multi tier

Multi-Tier Security – Another Line of Defense Against Bank Account Scammers

The banking sector has been witnessing a significant rise in criminal activities is a major concern of security authorities these days. The latest reports revealed that banks have been violating KYC and AML regulations and there were skyrocketing penalties in 2020. Protecting banks and customers is necessary and identity verification is one of the best ways of doing so. However, conventional methods like manual document verification do not suffice for the needs. There must be more robust and automated systems like digital identity verification and video KYC that can enhance the efficiency of the process. 

A single line of defence does not work when it comes to technologically advanced fraudsters. There must be layers of security to filter them no matter how hard they try to surpass ID checks. Hence, multi-tier security is what the banking sector needs. Multiple layers of security checks and identity verification methodologies will make it impossible for fraudsters to enter banks. 

A Summary of Bank Scams and Frauds 

Over time, many different types of frauds and scams have struck the banking industry. Due to advanced technology, not only banks are streamlining their processes, but criminals have also figured out techniques to execute their plans. Many new breeds of scams have surprised organisations, especially banks. Let’s take a look at some of the fraudulent activities. 

Account Takeover Fraud 

Account takeover (ATO) refers to the fraud in which criminals get illegal access to bank accounts and use them for illicit activities like money laundering and chargebacks. As technology advances, fraudsters have also become sophisticated in committing account takeover fraud. There was a 43 per cent increase in account takeover fraud during the global lockdown in 2020. The numbers are expected to increase this year as well due to rapid digitisation. 

New Account Fraud 

A new breed of frauds struck the world a few years ago by the name new account fraud. With time, the rate of this fraud has increased and defeated all other kinds of scams. For a new account fraud, fraudsters use stolen, forged, or synthetic identities to open a new bank account, get a new credit/debit card, or loan money from the bank. According to Javelin Strategy, 3.2 million customers were affected by this fraud alone in 2018.    

NAF

Identity Theft 

Identity theft has been a threat to businesses for a very long time. The numbers are continuously increasing and banks are the primary target. Unfortunately, identity theft has taken various forms as well, including child identity theft, medical identity theft, and social identity theft. This enables criminals in making purchases, opening new bank accounts, and enjoying numerous other benefits with false names. 

Data Breach

Data breach is a social engineering technique that fraudsters use to acquire customer information. The stolen data is later used for bank account scams, identity theft, and numerous other illegal activities. The identities stolen from a data breach are also used for new account fraud. Around 8,000 data breaches were reported in 2019. In the first half of 2020, 540 data breaches were reported only in the United States according to Statista.  

Biometric Authentication – The Additional Security Layer 

Biometric authentication is the additional layer of security that not only enhances the level of security, but it is also a rigid measure that fraudsters cannot dodge. Fooling biometrics is not a piece of cake for criminals because biometric authentication requires the live presence of the individual for identity verification. Voice, face, palm, iris, pupil, and retina are some of the biometric traits of an individual that are required for biometric verification. 

Biometric verification employs various artificial intelligence models and the following techniques are used for authentication:

  • 3D depth analysis 
  • Micro-expression analysis 
  • Skin texture analysis 
  • Liveness detection 

All these techniques ensure the live presence of individuals and any spoof attacks or deepfakes can be identified within seconds. 

How will Multi-Tier Security Help Your Bank?

Digital identity verification is a multi-tier security measure that your bank needs. This system has multiple methods of verifying identities that prevent fraudsters from entering the business. Here is how the process of multi-tier security works:

  • First, the individual has to register on your bank’s website for the identity verification process 
  • Along with the registration details, government-issued ID documents are also submitted 
  • Then, the information submitted is verified with the government-issued ID document 
  • Once the documents are verified, biometric authentication comes in action and face verification checks are performed
  • Customers have to submit their selfie or video during verification which is matched with the image on the ID document 
  • Lastly, consent verification checks are also performed in which the customer has to submit a handwritten or typed consent note

Conclusion

All in all, verifying identities with the manual method is not an adequate option in the digital world. Digital identity verification is an automated process of verifying identities with layers of security to increase the efficacy of the process. One of the strongest layers in this method is biometric authentication that ensures the live presence of the customer for verification. Fraudsters cannot bypass these checks through any of their techniques. Due to the robustness of this technique, bank account scammers fear from the additional layers of security to verify identities and transactions. Identity theft, account takeover fraud, new account fraud, and data breaches are some of the criminal activities that have increased over time. Now, banks need a multi-tier security system to ensure the security of the customers as well as the organisation. 

Get in touch with our experts and learn more about the digital ID verification system and biometric authentication. 

Corporate Transparency Act – The Road to Better AML Compliance

According to the latest reports, the United States ranked number 1 for not complying with the anti-money laundering regulations. Around 12 penalties were imposed on the US banks and Goldman Sachs had the highest fine of €3.30 billion (USD 3.90 billion). Given the rise in money laundering activities in the US, the Corporate Transparency Act was structured. Recently, the Senate has passed the act. Financial institutions of the United States have until January, 2022 to report to FinCEN according to the updated laws. Once the Act is in action, the US companies have to report their Ultimate Beneficial Owners (UBOs) to the Financial Crimes Enforcement Network (FinCEN). In 2022, new Limited Liability Corporations (LLCs) have to report their UBOs and any changes in the beneficial owners will be reported as well. However, any corporations formed before the effective date will have two years for reporting to FinCEN. Let’s dive deeper into the corporate transparency act and how can companies efficiently comply with it. 

Read more: Record-Breaking Fines on Banks for KYC/AML Non-Compliance

Requirements for Corporate Transparency Act

As per this Act, the term beneficial owner refers to anyone who owns 25% or more equity share, has some substantial control over the company, or receives benefits from the company’s assets. Therefore, verifying these stakeholders is essential for the company. 

FATF’s recommendations for best practices on beneficial ownership for legal persons have been best categorised in the Corporate Transparency Act of 2019. According to this Act, companies have to provide the following information about the ultimate beneficial owners to FinCEN. 

  1. Complete legal name of the owner
  2. Owner’s date of birth 
  3. Current residential or business address 
  4. Unique identification number as on the passport, driving license, or the ID card

The company has to submit an annual report of the current UBOs and any changes in the previous year’s owners to FinCEN. 

Current Scenario of the CTA

According to the current situation, some sections of the Act need more clarification and specifications to address minor details. The Corporate Transparency Act has not clearly defined beneficial owners as direct or indirect substantial controlling authorities. Any failings in the Act can lead to more challenges for businesses and violations of the Act will lead to heftier penalties. 

Anyone who assists in the creation of legal entities like attorneys will be monitored. Previous iterations in the Corporate Transparency Act categorised formation agents as financial entities and made them subject to the AML and reporting obligations of the Bank Secrecy Act. In the current version of the Act, references to formation agents have been removed. However, the rulemaking authority given to the Department of Treasury can expand requirements for business. This will ultimately broaden the scope of potential criminal liability. 

Next Steps for the Financial Institutions 

Until long-term actions have been decided, here are some short-term actions that must be considered by form corporation and entities: 

  • Assess if your company has reported the beneficial ownership requirements according to the Corporate Transparency Act or not. 
  • Create a checklist of the reporting requirements
  • Under the Act, every beneficial owner must be identified 
  • Endorse all identity verification documents of every individual that is considered as a beneficial owner
  • Plan renewal in case of expiration of the documents of UBOs
  • There must be a risk ranking system that account for variables like country of origin, service provided, and categorize the levels of risk within relationships
  • A “trust-but-verify” approach must be leveraged if any of the information raises red flags suggested by FATF
  • There must be a sound process for keeping the reporting mandates in touch. This includes the people responsible for collecting information of beneficial owners and filing with FinCEN 
  • Annual monitoring for tracking compliance is important 
  • Sufficient resources must be allocated for better compliance with the new filing obligation

Penalties for Non-Compliance with Corporate Transparency Act 

The CTA has announced hefty penalties for any company that does not comply with the regulations. According to the Act, USD 10,000 must be paid as civil penalties. Furthermore, criminal fines and up to three years of imprisonment have also been announced. In order to comply with these regulations and avoid any fines or penalties, it is better that the US-based companies employ Anti-Money Laundering (AML) screening. 

With the help of AML screening, organisations verify all the stakeholders and any high-risk customers can be identified before they become the company’s problem. This screening cross-checks the identity of the person with numerous sanction lists. Lastly, enhanced due diligence checks are also an option that can help your company comply with the regulations. 

Summing It Up

The rise in criminal activities has led to amendments in Know Your Customer (KYC) and Anti-Money Laundering (AML) regulations. The new laws are designed to make customer due diligence and identity verification measures as rigid as possible. Criminals should not be allowed to surpass these checks at any cost, and better laws can help companies in this regard. The Corporate Transparency Act (CTA) will be active in January 2022 and businesses have until then to report FinCEN about their Ultimate Beneficial Owners. USD 10,000 civil penalties, criminal penalties, and up to three years of imprisonment is the punishment if any organisation fails to comply with CTA. 

The purpose of Corporate Transparency Act is to combat money laundering and terrorist financing. With the help of Anti-Money Laundering screening, companies can ensure enhanced due diligence of all the customers. It will not only help onboard the right customers, but it will also assist your company in better compliance with CTA.
Multi-layered identity verification and background screening of beneficial owners is now inevitable for the US finance sector. All risky entities will be highlighted and reported timely, reducing the risk of money laundering and terrorist financing in the USA. 

Want to know more about automated AML screening? Talk to our experts. 

Bank Files

Record-Breaking Fines on Banks for KYC/AML Non-Compliance

Know Your Customer (KYC) and Anti-Money Laundering (AML) compliance have been structured to make financial institutions secure. The rising number of illegal activities in the finance sector is raising concerns for regulatory authorities. This year, the KYC/AML regulations have become more rigid and different countries have also amended their state laws for customer due diligence. Why are all the regulatory authorities imposing more stringent laws in 2021? 

In 2020, the majority of banks were fined for not complying with KYC/AML regulations. The law violations increased significantly and record-breaking penalties were imposed on banks across the globe. This led law enforcement agencies to make certain changes to the regulations and customer due diligence protocols. The record-breaking penalties in the finance sector have changed the game for businesses. 

Let’s take a deep dive into the largest penalties of 2020 and how can KYC/AML regulations help the finance sector to avoid them in 2021.   

Recommended: The Future of Customer Onboarding Post-COVID-19 Pandemic 

A Summary of 2020 Bank Fines 

2020 brought several inconveniences to life and the most distressing challenge was fighting fraudsters. Identity theft and money laundering were the most reported crimes last year. Unfortunately, the inability of financial institutions to verify identities of customers increased money laundering and other illegal activities. Here is a summary of fines imposed in 2020:

Goldman Sachs Tops the List 

The US was ranked number 1 with the highest number of bank fines enforced in 2020. 12 cases of AML non-compliance were reported and the sum of all these fines was €9.39 billion. The fine on Goldman Sachs alone was €3.30 billion. The settlement was made by the bank with Malaysia against the Wall Street Bank for its role in assisting to raise millions for a sovereign wealth fund. 

Commerzbank Fined £37.8 Million by FCA

The Financial Conduct Authority (FCA) imposed a £37.8 Million fine on the Commerzbank, London. The fine was a result of the bank’s violation of AML controls.  According to reports of FCA, the violations will result in huge risks and stability issues of the UK’s financial system. The audit from FCA shared the following reasons on the basis of which the bank was penalised:

  • Periodic due diligence failures
  • Insufficient money laundering control procedures
  • Inadequate risk management systems
Bank Files

Westpac Paid $1.3 Billion for AML Breaches

Last year, Westpac bank in Australia was number 5 on the list of banks with the highest penalties. The court penalised Westpac with a fine of $1.3 billion. AML laws were breached at different intervals. Westpac not only violated AML/CFT laws but also failed to employ transaction monitoring and did not submit IFTI reports to AUSTRAC. Furthermore, the bank did not perform enhanced due diligence for high-risk transactions as suggested by FATF. 

