Rising Social Media Scams in 2020 Calling for Digital Identity Verification

Rising Social Media Scams in 2020 Calling for Digital Identity Verification

Learn more

Social media was a simple place for interaction a few years back. People valued it for its security and anonymity, but unfortunately, 2020  faced the opposite side of what was expected from it. Social media is not just a place to keep children busy with cartoon videos now. 

Social media is a big industry that provides a smooth networking space for everyone. On the other hand, it is also unknowingly facilitating the proliferation of spams and trolls. Harassment cases and scams are significantly increasing. But why are scams on social networking platforms drastically increasing? A freehand and lack of a robust verification system is the main reason. Everybody can join these platforms with fake social media identities. 

According to 2020 statistics, there are 3.5 billion social media users and a significant number of profiles are created with fake names and documents. These accounts threaten other users with hacking, social media identity theft, and other cybersecurity issues. Spammers have thousands of fake profiles that become an obstacle for legitimate users to interact and expand networks. Furthermore, fake posts and junk advertisements do nothing more than diverting attention and manipulating the thoughts of innocent users.

Professional networking sites like LinkedIn are also not secure since fraudsters post fake job ads to attract desperate job seekers. The increasing scams on social media have led to plenty of government regulations for the security of the users and their identities. However, the authorities cannot blame someone without getting their social media identities verified in the first place. 

Some Facts and Figures

This section gives an overview of social media usage and its penetration at a global level. In recent years, social networking applications have shown a clear shift towards handy devices such as mobile phones and tablets. Easy access to these platforms, therefore, have increased the usage via mobile devices. Social media is one of the most defining phenomena of the present environment that is reshaping the entire world. Statista shows that the global social penetration rate has reached about 45%. Among these, North America and East Asia have the highest penetration rate i.e. 70% and Northern Europe with 67%. Also, in the future, this percentage does not seem to go down anyhow because the survey shows that the number of expected social networking platform users in the United States would be 257.4 million by 2023. 

According to a research paper by IEEE published in 2019 named “Cyber Security in Social Media: Challenges and the Way Forward”, the number of active social media users in 2019 is estimated to be 2.77 billion and a forecast shows an increase that sums it up to 3.2 billion by the year 2021. The same paper highlights the threats in social media platforms that correspond to the impersonation of friends and celebrities, cyberbullying, and phishing scams. This increasing trend and penetration of the population into it shows a tremendous increase in social platforms’ security flaws. Lax rules of these platforms are inviting fraudsters to poison the cybersecurity triad i.e. confidentiality, integrity, and availability. Lack of security measures gives birth to attacks such as CSRF or XSS that lead to data breaches.

Social Media Scams 2020

Know more about Identity verification

Frauds in the Social Media World

The section covers some major frauds in the social media world that every user must beware of. Social media has penetrated every corner of the world, and it is now a fundamental source of communication. Here are some of the common frauds on social media platforms. 

Hidden URLs

Short URLs may not be suspicious for anyone, but they are now a threat to social media users. Beware of URLs that have hidden locations. They are common on twitter and LinkedIn, and they can innocently redirect you to the relevant web page. However, other social media platforms may not always look out for such issues. Fraudsters can post a trending news headline and redirect you to a scam page. Acquiring your social media identity and other personal information will not be a problem. 

Phishing Attacks

Phishing attacks are a new form of social media identity theft. These attacks were common in emails, but advancements in technology has allowed scammers to perform phishing attacks on social media as well. “Someone just uploaded weird photos of you from the party last night.” What will you do now? As a reflex, you will immediately click on the link, and it will redirect you to some other platform. It can be a twitter page that will ask for credentials. As soon as you enter your account details, the spammer can use your social media identity and other personal information for fraud.  


Catfishing is a kind of online harassment where spammers search for people desperately looking for their special one on social networking sites. Spammers create fake accounts with an eye-catching picture and false social media identity to begin a relationship. They earn the trust of the other person and ask for money after some time. 

“Who Visited Your Profile” Scam

It is always good to know who visited your profile. Someone might call you for a job or just become good virtual friends in a while. Fraudsters take complete advantage of this curiosity and create ads, for example, ‘click on this link to find out who viewed your profile today’ or ‘visit this link to know your secret admirers.’ As soon as you click the link, you are redirected to a new page that asks for your personal information or credentials of the platform. Stealing your identity is not a problem then. 

Know about the top five key identity verification market trends here.

Digital Identity Verification: An Effective Measure for Social Media Security

Individuals alone cannot always figure out these scams, however, social media platforms can restrict fraudsters from creating fake accounts for harassment and illegal use. Social media platforms that assume personal identification an overkill for social users would now be realizing that how many spammers are facilitated through these platforms, and how they are disrupting the integrity and privacy of online users. Again, spammers are not only posting junk information but exploit weaknesses of the system to damage in the best possible way among which phishing attacks and malware/malicious executables injection is the one. 

Lack of social media identity verification service on age-restricted websites affects both the social media platforms and their users. Online users below an adult age are not verified and use the applications without any restriction. Or some websites do apply age affirmation pages or checkboxes for age verification that actually does not serve the purpose of age verification and can easily be deceived by minors.

Online Age Verification

In the past few years, age verification has become a regulatory requirement that is necessary for social media platforms to consider. Taking advantage of technological advancements, social media firms can take in place various solutions that could help in identifying the individuals and restrict services if they are not for children. 

Current verification methods can easily be falsified which require obvious changes in digital practices of verification. Many social networking platforms are now using age verification services that verify using document verification if the online user has misstated their age. Those social media identities would immediately be flagged with the status of unverified as they do not lie under the age limit that could access the networking platform. 

Ideally, social media platforms are required to collect minimized data from customers. For instance, if they want to make sure whether someone is above 18 years, then the individual would have to share a proof of their social media identity in the form of an official ID document, etc. The company should ensure that the individual is above the defined age and avoid collecting much of the information from the user’s uploaded document.  

Know more about age verification at Age Verification – Does Your Business Need It?

Video KYC

Technological advancements have made everybody’s life convenient, including fraudsters. Dodging verification checks may not be a challenge anymore. Moreover, the young ones can provide wrong information to skip age verification. Video KYC allows socializing sites to verify all the clients on a live video call. Verifying social media identities through video-based KYC can enhance the result of social media verification service. 

Digital Social Media Identity Verification

In social media platforms, it is quite easy to create a fake account/profile to impersonate a social media identity online. Whether it is Facebook, Twitter, Linkedin or some dating sites, fraudsters find all of these a hot target and conduct malevolent activities there. With single digital identity verification, misuse of social platforms can be crushed. 

Focusing on just collecting data whether it is true or false should not be the goal of social networking platforms. Allowing legitimate traffic can help provide better search results. Stuffing fake social media identities affect the huge population and hence the platform reputation. Using artificial intelligence and machine learning algorithms as the underlying technology, facial recognition systems, and online document verification for social media verification service can help maintain an honest community with much more healthy working and networking opportunities. 

