Blog

Digital Identity is progressing in Canada, with a new bank account opening process backed by digital ID documents, biometrics, and a new digital identity mobile application for residents of the most crowded Canadian province, Ontario.

Biometric Update tweeted:

RBC, Bluink introduce #digitalidentity verification solutions in #Canada https://t.co/E0cWcdPhAS

— Biometric Update (@BiometricUpdate) March 13, 2020

RBC is the first Canadian bank to offer digital identity authentication services to customers opening a personal account in a branch for secure identity verification, fraud prevention, and smooth customer onboarding experience by scanning IDs or passports.

Peter Tilton, SVP, Digital at RBC stated, “As we make our clients’ everyday banking experience easier, we continue to be guided by the imperatives of trust and security. Verifying and protecting our clients’ identities is among the most important things we do,” He added, “The world-class technology underpinning these features will better protect clients from fraud caused by identity and document forgery and give them an unparalleled account opening experience.”

The RBC Mobile Application uses Artificial Intelligence technology to inspect government-based identification documents such as ID cards, driver’s licenses and passports, and Near-Field Communications (NFC) for analyzing ePassport use.

After the identity document is scanned through the mobile application, the customer data is registered in their account profile on an advisor’s computer, but RBC reassures customers that the information is used and protected in line with its strategy to guard personal information.

“Until now, our architecture limited our ability to quickly deliver the solutions our clients and advisors want,” continued Tilton. “A single digital platform gives us immense flexibility to reuse core capabilities that extend across the bank and design solutions with our clients and advisors in mind from the start. This means clients will enjoy a more consistent experience with RBC across our delivery channels.”

In the future, RBC plans on introducing a mobile account opening feature with live biometric selfies to verify identity against the identification documents on file. Since the introduction of advanced technologies for customer onboarding, RBC says it has increased the efficiency of the process to up to 70 percent because customers no longer waste time with data entry and document verification.

“We’ve spent the last two months piloting this in nearly 50 branches and the reaction from clients and advisors has been outstanding,” said Sean Amato-Gauci, EVP, Cards, Payments & Banking at RBC, in a prepared statement. “We are adding to the existing suite of digital identity solutions developed by the banking industry by providing clients with another option for securely verifying their identity with us.”

The new features are supported on both iOS and Android devices. They allow clients to have more control over their personal information and prevent them from disclosing more personal information than required. This option is already available in 100 branches in Canadian provinces Ontario and Quebec, but it will expand to more branches, channels, and partners this year. The processes are in line with Canada’s Know Your Client (KYC), Anti-Money Laundering (AML) and privacy regulations.

The banking industry is stepping up to serve customers as well as their employees as the Coronavirus pandemic puts instance pressure on customers, as millions of Americans are restricted to remain in their homes, and businesses are facing huge losses. A number of banks have started doing their part in this time of need.

Mobile Payments mentioned this in a tweet on 18th March, 2020:

https://t.co/5BvkrX2sGi

Banks step up to assist customers amid COVID-19

— Mobile Payments Today (@MobilePayToday) March 17, 2020

Berkshire Bank in Boston has increased the daily spending limits for customers and penalties for early withdrawal have also been waived from Certificates of Deposits. Bank officials reported that clients have been seeking extra flexibility and coming into the bank with concerns that they might have to spend a greater period of time at home.

Tami Gunsch, Senior Executive Vice President & Director of Relationship Banking stated, “We did experience an increase in customer traffic into our branch locations late last week to ensure they had money on hand in case they were not able to visit a bank for a few weeks due to impact related to the Coronavirus. He added, “This gave us an opportunity to connect with customers and provide information on the various ways they can conduct their everyday banking without reliance on a branch location and in a way that promotes social distancing.”

Similarly, BBVA USA is offering penalty-free withdrawals from Certificates of Deposits, reimbursing ATM fees, and deferrals, extensions, and waivers on loans and lines of credit to its clients. Javier Rodriguez Soler, BBVA USA President announced in a press release, “We understand that this pandemic has put many of our customers in a position of uncertainty, and we are working to take some of that burden off of them,” Furthermore, “We know that this is a fluid situation and we will closely monitor any developments that could continue to negatively impact customers across our entire footprint.”

