification to ensure the authenticity of the e-mail address provided by the customer, which has become a standard verification check conducted by most online businesses.

Behavioural Analytics

A slightly more sophisticated check conducted to verify whether the customer is a real human being or a bot.

IP Address Discrepancies

Checked near-instantaneously to find out whether the customer is attempting a transaction from an IP address that matches the geographic region specified in the information they submit.

Identity Verification

While each of the above low-friction checks can prove helpful in detecting examples of unsophisticated fraud, they do not provide a particularly robust barrier in their own right. This is why formal identity verification is often considered necessary, which despite being disruptive in nature nonetheless provides a much higher level of assurance.

Formal identity verification occurs when a business requests a copy of a government issued form of ID, often with an accompanying photograph of the person in question. As this is a significantly more difficult fraud prevention measure to circumvent, it is one of the most effective and powerful deterrents for fraudsters.

This is why leading research groups such as Gartner predict that the vast majority of online businesses will have adopted these formal identity verification policies within the next couple of years. Surprisingly, it is estimated that fewer than 15% of organizations are currently using single vendors with strong identity orchestration capabilities and connections to many other third parties for identity verification.

AML Screening

Recent years have seen many national and international regulatory authorities adopt a much firmer stance against the deterrence of money-laundering activities, often used to finance terrorist groups. Compliance mandates to deter money laundering are now actively recommended across a wide variety of sectors and business areas – not just the banking sector.

AML screening procedures involve not only the verification of the customer’s identity, but also an examination of previous records/activities to make sure the individual or business in question does not have a criminal background. This means checking the data of an individual or business against databases of politically exposed persons (PEPs), sanction lists and those with known ties to criminal entities.

It also means monitoring customers on a continuous basis, in order to make sure they do not become financial crime risks.

The Importance of Ongoing Authentication

Lastly, while the importance of preventing the wrong people from opening accounts and accessing services in the first place is paramount, it is just as critical to make sure that active accounts are accessed exclusively by their legitimate owners.

Due to the threats associated with data breaches, the dark web and credential stuffing attacks, the risk of account takeover hacks is at an all-time high and the importance of ongoing authentication therefore cannot be overstated.