What’s the big deal, if a social media identity can be verified within seconds? But it would really be one if your platform is in the spotlight due to data breach that compromises the security of millions…

Have questions about how Shufti Pro can help you secure your social media platform?

Shufti Pro integrates AML Compliance into its end-to-end Verification Services

Shufti Pro integrates AML Compliance into its end-to-end Verification Services

Learn more

Shufti Pro has now launched AML compliance in its set of identity verification services to provide comprehensive risk assessment and due diligence to its valued clientele. In the UK more than 200,000 cases of money laundering are reported by the authorities annually. So, Shufti Pro has extended AML compliance to better serve its clients, especially those belonging to the Banking and Finance sector. Shufti Pro is already an emerging force in Digital KYC services with nearly 40 customers already acquired before the conclusion of its 3rd quarter since inception. With the launch of the AML product, Shufti Pro has achieved the status of a comprehensive solution to perform identity verification. AML compliance from Shufti Pro will allow banks to provide services like remote account opening, movement of funds, and offshore banking with enhanced Risk assessment.

Methods of Money Laundering

As online crimes are evolving, financial criminals are acquiring the newest and more sophisticated ways to convert their illegitimate funds as lawful. Thus, regulators are continuously stressing upon the money laundering issues. On the contrary, banks and other firms are constantly updating their AML policies to address this growing threat. The most common money laundering tactics used around the world is through digital banking, smurfing, currency exchanges, physical movement of cash cross border through cash smugglers, wire transfers, investing in real estate, gambling, auctions, building shell companies, disguising the movement of money through the trading system, counterfeiting currencies, and the use of bitcoin to hide the original sources of money.

Out of all these money laundering strategies, trade-based money laundering has received relatively less attention. Trade-based money laundering leverages the international cross-border or domestic trade system to veil the sources of illicit money through trade transactions into legitimate revenues. It involves misleading pricing, less quantity, or low quality of trade such as goods and services either imports or exports. The international trade systems are seemingly very complex and prone to vulnerabilities that can easily be abused by money launderers. As it necessitates the inclusion of multiple parties and jurisdictions which as a result makes the entire due diligence process including AML checks much more taxing. Thus, making it easier for money launderers to exploit and take advantage of the system. 

A 2015 report by Global Financial Integrity (GFI),  reveals that the illegal flow of finances accounted for $7.8 trillion from developing economies between the years 2004 and 2013 which entails  83% of trade-based money laundering. 

The act of concealing money is an ancient technique used for many years, but money launderers are always one step ahead of finding the newest ways to move illegal money undetected. Therefore, international governmental organizations have underlined the need for AML products and services to detect and demarcate the issue altogether. 

 What is AML Compliance?

AML stands for Anti-Money Laundering and it is a practice being adopted by financial institutes, banks, and now even by crypto enthusiasts conducting ICOs. It is reported that crypto thefts, hacks, and frauds reached an estimated $1.36 billion in the first few months of 2020. The total amount stolen in crypto exceeded the stolen $4.5 billion in 2019. 

With central banks and international monetary organizations clamping down on tax evasion, money laundering, and related financial crimes, it is becoming more and more important for banks and financial institutions to verify not only the identity of their customers but to ensure that the sources of their funds & transactions are also legitimate. An AML compliant software is able to perform background checks for risk assessment and due diligence.

Importance of AML products for financial institutions 

AML products for fraud prevention are mandatory for financial institutions to monitor, evaluate, detect, and report suspicious transactions to the regulatory authorities as they happen. It not only strengthens the entire infrastructure but also enhances and accelerates the existing anti-money laundering processes in terms of effectiveness. AML products and services include and are not limited to transaction monitoring systems (TMS), currency transaction reporting systems (CTR), compliance software to help firms comply with AML regulations by FATF , and customer identity verification solutions. All these AML products not only automate the detection process but imperatively eliminates the root cause of the problem to prevent it from happening again in the future. AML products by Shufti Pro can help companies uncover criminal activities, and save themselves from heavy penalties for non compliance. 

 How Shufti Pro provides AML Compliance?

AML Compliance software by Shufti Pro is powered by more than 1000 checklists and 3000 databases maintained by national and international law enforcement agencies, monetary organizations, and anti-money laundry watchdogs. Not only Shufti Pro has such a large data bank to perform background checks but its system updates that data bank every 14 minutes, so that any new entry or removal from these lists or databases is timely updated as well.

AML/CFT takes a new meaning with Shufti Pro as it is not limited to a few countries or some dozen languages. This Artificial and Human Intelligence Hybrid product is available all around the globe and provides Universal Language support as well. So no matter which country a bank operates in or from where their clients belong to and no matter what is the official Language for documentation in that territory, Shufti Pro’s aml product will be a trusted companion for risk assessment and due diligence.

Shufti Pro’s AML products will be providing Robust risk assessment through its round the clock available financial crime risk data. Customer onboarding will not be an issue with AML compliance offered by Shufti Pro as it maintains an industry best processing time of 30-60 seconds. End-to-end identity verification from Shufti Pro is PCI certified and adheres to GDPR standards as well, so customer data will remain secure as well and customers of Shufti Pro will not be liable for any data theft risks, government penalties, or 3rd party liabilities.

Shufti Pro aims to create an online marketplace that is free of fraud, identity thefts, and malicious activity. Extension of AML compliance services are a testament to Shufti Pro’s resolve and it intends to fully optimize its end-to-end verification to usher a new age of due diligence and risk assessment.

Recommended For You:

Legal Entity Identifier (LEI) — What it means and how it helps financial institutions?

Legal Entity Identifier (LEI) — What it means and how it helps financial institutions?

Learn more

The need for trusted digital communication in this age is crucial due to increasing cybercrimes. The digital world is prone to several challenges among which data protection is the one more prevalent and disastrous. With the flow, the incoming regulations come up with the need for stringent security measures for the protection of customer data, digital surveillance, business identification, and a clean clientele. Legal Entity Identifiers (LEIs), therefore, are in place, that help businesses introduce transparency in the system as well as onboard a clean customer base.  

Today, financial companies are active in introducing various financial services and products in the market without disclosing the relationship and associations with the companies. The ambiguity in company bonds, their names, and affiliations can lead to several unfortunate regulatory issues. Therefore, an independent UK’s financial regulatory body, the Financial Conduct Authority (FCA) was established that regulates the financial enterprises, provides services to consumers as well as maintain integrity among the financial markets in the UK to ensure transparent trading. 

In 2011, the LEI system was developed in response to the financial crisis in 2008. Supervised by the LEI Regulatory Oversight Committee (LEI ROC), central banks and other financial regulators, the Global Legal Entity Identifier Foundation (GLEIF) was put in place to support the global adoption of LEI. In December 2012, LEIs were issued for the first time and till September 2018, about 1.2 million entities registered around the world.