SEB Bank Fined $107 Million for Poor AML Measures

Next in the list of KYC/AML non-compliance is Lloyds Bank that was fined $107 million by the City watchdog for unfair treatment of mortgage customers. According to the executive director of enforcement and market oversight of Financial Conduct Authority (FCA), 

“Banks are required to treat customers fairly, even when those customers are in financial difficulties or are having trouble meeting their obligations. By not sufficiently understanding their customers’ circumstances the banks risked treating unfairly more than a quarter of a million customers in mortgage arrears.”

Reasons Behind Hefty Penalties on Banks 

The major reason behind all these hefty penalties is the banks’ inability to follow the regulations imposed by higher authorities. However, there are several other reasons resulting in increasing fines and growing rigidity of regulations. They include,

  • Consistent failures to comply with the Anti-Money Laundering laws 
  • Lack of proper customer due diligence 
  • No transaction monitoring measures taken 
  • Overseen cases of compliance monitoring 

Did you know that the highest number of cases of AML law violations have been reported in 2020? Here’s an overview of the number of cases reported last year:

  • 82 cases of transaction monitoring 
  • 109 cases of poor AML compliance 
  • 115 cases of lack of customer due diligence 

If banks continue to lack robust verification and AML systems, the numbers will increase this year as well. 

Suggested: A Comprehensive Guide to AML Compliance [2020] 

What Can You Do to Prevent Fines in 2021?

Other enterprises in the finance sector must comply with the KYC/AML regulations at all costs. Otherwise, heavy penalties will be their fate in 2021 as well. How can banks and other financial enterprises prevent fines this year? Well, here’s what you should do:

  • Take a look at the amended laws from regulatory authorities 
  • Audit your current identity verification protocols 
  • Ensure robust KYC/AML compliance measures within the company 
  • Never onboard any customer without verification
  • Always perform enhanced due diligence (EDD) checks for high-risk customers 
  • Ongoing transaction monitoring must be employed to prevent money laundering 

Read more: Shufti Pro’s Ongoing AML Solution to Prevent Transaction Laundering 

How Can Shufti Pro Help You?

Penalties on financial institutions are increasing every year and 2020 broke records. The major reasons for hefty penalties included poor customer screening and inefficient AML compliance procedures. Furthermore, damaged brand reputation is another setback for companies. In order to protect your organisation from criminal activities and heavy penalties, it is better to employ KYC/AML verification.

Shufti Pro is a one-stop solution for all your needs. With AI-powered identity verification and AML screening, you can verify all the customers during the onboarding process. Moreover, the ongoing AML screening allows you to screen the backgrounds of high-risk customers as per your requirements. With 98.67% accuracy of our solutions, you can get in touch with the right customers. 

Talk to our experts and add robust identity verification protocols to protect your company. 

Fintech

Fintech 2021: KYC/AML Bringing New Innovation to the Table

2020 was all about surviving the pandemic, but it has also kickstarted a new wave of innovation. As we enter the new year, there is an influx of businesses shifting to the digital space to survive market competition. Even smart payment solutions like Google Pay and Apple Pay which allow performing transactions on a smartphone have become old news. 2021 has come with an increased drive for digital-only systems to replace conventional banking and financial norms which are in practice for a long time now.

The finance sector was quick in adopting recent advances in technology. Fintech companies are now trusted partners of more than 60% of the financial institutions out there in the market. Fintech services incorporate Know Your Customer (KYC) standards which are essential for any business entity to fulfil Anti Money Laundering (AML) obligations.

Current Landmark of Fintech and KYC

The fintech sector has matured with new technologies driving innovation. Possible instances of cybercrime can now be prevented by systems powered by artificial intelligence. In 2018, a staggering $218 billion in fintech investments were recorded, which laid the foundation of better and improved financial systems in the coming years. Government bodies, online businesses and service providers of financial technology make up the most part of the market.

Institutional players like banks are investing a good deal of money in Regulatory Technology (RegTech) to make sure they live up to the global KYC standards. Investors have shifted their targeted audience from B2C to B2B considering the opportunities financial technology has to offer. Moreover, the need for increased compliance and change in consumer behaviours has forced online businesses to practice secure customer onboarding.

Fintech Industry

The fintech market is prone to a lot of changes and technology is one of the reasons. Due to the constantly evolving nature, it allows enterprises to verify customers with confidence. The traditional KYC measures, which were once used by organizations to verify customer identity, have now made their way in the digital landscape. KYC verification is now performed in real-time over the internet, regardless of where an individual is present. Since KYC is an obligatory requirement for financial firms to mitigate fraud and money laundering, fintech solutions address the problem in light of regulatory compliance.

 

Lack of KYC/AML Infrastructure

Since financial businesses involve a good deal of monetary activities in daily operations, they need to perform proper KYC and AML checks. Fraudsters associate ties with business entities to launder dirty money through their platforms and conduct a series of cybercrime.

KYC/AML regulations are a good bet when it comes to preventing the illicit flow of money.

Regulatory authorities have been imposing heavy penalties to financial firms who fail to meet KYC/AML requirements in the recent years. A study by Thomas Reuters lists instances highlighting the importance of KYC and AML requirements:

  • The national fintech charter by the Office of the Comptroller of Currency (OCC) of the U.S. imposed stringent regulations on companies providing digital-only full banking services in 2017. 
  • A digital currency operator in 2015 was fined $700,000 by FinCEN for not investing in an adequate AML screening program.
  • A fintech for consumer lending services was penalized $6 million by the Consumer Financial Protection Bureau (CFPB) for not following proper KYC standards while onboarding external borrowers.

Fintech’s Role in Customer Onboarding

Today, with advances in technology, associating ties with customers and other businesses has become secure and smooth. Gone are the days when a manual verification was mandatory to complete a customer onboarding process.

Artificial Intelligence

Banks and fintech businesses are moving towards AI-powered solutions to speed up their customer onboarding procedures. In this COVID-struck time, financial firms are banking on new and improved technology to maximize their sales. With the power of machine learning and AI, fintechs can monitor suspicious transactions, and effortlessly engage with new prospects at the same time through digital KYC. 

Biometric Security 

Financial services have seen a surge in demand over the past few years. This calls for digital advances that empower KYC to better assess customers and take down identity fraud. In 2021, fintech firms are adopting biometric authentication technology like facial and fingerprint recognition as a more accurate and reliable means of meeting KYC standards. 

Regulatory Technology

The growth in fintech has enabled global regulators to develop regulatory technology for the better compliance. To better practice AML compliance, Regulatory Technology (RegTech) has become essential for online businesses, and fintechs are no exception. Undoubtedly, technology brings innovations, but it creates a new avenue for cybercrime as well. Regulatory service providers are striving to combat potential threats and risks by creating reliable solutions. 2021 could prove to be a year of collaborations between fintech providers and regulatory bodies, as they look forward to making the financial industry a safer place.

It all comes down to Shufti Pro…

An effective KYC verification process is the need of every fintech business in the industry. In order to meet the constantly evolving regulatory requirements, financial businesses need a solution that can facilitate them to meet KYC and AML obligations in the best possible way. Shufti Pro offers digital KYC verification to onboard customers by verifying their true identity, in light of global AML compliance. With a global support of more than 3000 documents and 150 languages, we offer real-time KYC services. Shufti Pro incorporates reliable and quick data protection to provide fintech companies with a safe and secure channel for customer onboarding.

OCR-blog

4 Industries Where OCR Technology Can Work Wonders

Today, online businesses need to meet the constantly evolving customer needs to survive market competition. In the highly digitised space where there is an influx of user data, having the appropriate technology is the need of the hour. Gone are the days when customers needed to reach a business’ office with their identity documents and take part in a tedious verification process. With Optical Character Recognition (OCR), customer onboarding can be performed remotely and with better turnaround times. Advanced OCR technology not only helps streamline the process at the user end but also helps businesses save the cost and time of investing in manual data entry tasks.

OCR-blog

Industry Use Cases of OCR Technology

Banking Industry 

Financial organisations like banks are a frequent consumer of OCR services because of the amount of paperwork in their daily operations. OCR can play a crucial role in Business Process Automation (BPA) systems which are an essential part of customer data processing. It can help perform easy and accurate data extraction of documents which simplifies banking procedures. Automated Teller Machines (ATMs) are one of the basic applications of OCR technology which recognise numbers on payment cards and process them digitally. 

Another benefit of using this technology is that information provided on handwritten cheques can be scanned and managed without the hassle of entering data manually. The process incorporates important details like the name, address and signature of the users which are processed in real-time. With Artificial Intelligence bringing new innovation to the table, smart OCRs are replacing form processing, and other paperwork done by credit card processors. Merchant statement analytics, which takes long hours of verifying transactions and checking credit scores, can now be streamlined with accurate readings from AI-based OCR solutions.

OCR-blog

Healthcare Sector

Hospitals and other organisations working in the medical sector have to work with a lot of paper-based patient records, health insurance forms, and medical policy statements. Keeping track of the large volume of data often becomes an uphill task for healthcare institutions. Optical Character Recognition provides a solution to this problem by converting data like patient profile, treatment history, insurance payments, and diagnostics into digitally accessible information. Once the information is changed to electronic form it can now be accessed anytime with ease. This gives healthcare providers the utility to better diagnose a patient by viewing their medical history through their electronic health record. 

Apart from this, information extracted from the OCR engine is stored to cloud storage where it is kept secure and confidential. This helps medical service providers in the efficient management of patient records. Moreover, in the pharmaceutical sector, information related to a wide range of drugs could be digitally stored and retrieved from online databases with a single search operation, optimising time management. 

Read more: Fully embracing digital transformation with AI OCR

Finance Industry

The Finance sector can greatly benefit from OCR solutions providing finance experts and accountants with the opportunity to focus on high priority tasks rather than processing information using old-school methods. Rather than focusing on manual data handling and processing, they can use OCR technology to automate operations which take longer turnaround times. This way financial organisations can bring better productivity and accuracy in their mechanical operations. 

According to a report, digital businesses invest more than a billion dollars in preventing fraudulent activities. Blank and double receipts, transactions from non-banking entities, and adding more value to the actual expenses are ways and means through which cyber criminals deceive financial systems and forms. OCR helps mitigate these possible instances of financial frauds by integrating OCR management systems in mobile applications or web platforms which are used to perform financial activities.

With Optical Character Recognition, in-depth audits can be conducted with a faster turnover, allowing auditors to easily access budget reports and expense documents. Rather than reporting and collating every single detail, finance experts can spend more time on analysing details related to transactions. 

Apart from this, OCR allows accountants to work remotely due to the level of accessibility they provide. By reducing the possibility of human error in reading invoices and financial statements of different formats, automated OCR solutions prove to be a good deal in the finance industry. 

Insurance Industry

Unexpected delays can affect the customer experience of any organisation, and insurance firms are no exception. Manual entry of data becomes impossible when it comes to the length and volume of insurance policies and agreements. There is no solution except to go digital. Insurance companies can use OCR-based solutions to make their client onboarding process smooth and effective. By allowing customers to upload a copy of their insurance policy using a mobile application powered by OCR, insurance firms are banking on the right use of technology. Insurers can now sign contracts with customers by easily retrieving their information through searchable PDFs generated by OCR. 

Shufti Pro’s OCR for Business

Data extraction and processing is the need of the hour for enterprises around the globe. Processing customer data in huge volumes can often become a challenge for online businesses in the finance, banking, insurance and healthcare sector. 

