Is Mobile Account-Opening Safe?

The next step in the evolution of digital banking has begun: mobile onboarding, or letting consumers open accounts entirely through their smartphones.

ABN Amro and Radius Bank have been doing so for several months, and a large U.S. bank is rumored to be on the verge of taking the leap.

It is early in the process, and many security, technological and other questions remain, but the momentum is clearly building.

“We’re seeing more clients trying to do either mobile-first or mobile-mostly enrollment,” said Joram Borenstein, vice president of Actimize, which sells risk management and compliance software.

Customers, especially millennials, will increasingly come to expect this. Banks like the idea of the lower costs of mobile sign-up as compared with more labor-intensive, hands-on work in branches.

Some banks want the technology to solve problems with “soft declines,” in which people will start to fill out an application online or on mobile devices, but when it comes time to present identification, the bank asks them to go to the local branch with their identification documents.

“At which point the person says, I’m out. I don’t want to do that,” said Jim DeBello, CEO of Mitek. “That’s why I signed up through my phone.” He estimates such soft declines account for about 20% of failed enrollments.

But the technology is new and banks will need to proceed with caution.

“We live in a world where the tolerance for friction is extremely low and the indignation for failure is very high,” observed Richard Parry, principal at Parry Advisory. “There’s always a correlation between the market going into customer-service overdrive and an increase in fraud. The demand for speed and low friction will dominate until the threat vector becomes unpalatable.”

Given the recent rise in new account fraud using stolen or synthetic IDs (more on that in a future column) and the hundreds of millions of consumer records that have been stolen already, is mobile onboarding safe?

One Bank’s Experience So Far

For answers, we looked to ABN Amro, which began offering mobile onboarding in November to ease the sign-up process for prospective customers.

“In the traditional way we identify new customers, we take a lot of their time,” said Frank Verkerk, its chief digital officer. “They have to visit our branch, they have to bring all kinds of documents.” It generally takes about an hour. “We wanted to make it easier for people who decide to become a customer of ours,” he said.

On the other hand, compliance with know-your-customer regulations remains important. “We designed a process in such a way that on our side, we still do the same checks we used to do, but we set them up in a different way,” he said.

ABN Amro is using technology from Mitek through which customers scan their IDs (the Netherlands issues official identification to all residents) and take pictures of their faces using their smartphones. The Mitek software reads and compares the data in the QR code on the back with what’s printed on the front. It also matches the photo on the ID document with the selfie. In the background, the bank performs its normal new customer identity and fraud checks.

The bank for now only offers mobile onboarding to a targeted group: adults who want to open a single account. Several hundred people have signed up.

They can now do so in less than 10 minutes.

Later, the plan is to offer it to more customer groups.

Verkerk is pleased with the program so far but says the process has room for improvement, on the bank’s side and Mitek’s side.

“There are all kinds of technological developments that could make it even more efficient, so we keep investing and improving,” Verkerk said. For instance, certain manual identity checks could be automated.

The bank hasn’t yet encountered fraud among mobile enrollment users. “We monitor that very thoroughly because we of course want to be sure things work out,” Verkerk said.

The bank has caught people testing the system. “We come across a lot of funny and impossible pictures of people trying to find out if the process really works,” Verkerk said.

Before implementing the technology, Verkerk said his team worked with Mitek to improve the quality of the ID and facial imaging.

“It sounds like an easy thing to scan your document and make a selfie, but of course the scan and selfie need to be good,” he said. “If you take a selfie while in front of your window and sun is shining,” quality will take a hit. “We provide a lot of feedback and help for customers to understand what they really have to do.”

If a customer struggles and cannot make it work, the bank helps through another channel, such as the call center.

So Is It Safe?

In addition to Mitek, the Andera unit of Bottomline Technologies offers a similar mobile enrollment technology that Radius Bank uses. It also uses image capture to translate smartphone photos of ID documents into text.

Are such mechanisms safe, or are there security and privacy holes waiting to be exploited by fraudsters?

Leave a Reply

Your email address will not be published. Required fields are marked *