LEI 20-characters are divided into three parts. In the number, 0-4 characters contain the identification number of issuing organization, 5-18 contain a company identification number, and 19-20 are the check digits. The LEI helps financial institutions, policymakers, and regulatory authorities to trace the connections in the financial system. It provides a unique identifier for the entities that participate in financial transactions. It is accessible in the publicly available updated databases. LEI generates the following substantial benefits for financial businesses:

  • Clear regulatory reporting 
  • Accurate identification of adverse party exposures 
  • Increased operational efficiency
  • Free of charges database management 
  • Improved business risk management 

It also generates efficiencies for financial companies in internal reporting, risk management, and in collecting, cleaning, and aggregating data. In addition, the LEI is expected to ease companies’ regulatory reporting burdens by reducing overlap and duplication with respect to the multiple identifiers reporting firms must manage.

What kind of legal entities can register an LEI number?

The companies that want to register with an LEI are required to contact the LEI issuing organization. Companies then need to provide the required information to issuers and pay the fees. The information is validated by them against an authentic source, for example, business registers and if verified, LEI is assigned. To register an LEI number, most commonly the issuers ask the company to provide the name and address of legal entity as listed in the official business registers, country and subdivisions codes, date when first LEI was assigned, and date of latest updates in LEI information. 

The following are some legal entities that can register an LEI number: 

  • Financial institutions
  • Registered companies
  • Registered subsidiaries
  • Non-profit organizations
  • Sole proprietors
  • Credit rating agencies
  • International business branches
  • Funds and trust

An international branch office belonging to the same country in which there is the head office of an organization does not need to register again because one LEI is issued per country.

Who needs LEI?

The use of LEI is in the process of implementation by regulatory authorities such as EU, Canada, the US, and the Asia Pacific. LEI is required by the following EU regulations as well as directives:

  • Market Abuse Regulation (MAR): Financial instruments issuers and the reporting of entities involved in suspicious transactions
  • European Markets Infrastructure Regulation (EMIR): Brokers, beneficiaries, CCPs, and counterparties
  • Securities Financing Transactions Regulation (SFTR): Groups involved in financial transactions, securities and beneficiaries 
  • Prospectus Regulation: Securities issuers that are admitted for trading purposes in the EU regulated market as well as offered to the public
  • Markets in Financial Instruments Directive II (MiFID II) and Markets in Financial Instruments Regulation (MiFIR) 
  • Alternative Investment Funds Directive (AIFMD): Real-estate funds and managers
  • Capital Requirements Regulation (CRR): Credit institutions and banks
  • entities
  • Solvency II: Insurance groups and firms, financial resources and pension funds
  • Credit Rating Agencies Regulation (CRAR): Credit rating agencies
  • Central Securities Depositories Regulation (CSDR): CSDs and their participants

How does LEI help financial institutions?

The banks and financial institutions are facing challenges while monitoring high-risk entities. Especially the borrowers that are located out of the state or country and have borrowed a huge loan becoming a high-risk entity for the bank. Tracking these borrowers is difficult as they do not have a unique identifier. When the registry started growing up, legal firms and sole proprietors started borrowing huge amounts from the banks, if that amount is above the one specified by the banks, the entity is obliged to register an LEI number to help institutes trust them and trace the ultimate beneficial owner. 

The borrower companies whose clients are not located in the region they operate in, for example, credit rating agencies, banks, and other financial institutions, they can access the publicly available database to gather credible information related to the clientele. Therefore, it deters the risk of fraud the legal entities can bring for the financial businesses. Moreover, verification of beneficial owners can be done that on the other hand is a benefit as well as a regulatory requirement. This helps financial institutions actually know who they are dealing with.

The global business infrastructure is getting complex so is the tracking of fraudulent entities. To combat the risk of fraud, demand for business identification is growing. Therefore, LEI helps businesses identify the legal entities in the publicly available updated databases to perform identification in a clear and quick manner. LEI is becoming a business development and growth tool internationally.

FATF issues new guidance on Digital Identity systems

FATF issues new guidance on Digital Identity systems

Learn more

A guidance paper has been issued by the Financial Action Task Force (FATF) to assist governments, financial institutions, VASPs or virtual asset service providers, and other regulatory bodies to decide whether such systems are relevant for CDD or customer due diligence purposes or not.

The guidance paper was introduced last month at the FATF meeting and follows the previous draft guidance which was issued in 2019. Although it is focused to be technologically neutral, it still sets a decision process to establish whether a digital identification system meets the FATF requirements for Customer Due Diligence.

According to the FATF, authentic digital identification can make it simple, inexpensive and safe to authenticate individuals in the financial sector. Furthermore, it can also assist with transaction monitoring requirements and reduce weaknesses in human control procedures. 

Customer verifications and transactions that depend on authentic digital identity systems with suitable risk minimization protocols in place present an ordinary or low level of risk, according to the guidance paper. It is also highlighted that the use of digital Identity verification systems in customer onboarding can help support financial inclusion targets. 

The FATF offers directions for local authorities, specifically to develop explicit guidelines or rules allowing the relevant, risk-based use of reliable, independent digital ID systems by regulatory institutions for AML/CFT purposes. According to the guidance, the risk-based approach depends on consensus-driven assurance models and standards that are constantly polished and modified to develop an extensive worldwide standard for digital identification systems.

For regulated institutions, the guidance says dependence on digital ID systems for customer due diligence should be enlightened by an interpretation of their assurance levels, especially for identity proofing and validation, and whether said assurance levels are suitable for the ML/TF risks associated with the customer, product, jurisdiction, geographic reach, and other factors.

The market for Digital Identity Solutions expected to double by 2024

The market for Digital Identity Solutions expected to double by 2024

Learn more

The market for Digital Identity Solutions is predicted to double between 2019 and 2024, as reported by MarketsandMarkets. The market will climb from $13.7 billion to $30.5 billion, displaying a Compound Annual Growth Rate (CAGR) of 17.3 percent. 

ThinkDigitalPartners also mentioned this in a recent tweet:

The firm attributed a major portion of the growth to the increasing demand for more efficient customer experiences. Digital identity solutions will be deployed more easily with technological innovations in the fields of AI, blockchain, and machine learning with an added range of settings.

Biometric solutions will inevitably be the fastest-growing type of verification solution by 2024 due to people’s preferences. They are expected to be placed in the retail and eCommerce industry during that time.

Currently, retailers have to regularly process a large number of financial transactions and they should also be able to effectively manage large supply chains. Biometric authentication can be used to facilitate the shopping experience for customers, reduce administrative costs and prevent fraud at the same time.

The largest market for digital identity technology will be North America, particularly due to the presence of some notable identity verification service providers. MarketsandMarkets has previously predicted that the overall security market will hit $373 billion by 2022 as companies search for new ways to protect their physical and digital assets.

How biometrics in visa process reduce travel difficulties

How biometrics in visa process reduce travel difficulties

Learn more

Biometric technology is enhancing the travel industry in many ways.  Factors that drive the secure growth of business include customer experience and security and this technology is facilitating the travel industry to meet both factors without compromising any. Your picture is captured by security to face match with the records of various suspects in their database using facial recognition technology.