Shufti Pro’s OCR for Business combines artificial intelligence to perform instant image to text conversion of paper-based documents into digital PDFs. The solution extracts information from a wide array of documents including handwritten, business records, official letters, and invoices etc. Shufti Pro’s OCR has multilingual support of over 150 languages with global coverage. With a remarkable accuracy of more than 90%, online businesses can efficiently optimise their customer data.

Get in touch with our experts and know everything about optical character recognition (OCR) for businesses. 

Securing

Securing Public Facilities with Touchless ID Verification Kiosks

Due to the coronavirus pandemic, social distancing became the utmost need of the hour. Given the rise in contactless means of communication, touchless identity verification is also an emerging trend these days. Verifying identities through traditional means was long gone when eKYC emerged. Now, the trend for contactless verification is increasing. Airports, arenas, and other public facilities are preferring touchless means of ID verification. Recently, Japan announced the use of face recognition technology at the Tokyo Olympics. The purpose is to trace any unusual activities and contact among individuals. Similarly, the majority of states in the US have touchless verification kiosks at the airports to ensure seamless identity verification. 

Touchless identity verification not only ensures social distancing but provides customers with a seamless experience. Read this blog to find out the what and how of touchless identity verification kiosks.    

How Does Touchless ID Verification Work?

The process is very simple and takes few seconds for completion. With advanced Artificial Intelligence models, the contactless system verifies identities accurately and has the following few steps. 

  1. First, the touchless kiosk is installed at security checkpoints of public facilities, arenas, airports, restaurant entrances, etc. 
  2. The end-user signs up with their identity details remotely 
  3. Upon arriving at the place, customers verify identities by showing identity documents. No physical contact is involved here 
  4. the customer’s live biometric information is recorded and the verification is performed against the previously submitted information
  5. If the match is successful, the customer can enter the facility. Otherwise, the verification is declined and end-user cannot enter the place 

The five simple steps hardly take a minute for completion. If the information submitted during registration is correct, the contactless kiosks require only five seconds to perform the rest of the verification checks. 

infographic

ID Verification Checks Performed in Touchless Kiosks 

The process is effortless and simple, and also verifies in real-time. However, it is important to know the various checks Shufti Pro’s touchless kiosks perform for identity verification. In our facility, the contactless system performs document verification and three different biometric authentication checks for enhanced security. Let’s take a look at all of them.   

Document Verification 

This is the first check performed. Once your customers reach the security checkpoint, they have to show their government-issued identity document to the machine. The information provided for registering is cross-checked with the identity document shown to the kiosk. In case, the documents are not verified, further verification checks are not performed. 

Biometric Authentication 

Biometric authentication is an emerging trend for identity verification. Biometric authentication refers to the verification of behavioural and physical attributes of an individual. These attributes include walking style (gait), iris, pupil, palm, face, retina, and voice recognition. Touchless kiosks perform three different biometric authentication checks for better security. These three checks include face recognition, palm recognition, and voice recognition. 

Face Recognition

Every person has a different face geometry that makes it easier for facial recognition system to verify identities. The images on the government-issued identity documents submitted during registration are verified with the face shown to the kiosk. The face recognition algorithms map facial features of the customer from the image and are authenticated with the face in real time. 

Palm Recognition 

The unique biometric traits on an individual’s palm are also used for biometric authentication. To access certain services, it is essential for all the individuals to perform palm-vein recognition and handprint recognition. Along with a variety of other techniques, palm recognition works as an extra layer of security on top of face recognition and voice recognition.

Voice Recognition 

Voice recognition is another biometric authentication measure that works by digitising the voice of the customer into segments and matches it against the voice captured or produced as a sample of the customer. Voice being the sift biometric is perfect for contactless identity verification at public places. 

Be it airports, hotels, or conferences, touchless kiosks can be of great help for  your organisation in ensuring security and contactless measures at all times. 

Shufti Pro’s Touchless Kiosks Facilitating Your IDV Needs

Shufti Pro strives hard to ensure higher levels of security of your company. Since the coronavirus pandemic has imposed social distancing on us, we are now providing touchless identity verification kiosks to large-scale events, airports, arenas, restaurants, and anyone who is wondering about better ways of verifying identities and avoiding physical contact. Shufti Pro’s touchless kiosks have the following benefits for your company. 

  • We provide global support and contactless kiosk also verifies more than 3000 document types with 150+ languages
  • Compliance with GDPR and PCI DSS data protection measures is ensured 
  • Screening is automated so there are no chances of manual delays 
  • State and international regulatory compliance is also ensured 
  • Real-time verification within five seconds 
  • Three types of biometric authentication checks for enhanced security 
  • A combination of several identity verification checks increases accuracy and credibility of this system

Summing It Up

Due to the Covid-19 pandemic, everyone prefers contactless means of communication. Verifying identities through traditional methods is no longer adequate in the digital world. Now, contactless methods of identity verification are preferred over the other methods. With the help of touchless identity verification kiosks at security checkpoints, you can enhance the security of large-scale events. Airports, restaurants, and retailers can make great use of this technology and secure their organisation from unusual activities. Our touchless kiosks employ document and biometric authentication for better security. 

Get in touch with our experts today and know everything about touchless kiosks. 

biometric

Biometric Authentication – How Do Fraudsters Try to Bypass These Checks?

Biometric authentication is one of the ideal ways of dealing with fraudsters. Unfortunately, criminals have become sophisticated over time and now, they are figuring out better ways to bypass these checks. We are fortunate to have AI-powered solutions that cannot be dodged easily. However, taking necessary precautionary measures always helps. Since conventional methods for verifying customers is long gone, the trend for AI-based biometric authentication is what every industry needs. Identity theft fraud is the main reason behind the rising use of biometric authentication. Also known as liveness detection, biometric verification is a great way of combating identity theft fraud. 

Did you know in 2019, a US company lost 10 million dollars reportedly due to an audio deepfake of the CEO that requested money transfers? The rising numbers and methods of identity theft demands a robust solution for combating fraud and biometric authentication is one of the best ways. Read this blog and find out the two ways fraudsters use as a bypass attempt and why they are not successful. 

The Two Methods for Dodging Biometric Authentication

Wearing face masks is the oldest trick in the book for fooling biometric authentication checks. Nowadays, fraudsters use technology for deceiving the checks. Editing videos and audio files with content as per their needs is the latest trend. Also known as deepfakes, fraudsters use deep learning techniques to make people believe the false. 

  • Spoofing

Apart from using glasses and face masks for spoofing, there are plenty of other complex methods that fraudsters use for spoofing. In the modern world, it is not a problem for acquiring someone’s picture and using it for illegal activities. With the help of technology, they edit photos and use it during biometric authentication.

2D and 3D Face Masks 

By performing a facial artefact, imposters use advanced automated printing to create a 2D mask or buy a 3D mask for a few euros. In more advanced spoof attacks, imposters use face masks of real people to verify the image on the ID document during biometric verification. Asking the end-user to move their face, eyes, and smile are some of the techniques used to identify spoof attacks. 

Read our Whitepaper for more information on Biometrics: Banking on Biometrics: The Future of Customer Authentication

theft

Deepfakes

Apart from 2D and 3D face masks, deepfakes are an emerging threat for businesses too. Imposters edit videos and audio files according to their needs. For instance, a video can be edited to change background or statements so that they seem authentic while demanding any information or money. Why do fraudsters use deepfakes? Well, they are well-aware of the fact that companies have developed strong authentication measures for securing their emails. They need a better method for deceiving companies and deepfakes is one of the ways cybercriminals are using these days. 

In 2019, cybercriminals mimicked the voice of a CEO of a large energy firm and demanded £220,000 from the employees. Similarly, Obama’s video was also edited in which he used certain names for Donald Trump. In reality, it was a deepfake and the event occurred in 2018. Another example of deepfake is the US House Speaker Nancy Pelosi’s video. In that video, her statements were slowed down by 25% which made it look like she was drunkenly stumbling over her words.    

  • Bypassing

In this case, fraudsters try to hack the biometric authentication system rather than using any impersonation techniques. Their target is the weaknesses in the biometric authentication system and the idea is to alter biometric authentication system’s data. For instance, imposters can inject a pre-recorded video in the biometric system. However, advanced biometric authentication checks do not allow fraudsters to bypass. With the help of liveness detection checks, it gets easier to identify bypass attacks in no time. 

Read more: Biometric Authentication Technology – Everything you Need to Know

How Does Biometric Authentication Prevent Spoofing and Bypassing?

Biometric authentication checks for live presence of the customer. In case of stolen identities, the image in the government-issued ID document is verified through a selfie that the user has to submit during verification. Moreover, 3D mapping, skin texture analysis, 3D sensing, and various other techniques help in identifying spoof attacks within seconds. Users are asked to blink, nod, smile, and talk to the verification expert to prevent spoof attacks. 

In 2021, we are expecting deepfakes to increase in number, while 2D and 3D masks are not expected to decrease at all. Artificial Intelligence has made it easier for fraudsters to develop better spoofing measures. However, biometric authentication checks have become sophisticated too. A simple skin color change in a photo will not help criminals to fool authentication checks. Skin texture analysis and self-trained AI models in biometric authentication can detect any facial spoof attacks. Moreover, liveness detection is performed to ensure higher levels of accuracy in the biometric verification checks. 

It All Narrows Down To…

Biometric authentication is one of the best ways to combat identity theft, especially 2D and 3D masks, and deepfakes. Skin texture analysis, 3D mapping, depth sensing, liveness detection, and other techniques have enhanced the accuracy of biometric authentication. There are two methods that fraudsters use for surpassing biometric authentication checks – spoofing and bypassing. Both these methods use advanced technology and criminals can achieve their illegal goals. However, facial biometric authentication backed with Artificial Intelligence can easily prevent spoof attacks. 

Shufti Pro’s enhanced biometric authentication checks deploy thousands of AI models to authenticate an identity and verify the live presence of the customer. With 98.67% accuracy, our solutions ensure that your company stays safe from facial spoof attacks. 

enhance

blogimages12

High-Risk Transactions – How Can Enhanced Due Diligence (EDD) Help?

In today’s continuously evolving world, businesses should not only focus on the revenue they generate but also the type of customers they are dealing with. This means that verifying identities of all the stakeholders is mandatory. Businesses classify customers into different categories based on the risk associated with them. To ensure that all the customers are legitimate and do not bring any challenges for enterprises, Customer Due Diligence (CDD) is made compulsory by regulatory authorities. However, CDD cannot help in mitigating the risk of dealing with high-risk customers like blacklisted individuals or nationals of sanctioned states. Since KYC and AML compliance have become more rigid now, Enhanced Due Diligence (EDD) is a great way to help your business. You can read everything about enhanced due diligence in this blog.   

What Does FATF Suggest for High-Risk Transactions?

Financial Actions Task Force (FATF) recommends the risk-based approach for dealing with high-risk transactions or customers. All companies, especially financial institutions, are directed to develop a risk-based approach (RBA) for their company and assess money laundering and terrorist financing activities. They must take AML and CFT measures to mitigate the risk of such transactions effectively. Companies must assess the impact of high-risk transactions on their business in the RBA. As per the FATF’s 40 recommendation, the risk-based approach enables states to adopt flexible measures for targeting their resources effectively. 

blogimaages12

Process of EDD for High-Risk Transactions

The process of Enhanced Due Diligence is very simple and takes only a few minutes for completion. As per the guidelines from different regulatory authorities, here’s the process of EDD:

Step 1: Risk-Based Approach 

First, a risk-based approach is developed for classifying all the customers into different categories. Classification helps in better understanding of the customers and acquiring appropriate information becomes convenient for the company. 

