Blog

KYC screening vs One time passwords – what’s good for your business?

  • James Efron
  • February 11, 2020
  • 7 minutes read
  • 1317
blog_image

Customer due diligence sometimes tests the nerves of strategists and compliance officers. With multiple entities to cater to and several laws to fulfill, the businesses always have their hands full when it comes to due diligence. 

The KYC regulations are becoming more stringent with every passing day crushing businesses under regulatory obligations, so the business entities are always in a bid to satisfy the minimum regulatory obligations, but is it enough? Regulatory authorities are now demanding more than fulfilling minimum regulations obligations. With EU’s 5AMLD and 6AMLD, KYC/AML laws are demanding corporate responsibility from reporting entities so one time KYC screening is no more enough. While non-compliance leads to fined worth millions of dollars. Research by KPMG found that banks have paid more than $300 billion fines since 2008

Generally, businesses perform KYC screening only at the time of customers onboarding and stick to passwords and pins for the rest of the customer journey. Given the tarnished reputation of security provided by passwords, experts are considering new mechanisms to verify their customers at different touchpoints during their journey. One time password is in the limelight given its disposable nature. On the other hand identity verification solutions also called KYC screening solutions are becoming famous due to strong security they offer. But the question stays, what is good to practice efficient KYC compliance and risk prevention without sacrificing customer experience. 

KYC screening vs One Time Password (OTP) 

Before we dive into the depths of these two trending technologies, let’s check the basics. 

KYC screening solutions use artificial intelligence to authenticate the identity of customers by verifying identity documents. It detects personal information of a customer from his identity documents through OCR technology and verifies it by matching with the information provided by the customer. The document is also checked for authenticity and default format. Results are given within seconds.

On the other hand, One Time Password (OTP) provides the user with a temporary password generated by random algorithms. The password expires within a few minutes and the user can request multiple passwords if he enters the wrong password. 

Whenever choosing a system for compliance or risk prevention the hopes are generally high with regard to the results. Now that we know the basics of KYC screening and OTP, let’s see what suits your security needs. 

Fraud prevention

The main goal behind all the compliance hard work and long compliance processes is to prevent fraud (fake identities, credit card fraud, online shopping fraud, etc.). So it’s important to note if the two options offer the foolproof security needed on your platform. 

OTP relies on the complexity of the overall security measures and the number of security layers in it to fight common frauds. On its own, the OTP doesn’t offer high-security levels. In case there are multiple security layers such as passwords, biometric authentication, etc. only then OTP is reliable.  A research paper published at the 20th Pan-Hellenic Conference on Informatics states; 

“There’s an absolute correlation between the complexity, number of security levels and the final outcome of the systems. As long as the researchers introduce new layers of security measures, they increase the complexity and fortify the scheme against any number of attack methods.” 

In contrast, the KYC screening solution proves to be a one-man army for fraud prevention through customer’s identity screening. Only a few other security measures such as transaction monitoring and firewalls along with KYC screening are enough to significantly reduce fraud on your platform. 

Cost 

Cost is the primary concern when choosing technical solutions. Maintaining a compliance department and other operational costs of compliance are already very high. A report revealed that financial institutions spend an annual $270 billion on compliance.

On the basis of cost, OTP and KYC screening solutions are in a neck to neck competition if you just see the numbers. But if we see what you receive in return for one dollar, KYC solution has more to offer. OTP solutions cost less than one dollar for one message sent, and the charges vary in different countries. But this cost is only for one single code sent to the customer. 

On the other hand, KYC screening solution also costs less than a dollar per verification, but a single verification is enough to verify that the original person is performing the verification and not an imposter. The ID card screening along with face verification ensures that a real person is making the verification. An enterprise can verify the identity document and name of the customer along with biometric authentication all under one dollar per verification. So if we look at the ultimate benefit generating from each dollar (or less) that you pay per verification, KYC screening solution delivers more value. 

Reliability 

There is no doubt that OTP covers for the loopholes generated due to lack of security in passwords, but what about identity theft and device theft. OTP provides a cover for passwords frauds, account takeover fraud, while KYC screening provides a strong risk cover against identity theft, device theft, credit card fraud, and the two mentioned earlier as well. 

So KYC screening is more reliable if you plan to cover for all the risk coming with your customers, you can’t disown your customers due to associated risk so verify them every time you allow them to log in.   

Customer experience

Great customer experience and a well-planned customer journey is a primary competitive edge. Accroding to PWC, 63% of U.S. consumers say they’d share more personal information with a company that offers a great experience. This shows that better customer experience will lead to efficient KYC compliance and fraud prevention.

Customer experience is good in both KYC solution and OTP. OTP sends the password to customer’s mobile phone which is generally in the reach of customers while KYC screening solution is also performed in real-time through mobile phones or computers. 

But if you plan to get more for less, KYC delivers a better customer experience as more is done with one verification and it just takes a few seconds. Compliance and fraud prevention are achieved with KYC screening solutions. So the customers don’t have to go through a separate KYC screening process every time if he/she is verified at the time of login. 

Compliance burden 

KYC screening shares more of your compliance burden as compared to OTP. KYC screening solutions are designed to share the customer verification burden aligned with KYC regulations. On the other hand, OTP is just a fraud prevention tool and lacks in providing the security measures obligatory for compliance. 

KYC compliance requires to verify the customer at every login or when the customer makes transactions of certain amounts. And that screening is to be conducted through a legal identity document and not a password because passwords are no more secure. 

To wrap up, KYC screening solutions and OTP both are used as fraud prevention tools, but KYC screening solutions have more to offer. It helps you achieve efficient KYC compliance and fraud prevention with one API integration and also there’s no need to hire hundreds of employees for compliance obligations. The world is moving towards automation and it is high time businesses must make smart decisions to perform multiple tasks with one solution.