Biometric technology is being deployed to track down terrorists by detecting faces of every traveler. High technology security cameras installed with specific cameras are used to capture the images of people. These pictures will then be matched and compared with the faces of known suspects in the database containing data of high-risk entities. Police will be alerted when the system recognizes a known suspect who has a perfect face match with their records. 

An Intro to Biometric Technology

In 2016, the biometric market in the United States reached $3.52 billion and is expected to grow significantly in the coming decade.  For most countries, the primary goal behind the introduction of biometrics for foreign travel is to refrain criminal entities from entering their country. 

For example, in the United States, an advanced face recognition system is installed at the airport checkpoints to analyzes over 100 reference points for each person to ensure if people are who they say they are. Biometric technology is a desirable standard for dozens of countries to verify people crossing their borders. The biometric technology comprises many different types, including but not limited to these: 

  • Fingertip recognition: To identify the users their fingerprint structure is analyzed.
  • Iris recognition: The iris of the eye is analyzed for its pattern
  • Face recognition: Face recognition algorithms are used that map the face
  • Voice recognition: Voice authentication of a person is conducted 
  • Palm recognition: Hand geometry or the vein pattern is detected. 

Data storage of biometrics

Individual photos and fingerprints are stored in a secure database that is only accessible by authorized officers.  Biometric authentication systems compare the collection of biometric data with storage, authentic data in a database. 

Biometric Technology in Visa Process – An Insight

Biometric technology has become an integral part of visa processing. When you go for a visa application you will be asked to provide your biometrics along with the necessary documents. The representatives will collect these:

  • take a photo of your face with a digital camera
  • scan all 10 of your fingertips with a digital finger scanner

Applicants should know about biometrics and if they are under the age of 16 and incapable of understanding biometric collection they should have a parent or guardian with them. Some countries do not collect fingerprints of children under 5 years of age and only take their photos. Following are a few conditions to fulfill before giving your biometrics:

Face or fingerprints injuries must be healed first

You should wait if you have any injury on your face or finger until the injury has healed before providing biometrics. If anyone is missing a finger, the fingerprints of the remaining fingers are collected. At times you can not give fingerprints if you have any temporary decoration on your hands or fingers such as mehndi or tattoos. 

Applicants must remove glasses

Initiated since November 1st, 2016, a law was implemented according to which customers applying for a passport must remove glasses for their photo. Glasses were a major hurdle to identify a person from their photo. Many visa applications were put on hold and were delayed due to this problem.  So that is why people were asked to take off their glasses, in some cases even the religious head coverings, to get their photo in the visa application process.

Facial recognition technology fails at a time in rightly identifying a person if they have grown a beard or have glasses on so to avoid any such inconvenience people were asked to remove glasses as the applicant’s face must be clearly visible from forehead to the bottom of the chin. So you might have to remove your glasses and hand coverings   If you do:

  • your photo and fingerprints will be collected in private
  • you can ask to have them collected by someone of the same gender

Why Biometrics are Used for Visa Processing?

The Biometrics of people are used to identify them which helps to:

Protect  from identity fraud

Fake identities are a common threat these days. In 2018, 14 million identities were stolen in the United States, and more than 50% of these identities were used to defraud businesses and banks. Cheats use stolen or false identities to commit many crimes like money laundering, terrorist financing, drug trafficking, human trafficking, etc. Criminals use stolen, fake or synthetic identities to onboard. Face verification ensures that the person using the ID for verification is the original owner of the ID card and not an imposter. 

To make travel safer

Biometrics are used to make travel safe and secure. By authenticating every person at the time of visa application doubts related to their originality can be mitigated. Biometrics, a budding technology, is being used at every touchpoint of the journey to provide border services with greater security and to make traveling easier. 

To secure borders

An unprecedented number of people are on the move, and the numbers are rising up. So to secure our borders it is important to identify people who are migrating or traveling. Biometric technology using face verification and fingerprints is hard to be fooled and is widely used for authentication and security.

This technology works on identifying unique features of an individual that are difficult to duplicate, so it is hard to spoof such a technology. Due to this, it’s widely being adopted to fight back different types of frauds. Biometrics are checked with other international agencies to verify these:

  • Identity of a person
  • The criminal history of a person
  • Protection status of a person

Some groups of people think that this so-called innovative technology will compromise the privacy of people for the sake of security. However, despite a lot of backlash for this technology the authorities are strongly defending this innovation and state that the security of public places can’t be compromised under any circumstances.

Even with this reservation privacy activists have not shown any resistance in this and the technology is being used for providing a safe and secure travel experience. Biometric technology has enhanced the travel industry.

Deepfakes on TikTok raise new security concerns

Deepfakes on TikTok raise new security concerns

Learn more

Deepfakes have started showing up on the popular video app TikTok, owned by ByteDance, a Chinese internet company. It has become one of the most popular social media platforms among the youth and some users are even becoming famous through the application’s wide reach. 

Deepfakes are manipulated videos or other digital representations produced by sophisticated AI technology, that yield false or counterfeit pictures and sounds that seem to be real. It involves the use of powerful techniques such as Artificial intelligence and Machine learning to create visual and audio content that has a high potential to deceive.

Charli D’Amelio, a fifteen-year-old, has due to her amazing choreography and dancing skills, become one of the most popular influencers on TikTok. Some TikTok users are taking up her videos and exploiting her content to attain popularity. This is done through deepfakes. 

For instance, Jesse Richards (@deepfaker), a TikTok user with 7,500 followers, has reposted some of Charli’s videos on his own account. In some of the videos, he has replaced her face with the face of The Office character Michael Scott, for viral purposes. 

Deepfakes are generally considered unethical and are disliked in many communities because they can give a perception that someone said or did something they have actually never done.

Deepfakes technology has raised concerns over how it could be used to spread false information and damage reputations of anyone anywhere. During the Trump-Hillary political conflict, many deepfakes were created for entertainment purposes. Because of the potential drawbacks, Facebook has announced that it would completely remove deepfakes from its platform. 

Furthermore, Twitter also reveals its plans for addressing deepfakes. 

7 Trends in Identity Verification Solutions to look for in 2020

7 Trends in Identity Verification Solutions to look for in 2020

Learn more

Internet is an anonymous space where people can hide their identities and come up with bizarre pseudo names. With the increasing online services, identifying identities digitally is becoming crucial than ever before. But verification should be done in a way that does not impact the user’s experience. Security has become the topic of utmost interest for all businesses due to the increasing number of recent high-profile data breaches that have affected millions of consumers and organizations. Identifying individuals online is an essential component of KYC and AML regulations as well. Organizations can benefit from remaining compliant by having proper identity verification checks in place. It also increases customer confidence in the business that they are taking proper measures to protect their private data. 

As identity thieves are becoming more sophisticated, organizations are arming themselves with technologies to protect themselves against viruses, malware, and other frauds.  Identity authentication technology has evolved using biometrics as a stronger security measure to fight back fraudulent activities. As well as unequivocally answer the question that the customer is who he says he is before starting to deal with him. 