Step 2: Create an Enhanced Due Diligence Checklist 

Now, a checklist is created for Anti-Money Laundering policies and KYC checks for high risk clients. It is also known as the enhanced due diligence checklist and provides all the essential information collectively. 

Step 3: Analyse Source of Funds and UBO

Knowing the customers’ source of income is crucial since illegally earned money should not be allowed to enter your business. For more effective verification, the value of all financial and non-financial assets of the client must be known. Lawfulness of the source of funds is essential for enhanced due diligence. If we find any discrepancies in the records or statements, the verification is immediately stopped. In case of B2B transactions, subsidiaries and beneficial owners of the entity must be verified during the screening of Ultimate Beneficial Ownership (UBO) of the company. 

Step 4: Ongoing Transaction Monitoring 

In this step, the transaction history of the customers is checked. Duration of the transactions, receivers of the payments, and similar details are considered while monitoring transactions. Apart from these details, transaction monitoring in enhanced due diligence also considers the threshold of every transaction made by the customer. 

Step 5: Analyse Local Reputation of the Business

Sometimes, all the information available may not be able to give an idea of the position of brand among the local customers. To tackle high-risk transactions, enhanced due diligence checks also review the local reputation of the business. This is done by reviewing local media such as social media platforms, news, etc. 

Step 6: Physical Address Verification

Since it is enhanced due diligence for high-risk transactions, the address is verified by physical visits as well. This is done to verify proof of address i.e. the address in the identity document exists in reality as well and the client is associated with it too. In case physical address verification is not possible, online address verification through latest documents such as bank statements, utility bills must be performed to control risk.

blogimageas12

EDD Entails More than Identity Verification

Apart from enhanced due diligence’s role as an identity verification measure and fraud prevention, it has numerous other benefits too. Here are some of the perks that your business can enjoy after employing enhanced due diligence.

EDD Enhancing Your Customers Experience

As the aforementioned enhanced due diligence process has made it clear, there is plenty of information required for conducting the identity verification. All the available information will not only help you in verifying the identity of customers with high-risk transaction records, but it will also assist you in providing better services to the customers according to their preferences. 

Keep Your Company’s Files Clean

While performing enhanced due diligence checks, you can prevent dirty money or illegally earned money from entering your business’s ecosystem. Maintaining clean files with all white transactions is what companies dream of and EDD verification can help you achieve that goal. You are not only verifying an individual, but all the entities associated with the business like its shareholders. Enhanced security layers will keep your business protected from money laundering and other criminal activities. 

Build Credibility in the Industry 

Building a positive brand image can not only be achieved through corporate social responsibility (CSR) but it is also achieved through enhanced due diligence. All the other businesses in the industry will trust you since all the transactions are strictly monitored and everyone is well aware of the fact that you do not have any high-risk clients onboarded. 

Keep Fraud Schemes at Bay

Not just money laundering, but other fraud schemes like terrorist financing and account takeover can be prevented too. You can focus more on business growth and higher profits since financial crimes are at bay with enhanced due diligence. KYC/AML compliance have become more rigid and adding enhanced due diligence has become the need of the hour to prevent crimes. You can read our KYC guide to know more about the evolving laws. 

blogimagses12

Summing It Up

It all narrows down to one point – enhanced due diligence is the key to tackling high risk transactions and customers in no time. The process requires all major and minor details of the transaction to ensure accurate verification. Moreover, it has numerous other benefits apart from the robust identity verification checks. It makes your business credible for other business entities and customers. You can keep all financial crimes at bay with enhanced due diligence. 

Shufti Pro’s KYC and AML screening ensures that all the high-risk customers are identified on time so that you can keep your business secure. Furthermore, our KYC services are especially designed to streamline the customer onboarding process. 

For more information about enhanced due diligence and know your customer, talk to our experts now.

blogimagesnew

Blockchain and Identity Theft: Potential Challenges and how to Tackle Them

Blockchain has become increasingly popular because of its potential to provide secure transactions and prevent identity theft. A staggering $20 billion is expected in annual blockchain spending with the finance sector contributing almost $522 billion to the overall sum. So what’s all the hype about? The power to privately store user data makes blockchain a preferred choice for both customers and service providers.

Identity theft is a growing concern with almost 60 million individuals falling prey in the US alone. Imagine the size of stolen identities when scaled at a global level. Many are unaware of the fact that their identities have been stolen unless they happen to notice devastating results. Not having proper means to safeguard customer identity could cost online businesses in terms of both brand loyalty and reputation. Blockchain provides users with better control over personal information and a reliable means of preventing identity fraud.

Identity Theft – A Challenge For Blockchain Enterprises

Identity theft takes a toll to customers as well as poses a serious threat to online businesses. Cybercriminals employ a number of methods including data breaches, account takeovers, and payment card fraud to pursue their illicit motives. Some of the most common instances of identity theft are listed below: 

Synthetic Identity Fraud

Personal details from various users are combined to make a fake identity which is called synthetic identity theft. Usually, the process is carried out by mixing the fabricated data with the stolen records of authentic users. Fraudsters then use these new identities to perform various other fraudulent activities. For instance, online scammers setting up fake accounts to associate ties with online businesses and performing money laundering through them.

blogimagesneaw

E-commerce Scams

Online shopping scams are common when buying products or services from digital platforms. Dubious identities are all over these e-commerce websites to steal payment card details by tricking consumers into submitting their identity information. Imposter e-stores are created with the purpose of stealing user information usually through phishing emails and attractive offers. 

Medical Identity Theft

Health insurers and medical service providers need to keep a vigilant eye on clever fraudsters looking to steal the medical identity of patients. Medical ID theft can grant illegal access to a patient’s records which can be used by the criminal to gain financial gains. This type of fraud often goes unnoticed due to lack of proper identity verification mechanisms during patient registration and insurance claims. 

Stolen Social Security Numbers

Social Security Numbers (SSNs) are another avenue of conducting identity theft. Consisting of nine digits, SSN is usually assigned to citizens at the time of birth as an identity proof. Fraudsters use them to conduct a series of online frauds including medical and child identity theft. Often, online scammers acquire security numbers to gain access to the victim’s financial information to create fake accounts and obtain tax refunds.    

Blockchain on Preventing ID Theft

Blockchain technology comes with a few advantages to secure user data and prevent criminal identities from entering the system. Some of them are listed below:

Secure Channel for Transactions

Blockchain is often treated as a cybersecurity solution to tackle identity theft. It can help prevent personal data from getting in the hands of bad actors due to the level of security it provides. The distributed ledger in blockchain is a record-keeping database which holds digital records. The personal detail of every user on the ledger is secured by using cryptographic keys – a mechanism to encode data in machine readable form. It makes it quite hard for hackers and cybercriminals to break the keys and gain access to sensitive credentials. 

In case an intruder enters the system, it is detected in real-time to take down the fraud attempt to mitigate potential loss. This way, users of online services can perform transactions through a safe and secure channel without the fear of identity theft. Distributed Ledger Technology (DLP) in blockchain can be combined with ID verification solutions to verify customer identities across multiple platforms. This not only reduces the risk of end-point vulnerabilities but also helps enterprises comply with the standard regulations for onboarding procedures.

blogimagesnew2

Fraud Entry Barrier is Narrowed 

Last year, almost 16.7 million people fell prey to identity theft in the US. In a centralized network, it is easy to breach the system and get away with it. A single point of failure in identity verification systems can lead to a loss of millions, providing unauthorized access to credit card pins, SSNs and other personally identifiable information to fraudsters. When it comes to blockchain, the scenario is quite different since fraudsters attempting to steal an identity need to go from one  point to another which is intensive in time and effort. 

Public Key Cryptography (PKI) in blockchain is used to create a digital infrastructure that is distributed over multiple blocks of data. The significance of PKI’s are twofold; they provide protection for each individual’s identity, and they deter mass data breaches from occurring.

Personal Data Ownership

Cybercriminals use synthetic identities to take over user accounts which are used in impersonation fraud to issue new credit cards and open bank accounts. Identity theft costs banks a good deal of money each year with the number increasing each year. This can result in bad credit scores, huge amounts of debts on credit cards, and red flags by financial regulators. 

Blockchain helps overcome this problem by offering public keys, which are used to facilitate two parties in initiating a secure transaction. This gives user’s ownership of their data, for example, identity information like birth dates are put on a blockchain to identify a user. This adds an additional layer of security for online communications.     

Shufti Pro’s IDV for Blockchain

Identity theft prevention is essential for service providers of all kinds. Verifying customer identity helps save cybercrime costs and offers an easy solution to practice Know Your Customer (KYC) and Anti Money Laundering (AML) standards. Blockchain firms can adopt ID verification services to effortlessly onboard their customers in real-time.  

Identity verification by Shufti Pro helps services providers in the blockchain space to streamline their customer onboarding. By offering IDV solutions backed with Artificial Intelligence, blockchain businesses can comply with international KYC and AML standards and ensure customer trust and loyalty. With a remarkable accuracy rate of almost 98.67%, and a global coverage in 232 countries and territories, Shufti Pro is providing Blockchain-based platforms and businesses with a seamless solution for verifying their customer’s identity.  

Changing Landscape

The Changing Landscape of KYC/AML Regulations in 2021

Know Your Customer (KYC) and Anti-Money Laundering (AML) regulations have been evolving over time. As the world moves forward, these regulations will experience more changes. After the coronavirus struck the world, fraudulent activities across the world increased. Given the need for more rigid regulations, KYC and AML regulations will change in 2021. Criminal activities like money laundering and terrorist financing have increased; therefore, all regulatory authorities have made some changes to the KYC/AML regulations. Due to the COVID-19 pandemic, all industries are facing significant challenges and more rigid laws will make it easier for companies to fight frauds.  

The European Union (EU), FinCEN, FINTRAC, and Ukraine’s two-tier system are in the pipeline this year. We have briefly discussed all these new changes in this blog. Keep reading to find out. 

The UK’s Sanctions and Money Laundering Act of 2018

The post-Brexit situation in the United Kingdom is not very good. Companies are not following the directives from the European Union and the UK has implemented the Sanctions and Money Laundering Act of 2018 in the country. According to the EU, the Act of 2018 is not up-to-date and has certain lackings that may not be able to counter money laundering and terrorist financing activities within the country. Secondly, trade scenarios with the UK will experience various pitfalls as well. 

According to the Sanctions and Money Laundering Act of 2018

  • The UK will meet foreign policy objectives and national security by implementing UN sanctions. 
  • The Act of 2018 ensures updated AML and CFT measures within the country.
  • This Act is also focused on assisting advancements in the UK’s national security and compliance with international security standards. 
UNODC

Sixth Anti-Money Laundering Directive (6AMLD)

The sixth anti-money laundering directive was planned for 2021. However, the rise in fraudulent activities during the pandemic led to its enforcement in December 2020. The KYC and AML protocols in 6AMLD claim to be more rigid and fight money laundering and terrorist financing (ML/TF), identity theft, account takeover, and other types of crimes in 2021. Here’s a brief overview of the sixth anti-money laundering directive (6AMLD):

  • A list of 22 predicate offences was provided in the directive 
  • The threshold for transactions was reduced
  • 6AMLD has established three points to consider aggression 
  • Economic sanctions rose up to 5 million 
  • This directive has emphasized on RegTech companies 

One to four years of imprisonment for offences like ML and TF 

download

Better KYC Regulations by AUSTRAC

Australian Transactions Reports and Analysis Center (AUSTRAC) also stepped forward when the pandemic struck. Since KYC/AML regulations became harder to comply with during lockdown, it provided alternative methods for compliance with the laws. Although conventional KYC checks are no longer used, AUSTRAC also encouraged digital KYC verification. These amendments are expected to change the regulatory framework in the long-run. Following are the alternatives that were recommended for the Australian organisations. 