Webster Bank in Connecticut has also started offering various improvements in services to help small businesses and consumers. John Cuilla, President and CEO of Webster Bank said, “We recognize the emergence of COVID-19 and the dramatic steps we must all take to curtail its spread, will create financial and other challenges for our customers and communities,” He added, “Consistent with our long history of supporting our customers in times of need, Webster is committed to providing the financial flexibility to the individuals, small businesses and corporations we serve.”
Webster is offering the following options to customers:

• Increased spending limits on debit cards.
• Penalty waivers for early CD withdrawals up to $25,000.
• Increased remote deposit limits.
• Payment deferral options on mortgages, home equity or personal and
• small business loans, based on the requirement.

Coronavirus outbreak has forced organizations to let their employees work from home during the outbreak. A new wave of cyberattacks targeting such employees is emerging, warns the experts.

After scammers, now hackers are exploiting the virus outbreak to prey on employees who are working from home. The evidence reports that working outside the office environment is not secure since it opens more doors to cyber vulnerabilities.

While giving a statement to ‘The Hill’ last Friday, the presidential cybersecurity commission server, Tom Kellermann said,

“There are nation-states that are actively taking advantage of the situation, particularly our Cold War adversaries, and we need to be keenly aware that they are aware of the lack of security that is presented by everyone telecommuting”

Reckoning the opinion of Kellermann, the department of Homeland security’s cyber agency – CISA – issued the statement on Friday highlighting the cyber threats associated with working from home as compared to the office. CISA pointed out the potential vulnerability around virtual private networks (VPNs).

Employees working from home are remotely accessing the organization’s file through VPN, which is paving roads for hackers to get into the network and exploit the files and data shared on the network.

In their statement, CISA wrote

“As organizations use VPNs for telework, more vulnerabilities are being found and targeted by malicious cyber actors. Update VPNs, network infrastructure devices, and devices being used to remote into work environments with the latest software patches and security configurations.”

Moreover, the agency highlighted that cybercriminals may increase phishing email attacks to steal employees’ credentials. Such emails may use corona fear to tempt users into opening emails and performing certain activities; downloading viruses.

Checkpoint stated that since January more than 4,000 coronavirus-themed websites domains have been introduced; some with the intention of running email campaigns to lure victims into clicking malicious links.

With the agencies indicating the vulnerabilities, Kellermann has recommended individuals to use separate and private networks to do their work and isolate the data to keep it secure from intruders.

Acma (Australian Communications and Media Authority) has introduced a new regulation to fight identity fraud, according to which users who want to change their mobile network while keeping the same number will have to verify that the number they plan to port belongs to them. 

Guardian news tweeted regarding the event:

Acma announces new rules on porting mobile numbers to tackle identity fraud https://t.co/0hJJKaHd2q

— Guardian news (@guardiannews) February 28, 2020

It is normal for users to verify their identities through their mobile phones via two-factor authentication, especially on digital platforms. Nevertheless, it is still not considered a strong method of ID verification, since people can easily get hold of someone’s mobile number through number porting. 

In Australia, there are no checks involved when a change of mobile number is requested by a customer, apart from basic identity checks. Under the new regulation introduced by Acma on Friday, mobile companies will now have to verify identities in a number of ways. It can be done by a unique code sent through SMS or email to confirm the number that has requested the port or at a retail store by the sales representative calling the number with the person in the store to establish the identity of the owner. 

Fiona Cameron, the Acma Authority member, stated: “This new standard is a strong step forward in the battle against criminals who scam mobile phone users and will significantly reduce the prevalence of mobile fraud,” Teresa Corbin, the Chief Executive of the Australian Communications Consumer Action Network, appreciated the new regulation but expressed that SMS was not a secure method of two-factor authentication. 

“We’d like to see the Acma require telcos to use highly secure forms of verification, such as hardware or software authentication tokens, which are generated with a mobile app,” she said. “We’ve already seen some government services adopt this approach through the development of the myGov code generator app.”

The new rule will be effectuated by the end of April, and in the case of non-compliance, telecommunication companies will face fines of up to $250,000. Paul Fletcher, the Federal Communications Minister, said that some mobile service providers had already started following the new rule and he expects every provider to be compliant by the end of next month.