The Rise of Identity Verification Solution for businesses

As financial frauds are clamping up, the demand for identity verification technology is also increasing. 50% of stolen identities were reported to be used in various business crimes in recent years.  According to a report, UK based company lost £1.2 billion falling in the pit of frauds last year.  The identity verification market is expected to reach $12.8 billion by 2024 at the Compound Annual Growth Rate (CAGR) of 16.0% during the upcoming period. As many businesses have drowned and faced major losses due to falling in such frauds so having proper ID check is a must-have. The digitizing of the world has bought so many scams to light and urged businesses to take stringent measures for cybersecurity. Digital communications are preferred as no one has time for face to face interactions so is the case with identity checks. Manual identity verification requires a lot of time and is now a thing of the past. 

The presence of users on the internet has significantly raised the number of digital frauds, causing millions of losses for individuals and businesses every year. Regulatory authorities have made it mandatory for every business to have sound identity authentication checks integrated into their system to put a halt on money laundering, identity theft, financing of terrorists, etc. KYC (know your customer) regulations are there to know who exactly you are dealing with, by verifying their original documents, address, and biometrics.  AML (anti-money laundering) regulations around the world have placed stringent compliance regulations on the investment companies as well as other financial institutions. 

Trends in Identity Verification

Some of the latest trends in this technology are taking it to new heights. Here are the top trends in this technology that are changing the ID verification sphere: 

  • KBA is Moving Out

The authentication process by having possession over data is no longer considered a sufficient solution. KBA and SSN verification are going out of the picture as they are proving to be a week security system. Recent data leaks have also validated this fact. So businesses are looking for better solutions to perform authentication methods. A phone number to identify allows a business to authenticate the user accessing a system and halting fraudsters from using leaked data. 

  • Comprehensive Integration:

Financial institutes are becoming aware of the need for systems to fully integrate with financial institutes existing core technologies. Most of the businesses are not considering alterations in their core processors, finding it way too expensive. But latest identity verification solutions do not require any additional hardware to be installed. They can be easily integrated with the current processors cutting short the cost for businesses. ID verification system can easily be integrated and does not create bugs that are formed due to incompatibility issues upon implementation. The time required for diminishing such bugs out of the system is also saved. As time is money for businesses so this technology is both time and cost-effective.

  • Biometric Technology

Biometric verification is not just a buzzword in identity verification but this technology is a milestone achieved in mitigating risks of forgery and scams. By identifying a person through his unique facial features or fingerprints, fraudsters can be authenticated before giving access to the system. It is becoming increasingly powerful with every new iteration. Biometric technology, depending on applications, allows a user to authenticate himself using geolocation, fingerprints, iris scan, face recognition, and other biometrics that are unique to a person.  

This technology is becoming more prevalent. Face verification technology provides seamless authentication just like taking a ‘selfie’. No contact or additional hardware is required in this. That is why it is being widely adopted. 3D liveness detection adds an extra layer of security. Liveness Detection is a process that assures the live physical facial presence of a person is validated at the time of biometric authentication. It is an anti-spoofing measure to fight back all kinds of frauds to deceive such a system. This technology is vetted and became mainstream in identity verification solutions to ensure greater accuracy without using additional technology. 

  • Two Factor Authentication

Securing your systems with passwords only is known for years but we know these can be cracked easily in this digitized world. It is even difficult to memorize and change passwords frequently. It has become a fantasy that only strong passwords can now protect us, as hackers regularly breaking into the systems and releasing passwords. As our accounts are interconnected by Emails, it becomes easy for hackers to crack the password of one and gain access on all. So the solution for it is two-factor authentication, which lets a user know when someone is trying to gain access on any of their accounts. Like Gmail account is asking you every time you are signing in from different browsers if it was you. The basic idea is just a secure second option that authenticates without making it inconvenient for the user. It’s easy adding your mobile number and add a secret code sent to you every time you are logging in. It is instant and adds an extra layer of security making it difficult for scammers to get access. 

  • Consumer Concern Drives for Change

Identity theft, credit card frauds, account takeover, and many other scams are the biggest concerns of businesses such as banks as well as consumers falling victim to it. According to FICO, ID theft costs businesses around 16.8 billion dollars each year, so it is the top concern of financial institutes as well. More effective identity verification solutions are being used to meet the security-conscious market demands against fraudsters. If the security threats are on the rise, new advancements in ID verification technologies are on the heels. These trends will equate a more secure online sphere, which will result in benefits for both businesses and consumers. 

  • Blockchain Technology for Data Storage

No matter how advanced identity verification solution is being used, one eminent question remains there that where is the private data of a consumer is being stored to make it out of criminals’ reach. One recent answer in this regard is blockchain technology. Blockchain is a secure distributed database where no single entity has all the data.  Blocks of data are added to embed the private data safely. 

  • Automation will continue to be Gold

Identity verification solutions perform the process in real-time without using any tam effort. Adding automation to the procedure enhances user experience as now they will not have to wait for days just to get verified. It becomes frustrating for clients at times and ultimately they end up leaving the platform. It is also beneficial for businesses as it saves their time and labor resulting in lower costs. 

Identity Verification making online dating platforms secure

Identity Verification making online dating platforms secure

Learn more

The expansion of the internet and mobile devices has led to the rapid adoption of online dating. According to a survey, at least 15 percent of American adults have used online dating sites or mobile dating applications. When it comes to digital frauds, consumers mostly think of identity theft, credit card fraud, account takeover, and other fraudulent bank transactions. But not anymore.

Like technology, cybercrime is continuously evolving now targeting online dating sites and applications. Dating scam isn’t a new concept, in fact, the term “catfishing” has become a streamline after the 2010 documentary “Catfish.” The term Catfish is quite prevalent; in this context, catfish means creating a false identity online to deceive people in online romance.

In today’s dating, many daters in search of special partner find themselves being ‘catfished’. A study in Psychology Today (2016) reported that at least half of the dating site users have lied about themselves in their profiles. As Valentine’s day is approaching, people may go online to search for love, but they can fall into the trap of deceptive scammers.

Driving factors behind dating scams 

The romance scams are emerging as a new type of fraud to exploit the people and there are multiple core drivers. The recent incidents of data breaches have given fraudsters additional access to personally identifiable information (PII) to use in online dating scams. This information is being used by scammers on dating platforms to pose as someone else and tract daters.

Another factor fueling the growth of dating scams is the lack of digital verification process while creating the profiles on dating sites and apps. There is no proper mechanism to ensure that the account matches the physical identity and even if its matched for the time being then is it being operated by the same authorized entity or not. What most websites do is verify the profiles through other social apps such as Facebook and even google. And it’s not difficult to create a fake Facebook profile or Gmail ID. 

Customer experience matters a lot and user expectations of seamless onboarding experience are higher than ever; hence tieing up the hands of companies. Nevertheless, businesses need to implement efficient measures that can balance between security and convenience; hence curbing online dating scams and frauds. 

The sky-high cost of dating scams

Catfishing isn’t only resulting in a broken heart and bruised ego, but also leads to million-dollar losses for the victims. Romance scams and other similar scams cost consumers more loss than any other internet fraud. In 2016, the FBI reported that consumers lost more than $230 million and businesses can expect it to be much higher.