  • Use of electronic or scanned copies of identity documents 
  • According to part 4.15 of this law, Australian companies can use alternative proof of identity processes. Alternatives may include referee statements from employers, police, community or religious leader, or healthcare professional
  • In case of using any of these alternatives, video call verification can be performed for enhanced efficacy of the process

Recommended: KYC Verification Process – 3 Steps to Know Your Customer Compliance 

FinCEN’s Amendments in the Bank Secrecy Act (BSA)

FinCEN has taken necessary steps to amend the Bank Secrecy Act (BSA). Updates have become mandatory for the act due to remarkable innovations in the finance sector. Changes in this Act are expected to bring a drastic change in the overall crime rate in the country. Here are the alterations suggested by FinCEN:

  • Address the evolving threats of illicit financing 
  • Higher flexibility in resource allocation
  • Most recent significant change in the BSA includes enhanced due diligence and beneficial ownership requirements 
  • Increase the effectiveness of national AML laws 

Two-Tier System of Ukraine’s AML Rules

In April 2020, Ukraine’s New AML law was enforced. The country will follow a two-tier system as per the law. The two levels of financial monitoring include initial and state levels. The members include:

  • Addition of new members to the Initial Monitoring Institutions 
  • More people in the State Monitoring Institutions

Individuals and legal entities at the Initial Monitoring Institutions level must register with SSFCU.

The new AML law state that:

  • Assets related to terrorism must be immediately freezed
  • Geography and place of registration of the client must be considered under the law’s risk-oriented approach
  • Previously, the PEPs status of a client was temporary (up to 3 years). However, amendments in the law have made this status lifetime 
  • Initial Monitoring Institutions can now perform remote verification. 
Eu total

Changes in the KYC/AML Laws by FINTRAC

FINTRAC is the regulatory authority of Canada and has a few KYC/AML regulations in the pipeline that will be effective in the second half of 2021. First, there are laws for identity verification conducted by other reporting firms. Second, services and products are now subject to PCMLTFA. According to these laws:

Reporting entities can conduct identity verification themselves. They can also rely on agents or affiliates’ information for ID verification. 

  • Now, reporting entities do not have to keep a record of PEPs.
  • As of this time, reporting entities have to take certain measures for confirming the accuracy of beneficial owners during account opening. If the risk is high, they have to keep the information updated as well. After the amendments, reporting entities must periodically review the accuracy of information of beneficial owners. 
  • Reporting entities that send Electronic Fund Transfers (EFTs) initiated by other entities must keep a record. This will also include relevant information pertaining to the transaction is available for identifying suspicious activities. 
  • Currently, two or more transactions that are less than or equal to $10,000 are treated as one if conducted within 24 hours. After the amendments, any transactions, under the 24-hour rule and transactions larger than $10,000, will be treated and submitted as one report. 

Suggested: Online Identity Verification – 5 Trends to Expect in 2021

Summing It Up

Every year, there are significant changes in the KYC/AML regulations. Due to the pandemic, criminal activities increased and now almost every state has to reconsider the laws. FINTRAC, FinCEN, AUSTRAC, and other authorities have already enforced amended regulations. On the other hand, Brexit has forced the UK to implement the Sanctions and Money Laundering Act of 2018. The 6AMLD is also in action in the European Union. All in all, enhanced regulations are all set to change the game for businesses. Is your business KYC/AML compliant? 

For information on how we can help you in KYC/AML compliance, get in touch with our experts. 

Covid-Related Scams Onsite banner

Top 7 COVID-19 Related Scams and Frauds to Look For in 2021

It has been more than a year since the COVID-19 pandemic took the world by storm. Where the global emergency has created the need for an all-important vaccine, it creates a number of challenges as well. Scammers are preying on the public’s fear by offering COVID-19 tests in exchange for personal details. By using unsolicited phone calls, text messages and door-to-door visits, they provide illegitimate services to steal information. The credentials are then used to build fraudulent health care programs or commit medical ID theft. 

Apart from this, fake websites and malicious apps offering medical advice are also on the rise. A study by the Federal Trade Commission (FTC) reported 175,000 fraud cases related to COVID-19, with $16 million lost to online shopping of medical products like masks, sanitizers, etc., which never arrived. 

Vaccine Emails for Phishing Attacks

Spear phishing attacks have become more common in the COVID-19 vaccine supply chain. They particularly target individual companies posing to know information about them and showing shared interests. This type of coronavirus fraud was first seen on Dec 3 when Cybersecurity and Infrastructure Agency (CISA) reported thousands of phishing emails sent to hospitals and healthcare organizations impersonating as a biomedical company providing COVID-19 vaccines.

The vaccine email comes with a pledge to stop the virus by participating in their program and comes with a document that could be opened by providing user credentials. The victims end up providing their identity information to criminals. As a result, instead of acquiring the vaccine, user identity is compromised.

Covid related scams

Vacation and Travel Scams

Fake travel agencies offering post-COVID discounts are all over the internet these days. With the ease in travel restrictions regarding the pandemic, online scammers tend to be more active. False travel schemes used to trick people in giving out their personal information provide a golden opportunity for fraudsters to carry out their illicit motives. Dark web platforms have started to advertise travel services after being inactive throughout the pandemic surge. 

Unbelievable discounts and offers at fake travel websites are one thing to look out for after the pandemic. According to an estimate by Europol, the airline industry has reported a loss of $1 billion yearly due to black market scams. The situation is expected to worsen since the travel restrictions in most countries have been lifted which creates better opportunities for travel scams.  

Peer-to-Peer Mobile Payment Scams

There is no doubt that digital payments have become normal due to the COVID-19 pandemic. Social distancing measures have made it necessary for users to switch to contactless digital payments. This creates new avenues to conduct payment fraud which is an increasing security concern. According to a study by Merchant Savvy in 2020, payment fraud accounts for $32.32 and is expected to grow at a steady rate in 2021.  
Peer-to-peer mobile payment platforms are on the verge of ransomware attacks, banking Trojans, PPP loan fraud, and different types of phishing scams. These scams focus on taking over user accounts by stealing their identity to make a profit or using it for various other cybercrime. 

Data breaches in the Healthcare Sector 

Data breaches in the healthcare sector are not new, but with the rise in the pandemic, medical organizations have been facing an increased number of such cases. These COVID-related scams take place either in the form of unauthorized access, malware, identity theft or stolen and misplaced laptops and equipment. Medical records are a good means of acquiring accurate information about an individual, and that is the reason why scammers see them so lucrative. 

The fact that most healthcare departments are working remotely and the data being in digital form, makes the problem more challenging. In these hard times, hospitals and medical service providers tend to focus on providing services rather than focusing on cybersecurity which can cost them a fortune in the long run. Medical Identity theft can cause serious consequences for patients in terms of compromised health insurance policies. 

Covid Related

Vaccine and Face Mask Advertisements 

Today, with the pandemic in full effect, online scammers and dubious identities on the internet employ various methods to benefit from fake masks and vaccines. The FTC states that more than $5 million is lost as a result of fake promotions of masks, hand sanitizers, respirators and other necessities to prevent the virus. Bogus and overpriced face masks and vaccines are easy to find on the internet these days. Multiple cases have been reported where the seller’s identity was found dubious and their intentions were to carry out fraudulent activities through their accounts. The Development Credit Authority (DCA) in the United States took down three such platforms providing fake services through their platforms.

Lockdown Scams 

Since the lockdown, there has been a 40% increase in scams and fraudulent cases. Fake lockdown fines took a toll on public communities, with scammers contacting victims through bogus texts impersonating to be from government officials. Testing kits sold by fake companies and online shopping scams also played their part in adding fuel to fire during the pandemic. Among all, fake donations and charities were the most common types of scam during the lockdown, where potential scammers encouraged generous donors to contribute to the good cause of fighting against the virus.

Covid-Related Scams Onsite

Fake Investment Opportunities 

Fraudsters don’t miss an opportunity to bank on coronavirus scams. By making up false opportunities to invest in stocks, digital currencies and other valuable assets, scammers steal personally identifiable information (PII) of users. Keeping in view the financial disruption due to COVID, social media adverts encourage users to avail the benefits of “financial downturn”, and deceive them to invest in platforms tailored for illegitimate services. Fake companies set up websites which are a perfect imitation of authentic platforms, to get the better of innocent users. 

Conclusion

Shufti Pro provides an all-in-one solution against coronavirus frauds by safeguarding users from medical identity theft. Our Know Your Patient (KYP) services provide better opportunities for healthcare providers for patient identification. It can help combat criminal identities which are in pursuit of exploiting medical records of patients to attain their illicit motives. With Shufti Pro’s KYP solution, fraudsters can be properly identified and COVID-related scams can be put to an end.

Identity verification by Shufti Pro uses artificial intelligence to streamline customer onboarding procedures in the medical sector. Now, organizations can use a reliable verification solution to key out criminal identities and entities using COVID-19 to conduct frauds and take them out timely.

blogimages

Online Identity Verification: 5 Trends to Expect in 2021

The boom in digitisation forced businesses to opt for digital means of operations. Online businesses experienced many ups and downs, but the online identity verification market experienced the most changes. Fraudsters also benefited from the coronavirus outbreak and  criminal activities significantly increased in 2020. Thanks to online identity verification systems, it got convenient for businesses to combat crimes during these tough times.

Online identity verification market is expected to grow at a faster rate this year (USD 7.88 billion) and by the end of 2027, the expected market size will be USD 18.12 billion.

For businesses like yours, it is an alarming situation because an exponential rise in online frauds will result in hefty penalties for the company and damaged brand reputation. Before the situation gets worse than it already is, your business must employ online identity verification checks. With continuous changes in the industry, trends for the online identity verification market for 2021 are pretty surprising. Read this blog to find the top five trends for the online identity verification market in 2021.

Online Identity Verification Trends for 2021

Online identity verification checks will face various highs and lows in 2021 as well. Due to the rise in the Covid-19 related frauds, we can expect some new trends for 2021 as well. Let’s take a look at the top five online identity verification trends to expect in 2021.

blogimages1

Identity Frauds to Increase More Than Ever 

After a distressing year 2020, fraudsters are all set to exploit businesses in 2021 as well. Identity frauds will increase this year at a faster than ever rate. According to Statista, identity theft is expected to increase by 82% in 2021. Among all types of identity frauds, synthetic identity fraud, and account takeover fraud will be the most terrifying. 

Recommended: Account Takeover Frauds – Impact, Causes, and Prevention

Fraudsters will Use AI for More Sophisticated Frauds

Artificial Intelligence has made all business operations convenient, but fraudsters are also using AI models for their malicious activities. Photoshopped images, counterfeit IDs, and synthetic identity fraud are some examples of sophisticated frauds. Unfortunately, the pandemic contributed to the significant rise in frauds, and we can expect higher intensity in sophistication of various fraud types in 2021. 

Biometric Authentication to Face Ethnicity Issues 

Ethnicity issues in biometric authentication have been debatable over the last few years. In 2021, the biasness issue will gain more hype. Why is facial biasness a major concern for people? Unfortunately, the biometric authentication checks designed for a specific region are trained for liveness detection and skin texture analysis. AI models are trained to identify people of a certain region that brings issues when the same checks are provided in other regions of the world. For instance, AI-powered biometric authentication services with customers concentrated in European regions may not be able to verify Asians with equal accuracy. Fortunately, Shufti Pro’s AI models have been trained to verify every customer irrespective of their region. We are already serving businesses in every corner of the world, which enhanced the authenticity and accuracy of our biometric AI models. 

blogimages2

KYC/AML Regulations to Be More Rigid 

KYC and AML regulations have been stringent for all the businesses but after the coronavirus outbreak, these regulations are expected to become even more rigid. The significant rise in online scams and frauds has led regulatory authorities like FATF to enforce more rigid regulations. On the other, the European Union has enforced 6AMLD to make sure countries in the EU can combat crimes in a better way. The crux of all these rigid laws is to bridge any gaps in customer due diligence protocols. 