Through these sophisticated scams, the fraudsters are running a well-thought business; for instance, in Canada. According to a report of 2015, there were 990 reported cases of romance scams that resulted in a total loss of $16.9 million, targeting 672 victims. 

According to the Federal Trade Commission (FTC), the median reported loss from romance scam in 2018 was $2,600 which is seven times higher than any other internet fraud. The data showed that these scams cost online daters $143 million

Victims as money mules

Romance scams are considered organized crimes because of their nature. Money isn’t the only thing that is being a cost to victims; there have been many fraud cases where the victims have become offenders unknowingly landing into jails. It is found that in dating scams money launderers have been involved looking out for the opportunity to launder money without getting suspicious. 

Online dating sites are full of people finding their soulmates and special someone and the imposters take advantage of them by pretending to be sweet and caring. In such scenarios, the scammers play with the emotions and gain the full trust of the victims before taking any action. Multiple cases have been reported in which the victims are being used as money and drug mules which landed them in jail.

In 2016, the romance scam victim Edwena Doore landed in jail for five months for unknowingly laundering $700,000 under influence of Kenneth Bruce whom she met online. Another victim of online romance fraud, Russel Loach was sentenced to jail for 4 months for laundering more than $100,000 funds to bank accounts in Nigeria. According to Loach, he transferred the money in response to a claim that “his partner” has been kidnapped and he had to transfer to save her.

Identity verification putting an end to Catfishers 

Taking into account such incidents and losses, online dating scams aren’t a thing to be taken lightly. Trust is the fundamental factor in online dating business without which a site can lose credibility within a blink of an eye. The key to building trust is the secure onboarding of real people. Some online dating sites are introducing built-in checks in their site to verify the profile authenticity through complex algorithms. These algorithms are able to detect fake profiles based on suspicious patterns.

However, these checks are not much effective in combating the scammers since they detect profile after some time of creation. Till the time, fake profiles are caught, the loss has already incurred. Therefore, another solution is needed that is missing on many social services today including social media and dating sites; digital identity verification is the one.

Many organizations are providing online identity verification solutions in digital marketplace for dating sites and applications to tap into. In fact, some renowned dating sites have already started incorporating such services to deter romance scams by keeping fraudsters and organized criminals at bay. 

Digital identity verification services ensure secure onboarding of daters on the site by verifying and authenticating their identity at the time of profile creation. This enables the dating websites to get rid of the catfishers and providing the premium way of dating to their users. Whenever a user operates his/her profile, ID authentication can check if it is used by an authorized person or not through liveness detection.

Moreover, the dater profiles can be checked against criminal records and other authentication checks to be clear without violating any compliance laws.

Five Solutions to tackle business verification challenges

Five Solutions to tackle business verification challenges

Learn more

Know Your Customer (KYC) is critical for verifying the clients before doing business with them, but to authenticate businesses is as important as KYC for individuals. This is why regulators are increasingly focusing on business verification to help prevent money laundering and terrorist financing. Business verification, which includes authentication of businesses, UBO identification, and risk assessment of business entities, is been included in the new AML directive of the European Union, as well as other major regulatory authorities. Know Your Business (KYB) services market is projected to grow $11.8 billion, according to an OWI lab report.  

Corporate KYC isn’t just a regulatory requirement it helps businesses in identifying the shell companies and other corporate structures involved in illicit funds transfer. The disruptive technologies like artificial intelligence, machine learning, and automation are creating opportunities for quick and real-time customer due diligence and KYC verification. However, many of these solutions focus on KYC for individual and retail customers.

Verifying businesses in the past has been a difficult and time-consuming task. Normally the KYB process for financial institutes to verify the corporates involves manual checks and physical verification, which makes it more tedious and lengthy. 

Challenges associated with business verification

With the new KYC/AML regulations, business is required to verify customers, corporate clients, and other critical information. However, there are multiple challenges when verifying a business client and some of them are:

Time taking manual onboarding process

Normally, KYB verification for corporate onboarding is a tedious and manual process, requiring intensive labour. These delays lead to frustrating customer experience and customers are more likely to abandon the account creation process. Moreover, there are chances of errors and mistakes when it’s done manually.

High compliance cost

According to a report, the average KYC cost for businesses crossed $48 billion in previous years. This includes manual labour and third-party payments. All this is raising concerns about AML and KYC compliance costs becoming so high that they prevent businesses from being able to perform other daily tasks.

Complex ownership structure

Latest KYC/KYB regulatory directives such as AMLD5 and FinCEN CDD rules make it necessary to verify and identify the business entities as a mandatory regulatory requirement. Financial institutions are reliant on collecting business details from clients through a manual process by filling in forms and then verifying the information manually. There are high chances of data discrepancies to slip in.

Data inconsistencies

While companies could somehow afford all manual works but a problem that still persists is data verification sources. There are many sources where companies’ data can be found, and sometimes the information available on some file is outdated or incorrect.

Addressing the challenges

With an increase in regulatory requirements, there is a need for developing an appropriate procedure and process that facilitate financial institutes. Here are some solutions that could help businesses: 

Automated KYB onboarding

By employing the latest technologies, automated business verification solutions can solve these problems. AI-powered corporate verification solutions will provide an opportunity to enhance the efficiency of the corporate onboarding process, by reducing the cost and making it faster. 

Ongoing monitoring for business verification

Businesses should monitor their corporate clients regularly to identify and monitor any changes in the company’s structure, the appointment of new executives, and changes in beneficial ownership. This practice also helps in monitoring PEPs continuously. It will assist companies in adopting a structural approach for business verification.

Access to authentic business registries

 As discussed earlier, access to the correct and most updated data is a challenge in performing business verification. However, if the companies have access to the correct and most up to dated business registries is valuable and will make business compliance an easy task.

API integrated KYB solutions

Shufti Pro’s API integrated solution aggregates data from various sources, so businesses only need to enter the required details such as the business registration number and the jurisdiction code where the business is operating. This centralized verification help manage the complexity involved in onboarding and monitoring corporate clients.

Virtual Identification

With an increasing compliance cost, businesses are now turning towards automated software that helps businesses to perform necessary business checks. Shufti Pro’s KYB verification solution is specifically designed to reduce extra compliance costs and dealing with complexities involved in working with high-risk clients.

As the global business markets are growing at an increased pace, companies need to get grip on customer due diligence for both individual and corporate clients.

Shufti Pro Receives 2019 Great User Experience and Rising Star Honors as a Verification Identity Service in B2B Review Platform

Shufti Pro Receives 2019 Great User Experience and Rising Star Honors as a Verification Identity Service in B2B Review Platform

Learn more

We’ve recently wrapped up another year of upholding our clients’ business integrity and security through state-of-the-art verification technology here at Shufti Pro. One of the highlights of 2019 was having been awarded two CompareCamp distinctionsthe 2019 Great User Experience and Rising Star Awards. 

CompareCamp is one of the most respected online resources of B2C and B2B review articles and comparisons. Its core goal is to provide insightful product reviews and information on various software solutions so that readers can see if it is a good fit for their business.

Shufti Pro fills possible security gaps for various businesses without plaguing them with unnecessary steps in the process of identity verification. Through features such as biometric facial recognition, human verification, and anti-spoofing techniques, we’ve made it our mission to strike a balance between precise verification and convenience—a feat that we’re glad has been recognized

We offer the quickest ID verification in real-time and don’t keep end-users waiting to get authenticated to crucial online accounts. Our multilingual OCR supports 150+ languages for users in 230+ countries and territories. 

With integration of both HI and AI within our system, we guarantee up to 98.67% precise verification. This level of accuracy and good user experience are two such software criteria that customers judge, often validated with the Rising Star of 2019 award. And we’re happy and proud to announce that Shufti Pro has garnered positive customer traction to win this distinction. 

After receiving these awards, and as we move forward into the new decade, we aim to build on our current model to provide even faster and more convenient identity verification software. 

How Artificial Intelligence is taking ID verification to the next level?

How Artificial Intelligence is taking ID verification to the next level?

Learn more

Identity theft is deemed as a growing problem. Particularly with the increase in online shopping, the number of online identity theft increased rapidly. According to a 2019 Internet security report, cybercriminals are diversifying their targets and using stealthier methods to commit identity theft and fraud. In 2018, FTC processed 1.4 million fraud reports resulting in $1.48 billion losses. 

The number of fraudulent transactions and massive data breaches continues to rise as the fraudsters and cybercriminals become more sophisticated. To deal with these issues, various ID scanning and security solutions have been implemented using Artificial Intelligence (AI). 

 Artificial intelligence enables computers to make human-like decisions and automating a particular task. It empowers everyday technologies like search engines, self-driving cars, and facial recognition apps. The technology is also leveraged for customer identity authentication and fraud prevention. 

Machine learning and deep learning make it possible to authenticate, verify and accurately process the identities of the users at scale. Here are some ways AI and machine learning are used to scale identity verification.

Scaling identity verification with machine learning

Oftentimes, users are required to show their ID documents when purchasing or opening an account in the bank. Identity documents such as driver’s licenses and passports are scanned to authenticate the users. Some examples of document verification includes checking the originality of documents, extracting information using OCR, confirmation of genuine microprint text, and face recognition match the identity of a person. 

However, in online verification scenarios, the chances of forgery and identity theft increases. Using machine learning and automation for identity verification can create a more robust system that doesn’t rely on human verification experts. These machine learning systems perform identity verification faster than humans and are more secure.

3 features of a robust AI-powered ID authentication solution

For a robust ID proofing solution, 3 important ingredients are required:


Since data is the fuel for machine learning algorithms, acquiring suitable and specific data is necessary. To build a powerful machine learning model, tagged data is important.

Evaluation and Modelling

Defining success factors once the data is available in the next important ingredient. For instance, considering the problem of ID verification needs more accurate models because false identification could lead to errors. This is why a model with more than 95% accuracy and real-time processing should be implemented. 


Machine learning models make the decision based on previous experiences which is why training with suitable and tagged data sets is important for a robust AI service provider. Teaching machines right from wrong is essential. 

However, IDs are physical documents that could easily wear and tear and if all the checks for authentication are automated many real IDs might fail the verification. This is where human insights come into play.

Find more relevant resources:

How Artificial Intelligence is taking ID verification to the next level?

A hybrid approach using AI and HI

Human ID validation experts can step in to prevent bad customer experiences during the rare instances where the machine fails to accurately identify what is wrong with the documents. This further helps in identifying the key problems and making improvements in the system.

Shufti Pro uses AI in synergy with human intelligence to make the verification process frictionless.

Augmenting ID authentication by including biometric verification

Biometric authentication is much less explored technology when it comes to online identity verification. With features like liveness detection and anti-spoofing, facial recognition provides a lot of opportunities to businesses that want to ensure transparency on their online platform. Face recognition promises impeccable performance both in onsite and offsite verification scenarios. Facial authentication working in collaboration with document verification can provide reliable identity verification services to the businesses that are sick of being fooled by facial spoof attacks and other identity fraud methods.


Artificial Intelligence increases customer security and provides businesses an edge over the fraudsters. It enhances human ability and will continue to do so to enable businesses to process information intelligently and prevent being scammed. While AI-powered systems are still needed to be refined, it is high time that the business entails AI-based solutions for better enhancement of their workflows. 

Shufti Pro’s identity verification solution is built upon an ideal combination of artificial and human intelligence and augmented with face verification. It enables businesses to prevent fraud and onboard authentic customers. Shufti Pro’s investment in AI resulted in better customer experience, as well as enhanced security for online businesses. 

Landry’s Inc. warns customers of the potential data breach

Landry’s Inc. warns customers of the potential data breach

Learn more

Landry’s Inc., a parent company of more than 60 restaurant chains, installed a payment processing solution at all Landry’s owned locations back in 2016. This solution uses end-to-end encryption technology to secure the customer’s data.

The Houston-based company that owns more than 600 restaurants, hotels and casinos in the United States, recently warned the customers about the data breach. This breach could have compromised the credit card information of the users. As per company warning, the data breach has more likely affected the cards used during March 13 and October 17, 2019.

As Landry stated on its website about the unauthorized access to their network, it claimed that the breach may have occurred at the time when the servers swiped customers’ cards in machines. The card swiping was intended to place food and drink orders to the kitchen/bar. Moreover, as per Landry’s, these machines are separate from those used on point-of-sale terminals.

Though the company hasn’t exactly given proper numbers and stats about the breach, it has warned the customers to be cautious and look out for any unusual activity happening to their card. 

Let’s see how much customer’s data have been compromised.


Embedding online identity verification methods for enterprise security

Embedding online identity verification methods for enterprise security

Learn more

The internet knows a lot about us now. And businesses are using this information to verify our digital identities. However, not all of this information is correct or publicly available. As more and more activity finds its way online, identity checks are becoming relevant to the establishment of secure platforms for individual and business transactions. 

The risk of online fraud and ID theft is real, with a rising demand for online risk mitigation. Enterprises must look into variable security information platforms to enhance security solutions across the board. Trends in identity verification depict high levels of growth, with the value of the market to grow to US$4.4 billion by the year 2027. 

The introduction of AI tools have opened up online identity verification systems to offer faster data  processing, compilation and assessment solutions. Technology is making swift advancements in detecting anomalies and catching fraud. However, as a final check, human experts still manage to provide valuable supervision to machine algorithms for higher accuracy and verification of user data. 

Online Identity Verification Solutions for KYC, KYB and AML compliance

To verify if a user is actually who they say they are, real life identity verification for online applications employ a great deal of automation as well as data analytics to implement identity theft protection methods.