Suggested: Customer Due Diligence Checklist – Is Your Business Compliant?

New Breed of Scams will Threaten Businesses in 2021 

As mentioned earlier, criminals are becoming more sophisticated in their job. Considering the increase in digitisation, a new breed of scams is expected in 2021. These new scams will make it more challenging for businesses to fight crimes and secure customers. However, online identity verification can help businesses in countering these new frauds as well. Here are the two new frauds that Shufti Pro encountered during online identity verification checks. We are also expecting an increase in the two frauds in 2021. 

Credential Stuffing

Have you ever wondered about the passwords lost due to a data breach? The passwords are used for another cyberattack called credential stuffing. Using the stolen credentials makes it simpler for fraudsters to get unauthorised access to the company’s accounts. To combat this crime, it is better to activate two-factor authentication, and set complex and different passwords for all the digital accounts. 

Replay Attacks 

This year, replay attacks were identified during the customer verification process. In a replay attack, the fraudster submits the same document with a few alterations every time. Multiple submissions of the document within a session make it difficult for verifying an identity. Moreover, bypassing verification checks gets easier for criminals. The best way to combat replay attacks is verifying the location of customers and adding enhanced online identity verification checks that can verify the document types irrespective of the number of times a document is submitted. 

Wrapping It Up

It all narrows down to one point – online identity verification checks are essential for businesses in 2021. The trends for online identity verification checks are surprising for all the businesses. Identity fraud will increase this year which means businesses need better verification measures to mitigate the risk of fraud. Furthermore, a new breed of scams will threaten enterprises. These new scams are  credential stuffing and replay attacks. Lastly, customer identity verification laws will become more rigid and biometric authentication might be a challenge for companies if AI models are not trained for different regions. 

Shufti Pro’s online identity verification has trained all the AI models that can verify any customer anywhere across the world. We can verify more than 3000 document types in over 150 languages. Get in touch with our experts and perform robust online identity verification checks to combat criminal activities in 2021.

age verification

How Age Verification Protects the E-commerce Industry From Potential Risks

Online shopping has become the new normal since the COVID-19 pandemic struck. With digital products and services being in popular demand, online businesses need to adapt to the constantly evolving customer needs to survive market competition. According to a study, almost 2.14 billion consumers will buy goods and services from online platforms by 2021. Where the surge in e-commerce stores has brought innovation to the table, it also creates challenges for businesses and customers alike. 

E-commerce Growth and Age Verification

E-commerce platforms sell various products and services to a wide range of audiences. Where healthcare, electronics, and clothing stores are all over the internet, purchasing these items are not harmful in common. Today, e-commerce vendors can sell items like alcohol and tobacco, which in an offline setting, requires the buyer to be an adult or accompanied by a grown-up.

Merchants providing age-exclusive services have the social and ethical responsibility to safeguard children from consuming age-restricted products and take precautions when selling them to online customers, just like at a physical store. Age verification helps online vendors to deliver age-appropriate services to consumers. 

growth

Why is Age Verification Significant?

Consumption of age-limited products which are sold over online platforms could have a bad impact on the mental and physical health of minors. What happens if an underage gets their hands on illegal drugs or a subscription of an adult-themed magazine or online platform? It has a bad influence on their personality and could have adverse effects on their health condition. This is when verifying age over e-commerce platforms becomes increasingly important to ensure minor protection. 

Age verification checks at these particular e-commerce stores can prevent inappropriate products and services reaching children below the suitable age limit. A secure age verification software integrated with an e-business website not only helps enterprises to be compliant with modern online safety regulations, but also provides better opportunities for parental control. 

Risks in the E-commerce Sector

Online scammers employ different ways and means to steal the identity of genuine users to commit payment fraud. From compromised credit card credentials to imposter websites and synthetic identities, fraudsters get the better of consumers. Apart from this, children themselves are not capable of deciding if a platform is secure and often end up giving their information to a potential scammer. The identity of minors is comprised the moment they open an imitation website intended to trick people and submit their payment details including credit card pins, address and other personally identifiable information like name, bank account number, etc. 

payment fraud

The reason child identity theft is so common on the internet is the lack of age authentication frameworks. As a result, these websites and organizations have to face serious consequences in the form of non-compliance penalties which ultimately lead to compromised brand image. A few of the challenges and risks associated with e-commerce platforms are discussed below: 

Chargeback Costs 

On average, from the total number of chargebacks filed, 86% of them are cases of friendly fraud. Usually, fraudsters order a product or buy a service online, use it for one or two months, and then claim that they didn’t make the purchase, which is in fact a chargeback fraud. The merchant or service provider receives the requests and has to return the amount in most cases. This way, cybercriminals defraud e-commerce businesses at a slow but steady pace. 

Although chargebacks are not practically illegal, fraudulent claims can result in severe penalties to the cardholder requesting the reversal. In the case of minors, when purchasing online goods without the consent of their parents, the scenario is different. Minors can easily buy their favourite video game on the web, which has a decent amount of violence and R-rated content, using their parent’s credit card. Since payment card authentication is only limited to details provided on the card, they are not a great means of validating user age. Credit card authentication with age verification offers added protection for minors and helps businesses cut on chargeback costs. 

Identity Theft 

The most common type of fraud over the internet is performed through stolen identities, and e-commerce platforms are no exception. As of July 2020, almost 4807 identity theft cases have been reported, according to the Federal Trade Commission. The compromised details are then used to either take over existing accounts or make up synthetic identities by using the stolen information and combining it with made-up credentials. Identity theft fraud is usually carried out through phishing emails containing suspicious links, data breaches, or misplaced social security cards and driving licences. 

E-commerce platforms are a sweet spot for criminals to pursue their illicit motives by claiming personally identifiable information of other users and buying products and services with them. Lack of proper age verification mechanisms make e-stores a potentially harmful platform for minors. 

Child identity theft is a growing problem since stolen Social Security Numbers (SSN) of children are used to create synthetic identities, which are then used to get credit credits, and avail other illegal benefits. Fake payment gateways at malicious e-commerce websites result in compromised SSNs. 

Fake Affiliate Programs

Many online vendors are unaware of affiliate fraud in which dubious actors make up false customer acquisition by manipulating their e-store traffic. These platforms often end up as places for performing illicit criminal activities since they are infiltrated by fabricated identities. Affiliate fraud can take the form of spam emails, multiple refreshing of web pages, and integrated pop ups appearing on e-commerce websites. Age verification systems provide a solution to verify and protect minors from these false platforms and being a target of child identity theft. 

Obligations for Online Sellers

Online sellers of any type of products should provide services which are suitable and appropriate for their audience. E-commerce companies operating in the sector have certain financial obligations imposed by regulatory authorities which they have to follow. 

The level of risk associated with the product usually determines the age verification law which is applicable to it. For instance, the GDPR allows the minimum age of consent to be between 13-16 in the European Union States and imposes a penalty of $22.5 million in case of non-compliance. 

Similarly, the minor protection law in the US known as COPPA has a penalty of $43,280 against the offender. Having proper age authentication gateways at online shopping stores could help businesses avoid hefty sums paid in fines.

Brand and Business Credibility

As a result of not following global age verification laws, a business could get in serious trouble. Not having proper means to restrict age-limited content and products to children can notoriously defame an organization, and become a cause of e-commerce fraud. A drop in the brand credibility hurts its market reputation in terms of both customer loyalty and acquisition which can affect business operations in the long run.

Just like other online enterprises, e-commerce platforms have the corporate social responsibility of taking adequate age verification measures to restrict buying and selling of age-exclusive products by minors.

Download

How Shufti Pro’s Age Verification Helps

Online age verification is of prime importance when it comes to minors using online services. Shufti Pro’s solution for age verification assists e-commerce platforms to verify the age of their customers in light of international guidelines issued by regulatory departments like the EU, FDA, and FATF. Our age verification solution provides a foolproof mechanism to determine the exact age of an individual by taking into account authentic ID documents and a facial proof of identity. 

Using Artificial intelligence, Shufti Pro checks for potential manipulations in documents to take down identity theft which is a common issue for e-commerce stores. Merchants selling age exclusive products online can comply with online child safety guidelines using Shufti Pro’s age verification services with a single API integration with their e-commerce platform. 

Check out our age verification services here.

blogimage

Top 10 Cybersecurity Trends for 2021

Cybersecurity in 2020 became the biggest challenge thanks to the COVID-19 pandemic. Global lockdown led to digital means of communication and the majority of business operations also took the virtual road. Technology is rapidly evolving and changing the way businesses operate. Cloud computing, Artificial Intelligence, and the Internet of Things (IoT) are unlocking new opportunities for businesses. Unfortunately, advanced technology is not only helping us streamline all the operations, but it is also assisting fraudsters in achieving their malicious goals. They are using AI to develop better strategies for hacking, data breach, account takeover, identity theft, ransomware, malware, and Distributed Denial of Service (DDoS) attacks. Cybersecurity threats are continually increasing and 2021 has some surprising cybersecurity trends in the pipeline. 

Eager to know about the 2021 cybersecurity trends? Read this blog to find out the top 10 cybersecurity trends.

blogimage1

Cybersecurity Trends for 2021

Given the rapid boom in digitisation in 2020, we can expect some deadliest cybersecurity trends in 2021 as well. Let’s take a look at some of the most predicted cybersecurity trends that we are expecting next year. 

On-Premises Solution for Enhanced Security 

Vendor breaches and third-party cybersecurity threats have significantly increased over time. Cloud storages are also vulnerable to threats without robust security measures. To make sure data is not accessible to third-parties, organisations will greatly focus on better substitutes of out-sourced solutions such as on-premises solutions for customer verification. Customer onboarding processes will experience more automation in the future, as on-premises IDV solutions will be in demand due to rising threats of data breaches. Using an on-premises service for verification and customer onboarding is what we can expect in 2021.  

Suggested: The Future of Customer Onboarding Post-COVID-19 Pandemic 

AI-Based Solutions to fight Cybercrime 

Phishing attacks, data breaches, identity theft, and synthetic identity fraud are some of the rising cybercrimes that have been threatening businesses for a very long time. Unfortunately, the advent of technology has made these cybercrimes more sophisticated. Nevertheless, AI-powered solutions for customer verification, fraud detection and prediction and automated data management will be in demand. AI-based customer verification solutions will help fight deep fakes, while fraud detection solutions help identify fraud risk in advance, on the other hand automated data management will be adopted to enhance cyber security and reduce data breaches that happened due to human error. 

Zero-Trust Network Access (ZTNA)

Virtual Private Networks (VPNs) were widely used by organisations to secure networking for remote working employees. Due to the pandemic, VPNs became an inadequate option for companies since every employee had to work from home. Zero-Trust Network Access (ZTNA) has emerged as a secure option during the pandemic and in 2021, the majority of the organisations will opt for ZTNAs to keep control of the remotely accessible applications. 

Better Security Measures for Remote Working 

Since work from home is becoming the new normal for many companies, the need for protecting employees and the information has become the need of the hour. The pandemic has changed the way businesses operate. Verifying employees during remote hiring will be an emerging trend to make sure fraudsters disguised as employees are not hired. Moreover, securing the remote working option will demand extra efforts from companies in terms of identity verification and transaction monitoring, especially in the finance sector. 

Blockchain will be Used for Cybersecurity 

Blockchain has become one of the widely used methods of transacting in the digital world. The technology will soon become the primary means of cybersecurity in different sectors across the world. With its right implementation, many new cybersecurity solutions can be invented to help secure businesses. By creating a standard security protocol, blockchain can secure messaging apps like Facebook. On the other hand, blockchain can also decentralise the administration in devices or systems that can result in secure IoT. 

Multi-Factor Authentication for Security

The trend for multi-factor authentication as a cybersecurity measure will increase in 2021. Mid-sized companies utilised this method of cybersecurity in 2020, but the use of multi-factor authentication will expand over all types of companies; from MNCs to startups. Why will every organisation emphasize so much on cybersecurity in 2021? The remarkable increase in data breaches is the major reason. Only in the US, 540 data breaches were reported in the first half of 2020 according to Statista. Global numbers are yet to be disclosed. Multi-factor authentication is a complex process that has added layers of security including biometric authentication and SMS-based authentication.

blogimage2

Phishing Attacks Will Rapidly Increase  

Phishing attacks are social engineering activities meant to illegally acquire information of individuals and use it for illicit activities. The attacker sends emails with naked links that redirect the user to a new page. Here, individuals are requested to submit their personal information. As soon as the process is complete, the person is left with no money in their bank accounts or a stolen identity that is used for money laundering and other crimes. Unfortunately, businesses have also become the target of fraudsters and Business Email Compromise (BEC), spear phishing, and whaling are some of the phishing attacks targeted at business entities. The trend of targeting the corporate world through phishing will significantly increase in 2021. 

Learn more: Phishing Attacks and the Role of Two-Factor Authentication 

Coercion – The New Method of Ransomware 

Previously, criminals threatened victims’ relatives and close friends for the sake of money. Today, coercion has also digitised. Fraudsters threaten the victim for harming their close friends and family for the sake of information or money through digital means. Ransomware will increase in 2021 and coercion will be the new method of ransomware attacks. 

Replay Attacks Will Gain Popularity 

Digital replay attacks are also expected to grow in 2021. In a replay attack, fraudsters submit the same information with minor changes multiple times during the identity verification process. It gets difficult for the company to identify such attacks because conventional methods of verification involve humans for the process. It is nearly impossible to identify documents submitted multiple times with minor edits. For instance, the fraudster might submit the same ID card thrice by changing the date of birth and expiration date. 

Recommended: Replay Attacks – Another Rising Threat for Businesses in 2021 

Data Breaches will Continue to Increase 

Data breaches have been a threat for businesses for a long time. Unfortunately, data breaches have taken new forms and enhanced cybersecurity measures are essential for companies. Cybercriminals illegally gain access to a company’s database and violate confidential information. The information acquired can be used for identity theft, synthetic identity fraud, account takeover, ransomware, and various other illegal activities. Since online forms of working and collaborating have increased in 2020, we can expect a higher number of data breaches next year.

Summing It Up

Cybersecurity has become the major target of businesses these days. Due to the coronavirus pandemic, all sectors focused on virtual means of operations. Unfortunately, cyberattacks significantly increased this year. Now, predictions for 2021 are not good either and cybersecurity measures must be more robust to protect enterprises. Companies need robust digital identity verification solutions so that legitimate customers are on board only. Lack of such mechanisms will result in more data breaches, ransomware, and identity theft. Moreover, every business is likely to adopt multi-factor authentication to make sure nobody gets illegal access to company’s confidential information. Lastly, employing on-premises identity verification solutions can help your company prevent data breaches through vendors. 

Want to know more about on-premises service? Get in touch with our experts now.

brexit

Brexit to Change Sanction and Money Laundering Regulations in 2021

In 2016, the United Kingdom decided to part ways with the European Union (EU). After its preparation for a future without being a part of the EU, companies operating in the United Kingdom are concerned about sanctions. December 31, 2020 is the last day for the United Kingdom to decide if it’s a deal or no-deal brexit. The UK was in a transition period which is also about to end with 2021 just a few days away.  The decision is not yet clear, raising millions of concerns every day. 

The particular concern of all organisations is sanctions and KYC/AML regulations that will greatly impact them. Parting ways with the EU will not only change the UK’s identity but it will also reshape the future of regulations. December 3, 2020 was the last date to enforce the sixth anti-money laundering directive (6AMLD) by the European Union, but what will the UK do after deciding an independent future? Being no longer a part of the EU means the country needs its own rules and regulations. For the same reason, the Sanctions and Money Laundering Act 2018 will be enforced in the country. 

Sounds great, but how will companies manage cross-border trade with the EU states? There are numerous questions that lack answers. However, we have managed to gather information that might suffice for your needs. Read this blog to know the impact of Brexit on KYC/AML regulations in 2021. 

Brexit Impact on KYC/AML Compliance

The EU announced 6AMLD to be imposed latest by June 2021. Given the rise in criminal activities due to the pandemic, the directive was imposed in December 2020. Currently, the UK has to follow the directive, but this will end as soon as the transition period ends. What next? In 2021, the Sanctions and Money Laundering Act of 2018 will be enforced. The Act also states the majority of the points that EU’s 5AMLD mentions. 

Following the end of the UK’s transition period, it will be referred to as a third country. Due to the fifth and sixth AML directive, there are high standards for mitigating potential risk involved in transactions and other business relationships. Enhanced customer due diligence checks are mandatory for dealing with third countries. So, businesses in the UK have to undergo EDD checks to deal with the EU members. However, the procedures are likely to become more cumbersome in the future. 

No Deal Brexit and Money Laundering Laws  

No-deal Brexit means the United Kingdom and European Union are not on the same page for the agreement. This is not good news because stepping out of the EU makes the UK a third country and there is no going back. 6AMLD is not a major concern for the country because the 2018 Act already complies with the majority of laws mentioned in the sixth AML directive. For certain money laundering offences, regulatory authorities in the UK have announced 14 years of imprisonment, which is more than what 6AMLD imposes. 

infographic

Highlights of the Sanctions Act 2018

Since the Sanctions and Money Laundering Act of 2018 will be enforced in the United Kingdom, here are some of the main points of the Act that might interest you. 

  • The UK will continue to implement UN sanctions to meet foreign policy objectives and national security. 
  • Ensure updated anti-money laundering and counter-terrorist financing measures.
  • Assist enhancements in the UK’s domestic security and comply with the international standards. 

Role of Companies in Complying with New Laws

Brexit is not only a way of choosing separate ways for the UK, but it will have a serious impact on businesses too. The corporate sector is bound to suffer from the consequences. The plethora of changing regulations is the worst change of all. Businesses have to reconsider their KYC/AML compliances. Adopting the 6AMLD is an easier choice for businesses in the UK.

Since businesses are confused about which regulations to follow and which one to pass, fraudsters are working day and night to find a loophole in this situation and execute their malicious plans. To reduce the uncertainty, new Sanctions List and OSFI Consolidated Lists should be used for screening from January 1, 2021. Companies can figure out better ways to comply with these regulations and ensure robustness of the KYC/AML solutions

How Can Digital KYC/AML Solutions Help? 

Businesses operating in the EU and UK have to face a lot of problems in their Know Your Customer (KYC) and Anti-Money Laundering (AML) systems. Due to differences in rules and regulations after Brexit, the UK has to follow the Sanction Act 2018 while EU states will continue to follow the 6AMLD. Both the laws have different sets of rules and regulations that might make it challenging for businesses to perform seamless customer onboarding checks. Fortunately, digital AML/KYC solutions have been satisfying business needs for a while now. No matter which laws a state has enforced, digital AML screening and e-KYC ensure that your business complies with the regulations. 

Brexit will be a game-changer for the EU states and the UK. Before things go out of hand, it is better that digital KYC and AML screening solutions are utilised. 

Read more about KYC: A Comprehensive Guide to KYC and AML Compliance in the UK

It All Narrows Down To…

The United Kingdom’s decision to part ways with the EU has greatly impacted different sectors of the country. All the companies are concerned about the uncertainty brought by changing regulations in the country. Financial criminals are figuring more sophisticated ways for their malicious intentions and loopholes in the regulatory system will bring ease for criminals. However, the corporate world can employ robust KYC and AML systems backed by AI models. No matter what sanctions list or regulations the country follows in 2021, digital KYC/AML checks can assist businesses in complying with laws. 

Talk to our experts and know more about digital KYC/AML solutions. 

onsite-age-verification-blog-image-01

Age Verification: Use Cases, Significance and Regulations

This pillar post talks about the significance of digital age verification, how it works, what are different rules and regulations regarding minor protection in different parts of the world, and its use cases in various industries.

Easy to access digital services and products is commonplace these days. According to a survey in 2015, almost 1.46 billion consumers bought goods over the internet, and the number is expected to rise by 46% by the end of 2021. In the current setting of the COVID-19 pandemic, people are moving towards cashless payments and prefer to shop more online to practice social distancing. Where the influx of numerous customers creates better opportunities for online businesses, it also creates a number of challenges.

Today, in the digital space, minors have easy access to age-restricted content over the internet. In the offline world, where minors are not allowed to enter an alcohol or tobacco shop, buying goods online is a completely different story. According to Javelin Research Group, more than one million minors in 2017 fell prey to online identity theft resulting in a $2.6 billion loss with almost $540 paid by the families. 

In 2017, almost a million children were a victim of identity theft, says Business Insider. Since children are vulnerable to violent and adult-exclusive services, and due to the rise in their demand, verifying age becomes increasingly important.

Age verification solutions not only help to deliver the right content to consumers but are also a good bet when it comes to business entities. Age verifiers help limit underage access to non-consenting transactions which result in chargebacks from parents. The presence of a digital age verification system prevents this from happening since it encourages adults to use services catered for them and limits children.

Digital Age Verification vs Manual Age Checks

Since the advent of adult-oriented services, verifying age has become a common practice. Tobacco and alcohol stores do not allow minors to enter since it is illegal for them to buy and consume these products. According to regulations by the Food and Drug Administration (FDA), the minimum age for buying and selling of tobacco products is 18. The restrictions on these products make it illegal to sell them to underage minors. These laws can perfectly work in an offline store where the physical presence of a person makes it easy to assess their identity and age. When it comes to online stores, the problem becomes more challenging. 

Without a doubt, the same minor protection rules are applicable to digital businesses as that on a physical store. The situation becomes alarming when it comes to the digital space because most vendors just ask for a username and password to provide access to their services. There is an immense need to protect minors from engaging in these platforms since consuming these products can have a bad influence on them. On the brighter side, online age verification methods have seen a constant evolution with the advent of intelligent solutions. 

Today, knowing the proper age of a customer has become relatively easier with the development of biometric technology and intelligent solutions for identity verification. Today, secure age verification solutions are backed with AI and machine learning to smartly identify if a person behind an account is a grown-up or a minor.  

How Digital Age Verification Works

Age Verification solution by Shufti Pro helps businesses onboard legitimate customers for login and transaction authentication while saving them from fraudsters and preventing children from being a victim of identity theft. Shufti Pro’s online age verification process consists of four steps which are listed below:

Submit Date of Birth

The end-user submits details including name, and date of birth through an online form provided by the system.

Upload Document

The user uploads a photo of an identity document such as a government-issued ID card, driving licence or a passport and submits it for verification.

Extracting Identity Credentials

The age verification solution extracts relevant details like the date of birth and name using OCR and performs document authenticity checks. 

Verification and Dispatching Results

Upon successful verification of the details and document originality, the secure age verification procedure is complete and the end-user is verified or declined on the basis of the provided age verification threshold. 

Shufti Pro’s age verification solution is driven by artificial intelligence and cross-checked by human experts. Our services also help online businesses comply with global age verification laws such as the GDPR, FFDCA, NVP, COPPA and the Gambling Act of UK.    

Shufti Pro age verification service is approved by the German regulator KJM by cross-checking against legal and technical requirements. This shows that the solution provided by Shufti Pro is reliable for media distributors in Germany to perform age verification.  