Here’s a list of some of the most successful and commonly used verification methods:

Biometric authentication through face verification and liveness detection

The use of biometric features for authentication involves the use of unique biological characteristics to verify end-users. Presenting face, fingerprint, iris, voice or other behavioural metrics to ensure their live presence is a highly convenient and secure way to authorise login. As use cases spread to a large number of consumer services including healthcare, travel, and retail, customers are looking for identity solutions that can easily be integrated into smartphones. Cost effective solutions such as taking a simple selfie or presenting a card to a camera are being accepted by large digital audiences. 

Through cross device authentication services, customers can use a hand-held device to capture a video or a selfie and confirm their presence. An automated procedure fast-tracks the process and authenticates account holders with high accuracy. Advanced Identity verification applications powered by machine learning are also recording verification processes in real-time and storing the data in the form of timestamps, videos, IP location and device information. 

Document Verification

Digital verification methods can replace manual checking of customer documents to prevent online theft and ID fraud. The more customer attributes that can be verified through a given ID source, the more robust the authentication. The end goal is to achieve a high level of verification assurance across multiple systems and countries. 

Customers can scan ID documents in front of a webcam and allow verification APIs to extract and screen key customer credentials. In most cases, the use of optical character recognition technology (OCR) assists in providing verifications for several documents in different languages. 

Document validation includes checking: 

  • Full name of end-user
  • Photoshopped/tampered documents
  • Document expiry
  • Document format type
  • Address format

Address Verification

The authenticity of individuals and businesses can be verified in real-time using automated software that cross-checks addresses with official databases. Users are asked to upload photos while holding identity documents in order to match their face. Secondary documents containing official address are uploaded to verify the information entered by the user. Analysis is done via an API and the verification is also recorded. 

For e-commerce and other retail business, this translates into better management of chargeback fraud and improved reputation. Mailing costs associated with returned mail can be mitigated and high quality address data maintained for faster delivery time. Identity documents such as national IDs, utility bills, bank statements, and driver’s license, are verified for authenticity, to improve customer risk profiling and online identity fraud management. 

AML Screening

Businesses must ensure a high level of safety by vetting both individual customers as well as businesses before beginning transactions. International regulations now require that sources that may be involved in money laundering and terrorist financing be actively avoided and screened before onboarding.

Detailed background checks and sanction list monitoring for high-risk clients is a given for AML compliance programs. Simply entering the name and date of birth can reveal useful information about authenticity. Data on customers and businesses must be screened against international regulatory watchlists, sanction lists and PEP lists to ensure compliance with laws and regulations. Risk reporting and global compliance is made easier with AML solutions for fraud prevention. 

Ongoing AML monitoring is an essential part of process, as regular monitoring of clients assures that no illegal activity is recorded in recurring transactions. This is to ensure that client credibility is maintained over time and high-risk clients are marked with an ‘on-alert’ status.

Companies can be validated using a registration number in order to identify blacklisted entities. Background checks of the Ultimate Beneficial Owners (UBOs) can help in identifying individuals with a suspicious profile. As a long term business goal, financial risk assessment is improved by limiting compliance fines and penalties leading to unanticipated financial loss. 

Knowledge based authentication

This method of online identification requires customers to protect sensitive information with security questions that can be answered using personally identifiable information.

It is an easy process to employ since it doesn’t contain complex passwords or codes to remember. However, it is also easier to breach since such information can be guessed, discovered or sold. There’s no verification with official customer IDs either. 

2FA Authentication

As an added layer of security, 2FA solidifies account protection by double checking the possession of sensitive information by clients. A physical token or a numerical SMS code must be immediately available to the customer through personally held devices to gain access to online accounts. 

Passwords are losing their authority as a security measure for fraud prevention. Hackers can breach accounts using weak or easy-to-guess passwords and gain malicious access through single layer security methods. Customers are advised to create long passwords with complex characters to lower the probability of a breach. This hurts customer experience and often makes the login process tedious. 

Authorised customer account access through two-step authentication method includes the following steps: 

  • End-user is sent a personalised, auto-generated code at each log-in attempt
  • Authentication code is required to enter the code at login
  • API matches code and completes user verification 

Two-step online identity verification services provide a way for companies to manage financial loss for end-user accounts without compromising customer experience. Malware activity and phishing attacks can be prevented by strengthening security laters.

ProtonMail added an encrypted calendar to its encrypted Gmail competitor

ProtonMail added an encrypted calendar to its encrypted Gmail competitor

Learn more

Previous year Google faced a hefty fine of $170 million by the Federal Trade Commission following the investigations into Youtube over alleged violations of children’s privacy law. The scrutiny on Google is potentially increased that how it collects and utilizes the consumers’ data and information.

Many people are looking out for some alternative to Gmail because of privacy concerns. ProtonMail is efficiently utilizing this opportunity to grab the attention of users who want to wean themselves off Google. It has recently launched an encrypted calendar “ProtonCalendar” through which paid users can privately manage their schedules in a calendar.

ProtonMail is previously renowned for its encrypted mail services. Currently, the encrypted calendar is only available with a paid ProtonMail plan. But the company is planning to launch this calendar for all the users in the near future. The company wrote in its blog post

“We believe everyone has the right to plan dinner with friends without announcing to Google who will attend,”

Google has faced allegations from its own employees that it was using some browser extensions to spy on them; however, these accusations were declined by the company. In 2017, Google stopped scanning user’s emails for advertising, ProtonMail still claims that some parties use calendar data for target advertising.

Calendars are a lot more than just organizing tool as ProtonMail writes in their blog post

“For the longest time, to easily organize these events, you had to let large corporations monitor these special moments. These companies snoop on your calendar and use that information to inform their advertising. A calendar is more than just a tool. It’s a record of the moments that make up your life.”

ProtonMail is still in its basic beta version. The company ought to add more advanced features and then launch it in the future. The new features will enable the users to invite other users and share their calendars with other ProtonMail users.


Pakistan’s State Bank unveils new AML/CFT regulations for Forex Firms

Pakistan’s State Bank unveils new AML/CFT regulations for Forex Firms

Learn more

State Bank of Pakistan on Tuesday amended Anti-money laundering (AML) and Counter Financing of terrorism (CFT) related regulations in foreign exchange companies manual 2018 to further align them with the FATF action plan.

The global finance watchdog is going to announce its decision regarding the country’s deficiencies in AML/CFT laws.

“Exchange Companies shall take steps to ensure that there AML/CFT policies adhere to FATF regulations,” the SBP said. To achieve this, their policies, SOPs, compliance programs, and delivery channels will be monitored on an ongoing basis by the board of directors.

Foreign Exchange companies are further required to identify the customers and verify their identity on the basis of authentic documents, data or information. The need to identify if there is a beneficial owner who isn’t the customer.

For exchanging any foreign currency equal to, or below, the threshold of USD 500, exchange firms may resort to normal customer due diligence, wherein details like name and number of identity documents should be obtained at the minimum if there are no circumstances of a suspicious transaction.

According to the amendments by SBP, Forex firms shall employ automated systems for customer risk profiling, AML screening, and transaction monitoring. Moreover, the firms are required to take appropriate measures to manage and eliminate any risk that may arise afterward. 

More posts