Global Age Verification Regulations 

Legal approaches towards secure age verification vary with respect to different regions of the world. But, all of them focus on parental control and minor protection guidelines. The primary purpose is to make parents aware of appropriate services for their children and obtaining their consent. This section discusses various age verification regulatory frameworks for major countries.

Age Verification in the UK

The UK government in 2017 made a resolution to make the country a safer place for children. In recent years, new laws came into effect to limit easy access to age-restricted products and services. Age verification in the UK became streamlined with the advent of the Digital Economy Bill. The purpose of this law was to restrict the consumption of content inappropriate for younger audiences more effectively. 

A study by the British Board of Film Classification (BBFC) shows that 82% of AO-websites do not provide any type of age barrier, and 89% of them which did, allow access with just the click of a button. The Byron Review approved in 2008 focuses on restricting potentially harmful content by service providers on commercial platforms. It focuses on providing e-safety, and parents with a sense of satisfaction about their children engaging with new technology.  

The online age verification provider, interactiveAgeCheck (iAC) responsible for minor protection was developed by CitizenCard which is the UK’s biggest photo-ID and age verifier organization. It takes into account the recommendations by the UK Council on Child Internet Safety (UKCCIS) which reports directly to the Prime Minister about the status of minor protection in the country.

Age verification in UK and Europe

Age Verification in Europe

The General Data Protection Regulation is issued by the European Union and applies to citizens living in the EU states. It states guidelines for the collection of personal data of consumers including biometric, health and genetic information. The GDPR’s Article 8 allows the age of consent to be set between 13 and 16 by the member states. This means that anyone in Europe over the age of 16 is legally allowed to consume age-restricted products and services. 

Another age verification framework known as the Pan-European Games Information (PEGI) is the age classification system for the gaming industry in Europe. Used by 20 out of the 27 EU states, it is approved by more than 200 industry members. 

Age Verification in the USA

The Federal Trade Commission’s minor protection law, COPPA, also known as the Children’s Online Privacy Protection Act is one of the most significant laws for online child safety in the United States. It determines how companies collect and process information related to children below 13. Complying with these regulations are not only limited to displaying age-restriction warnings or integrating an age verifier which can be easily avoided by clever minors with the click of a button and lying about their age.   

The Cellular Telecommunications and Internet Association issued guidelines on restricting carrier content not suitable for younger audiences. It defines different content rating standards so that parents can know what is suitable for their children and what not. According to CTIA, for each content provider in the industry, age verification mechanisms are essential in determining the type of audience for their services. By using internet access controls provided by major carriers, consumers can limit access to specific websites using filters or completely block them to protect minors from viewing inappropriate content. 

The Master Settlement Agreement which came into effect in 1998 restricts marketing of tobacco products and services to the public audience which also includes underage minors. Tobacco companies, according to this law, are bound to age verify a customer before selling them products or marketing their services. The motion picture industry in the US has also developed a set of standards to regulate the viewership of violent and AO-content. Production studios like Sony, Universal and Paramount provide an age-restriction warning in the form of a red-band trailer for mature audiences.  

Age verification in USA and Australia

Age Verification in Australia 

The Australian Communications and Media Authority (ACMA) in 2008 published new guidelines to prohibit access to age-restricted content under the MA15+ and R18+ content rating standards. These regulations are applicable to anything aired from Australian media or hosted on TV channels within the country. The Broadcasting Services Act of 1992 played a vital role in the development of this regulatory framework. 

Corresponding to the Restricted Access Systems Declaration of 2007, these rules address content providers to take adequate measures for age verification. For each content rating group, these rules provide a different set of standards for consumer verification. The MA15+ guidelines require:

  • A warning message that this content is MA 15+
  • Safety information for parents to protect their children who are below the age of 15          

The R18+ guidelines address the following concerns:

  • Warn about the risk of using proof of age by another person or someone who is not eligible according to their age
  • Take into account which evidence is provided and how it is presented

Industry Use Cases of Age Verification 

Online age verification is widely used across many industries because of its significance in delivering age-oriented services to proper audiences. To highlight the importance of age verification solutions, its use cases in different industries are listed below:

Age Verification for E-Gaming 

The eSports industry is worth 776.4 million US dollars and is estimated to top $1.6 billion with the end of 2023. According to Newzoo, there are almost 2.7 billion gamers around the globe and the number is growing exponentially. Where the gaming industry is home to millions of players, it has its fair share of challenges. Providing age restricted games to the appropriate audience is significant since they can negatively affect children.   

Poker

A form of gambling, also called poker, is an online game which is played with cards. Because of its appealing nature and the ability to make instant money, e-betting and gambling are widely popular. The total revenue of the industry is around 647.9 billion US dollars and will increase at a rate of 5.6% from 2022-2027. Unfortunately, many minors also engage in these platforms to throw some cards to win a bet. 

The UK Gambling Commission states that almost 400,000 youngsters in the country regularly perform e-betting activities without consent from their parents. Most individuals taking part in gambling are aged 11-16 which is even more disturbing. Poker websites need to adopt robust mechanisms to confirm the age of players before allowing access to their platforms. Age verification checks at these sites could help prevent minors from falling prey to a bad habit of gambling.   

R-Rated

Video games involving adult themes, violent expressions, and hard language are categorized as R-rated. This type of rating is given to content only appropriate for a selected type of audience and minors playing these can corrupt them. A survey by Statista shows almost 41% of video games in the US are labelled as mature and teen-rated, in 2019. The ESRB and PEGI rating systems provide information about parental guidance and games which are suitable for users. Since these types of games involve strong content, age verification becomes a need of the hour.   

Age Verification for Tobacco & Alcohol E-stores

The World Health Organization shows alcohol consumption kills almost 2.9 million people annually and the number is significantly on the rise. Tobacco products like cigarettes and vapes are not legal for children to consume in public. The National Minimum Drinking Age Act of 1984 declares 21 as the legal drinking age, although not all states in the US comply with this regulation. Buying an e-cigarette or a bottle of wine online is not an uphill task any more with digital services. 

The global vapes market is expected to grow at a CAGR of 15% during 2019-2024 and this means more minors would be attracted towards it. Since minors can now buy alcohol/vapes using their parent’s payment cards, online age verification on these platforms has become more important than ever. This way, clever minors can no longer trick robust age verification checks. 

Age Verification for Cannabis Industry

Due to legal restrictions imposed by regulatory authorities in the past, cannabis was imported through smuggling and other illicit activities. With its usefulness in the healthcare sector, the marijuana industry is legalized in most parts of the world. By the end of 2027, the cannabis industry is estimated to reach 73.6 million US dollars, states PR Newswire. 

Unauthorized vendors selling over-the-counter drugs to underage minors pose the greatest threat to industry laws and regulations. Due to the rise in these activities, stringent laws came into effect from the banking industry providing its services to cannabis vendors. Age verification solutions were proposed to mitigate the unlawful import and selling of cannabis products to protect minors from getting harmed.

Growth-rate-of-age-restricted-industries

Age Verification for E-commerce Platforms

A staggering 2.14 billion people are expected to shop online goods and services by the end of 2021. While it has brought new innovation to the table, age-exclusive e-commerce sites also create unforeseen challenges. A few examples of these digital products include alcohol, dating apps, e-cigarettes, and subscription of adult-themed online content. Merchants of these services need to make sure they are using proper ways and means of verifying consumer age, otherwise, they have to face serious consequences and penalties. 

Payment Cards

Today, children can easily bypass self-check and payment card authentication procedures required to buy online products. Since minors themselves aren’t eligible to purchase and consume these items, they use their parent’s credit cards to authenticate payments, and that too without their consent. Since children are not mature enough to know about an authentic platform, they often end up handing their details to a potential fraudster through an imposter website, which leads to a credit card or card-not-found fraud. 

Chargeback Fraud

On average, chargeback fraud costs will account for 25 billion US dollars by the year 2025, according to Precognitive. In the world of digital transactions, credits cards are common these days. Online scammers use them as a source to carry out chargeback fraud which results in a hefty loss to digital businesses. In this type of crime, the fraudster buys online products, uses them for some time and then claims a refund against them. The bank then requests the relevant service provider to issue a refund to the customer. 

A similar type of chargeback happens when parents claim their child did an online purchase without their consent. Not to be confused with a false claim fraud, this is a genuine reversal request, but it equally affects the business in terms of loss. Proper age verification checks at e-commerce platforms can prevent minors from buying age-exclusive products, and eventually reduce chargebacks for an enterprise.   

Account Takeover

These days, you won’t find an e-commerce platform where you enter payment information every time. Online shopping websites provide their customer with the utility of saving their profile information, payment card details and purchase history. Comparitech in a study states that during the past year account takeover fraud on e-commerce platforms grew 282%, which is a big blow to the industry in terms of fraudulent attacks. These payment details often misplaced by minors on fake websites and malicious mobile apps make the situation worse. 

An age verification solution for the e-commerce industry can significantly help in identifying the age of the consumer to prevent multiple chargebacks, account takeover fraud and minors from misusing their parent’s credit cards to perform unauthorized transactions.  

Risks of Lacking Age Verification Checks

The absence of an age authentication mechanism could result in non-compliance penalties and a drop in market reputation for offline and online businesses alike. Generally, the perceived level of risk involved determines the level of control and application of the regulatory framework. For instance, 

State departments and regulatory authorities enforce age verification guidelines for minor protection and content distribution. Lack of Age verification checks leads to consumption of adult-exclusive products and services by the underage population. Some risks of not having proper age verification mechanisms are listed below:

Compromised Market Reputation

Good business practices are all about providing customers with the best possible experience. A Customer Thermometer survey indicates 13% of consumers are willing to pay 31-50% more if they are provided with a good onboarding experience. User satisfaction plays an important role in building loyalty of the customer and a good reputation for your brand. Not investing in an age verification software could hurt your business in terms of both negative brand image and non-compliance costs. Since the absence of age verification checks directly corresponds to easy access to age-restricted content and services, they put minors at the risk of being exposed to inappropriate material. 

Non-Compliance Costs

The GDPR applies to all kinds of vendors and organizations regardless of the type of products and services they offer. The purpose of this regulation is to ensure privacy and secure record-keeping of personal data of users. This framework is equally important when verifying the age of users during customer onboarding procedures. GDPR being rigorous in nature imposes hefty fines ranging from $22.5 million US dollars to a maximum of four per cent of the annual global income of the company. 

Till June 2016, the minimum penalty for not complying with COPPA was 160,000 US dollars, which was increased up to 43,280 US dollars per violation. With this change, minor protection incentives were reinforced to provide better compensation to the victim and deliver a strong message to the defiant party. 

Financial Loss

Online businesses can reduce friendly fraud resulting in chargebacks by parents against the non-consenting transactions performed by their children. An age verifier integrated into a platform or an application can check for age and other identity information of a person which regulates the use of age-restricted products and services, ultimately preventing chargeback costs for the business. Online age verification provides an all-in-one solution which is far better than self-verification, manual age checks by humans, and checkboxes to confirm age on websites, saving business a great deal of money.

Conclusion

To wrap up, age verification is the need of the hour to protect the young generation from the adverse effects of age-restricted goods and services. Merchants have the corporate social responsibility to secure minors and to restrict their access. Online age verification is one of the most seamless and cost-effective methods to practice age verification protocols. 

Shufti Pro’s age verification services allow easy onboarding of customers in a wide range of industries including online gaming, e-commerce, tobacco, alcohol and cannabis. By ensuring minor protection in light of global regulations, we offer merchants of age-exclusive products to use our services with a single API integration. 

At Shufti Pro, we also provide a 15-day free age verification trial of our services for the prospects, to get a first-hand experience of the services we offer, including document verification, biometric authentication, and face verification.

Want a walkthrough of our age verification services?

More posts