Identifying customers in the digital era
-
Upload
isignthis -
Category
Economy & Finance
-
view
142 -
download
0
Transcript of Identifying customers in the digital era
Identifying Customers
in the Digital EraiSignthis Ltd (ASX:ISX)
September 6th 2016, Card & Payments Conference.
Presented by
Chris MuirChief Legal Officer, iSignthis Ltd (ASX:ISX)
What is identity?
Page 2
The Oxford dictionary defines identity as;
The characteristics determining who or what a person or thing is.
Stanford states that;
“identity” refers to either (a) a social category, defined by membership rules and (alleged) characteristic attributes or expected behaviors, or (b) socially distinguishing features that a person takes a special pride in or views as unchangeable but socially consequential (or (a) and (b) at once).
Why do we care?
Page 3
So you can be sure you
will get paid .
Because you can use card
payments to help with
identification purposes such
as Know Your Customer
checks to meet AML/CFT
regulations.
The card payment cycle
Page 4
Customers Merchant Payment
GatewayProcesso
r
Card
Network
IssuerCard
Network
AcquirerMerchantCustomer
The use and misuse of cards
Page 5
The card landscape
Page 6
126.1
59.7
29
7.32.8 2.2
0
20
40
60
80
100
120
140
Purchase Transactions on Global Cards in 2015 (Bil.)
Visa
MasterCard
UnionPay
Amex
JCB
Diners/Discover
56%
26%
13%
5%
Market Share
Visa
MasterCard
UnionPay
the rest
• 9.5Bn cards on issue, globally
• According to Nilson, 3.5Bn are unique
• McKinsey estimates that 51% of the world’s population is
“banked” – corresponding also to ~3.5Bn persons.
Why Are Cards Useful For Identity Purposes?
Features of payment cards
Page 8
1. The card number and CVV combinations are unique.
2. Payment cards have their own secure network.
3. They are widely adopted and have established rules.
4. People and the banks make an effort to protect their banking details.
5. Payment by card is not anonymous or isolated.
Features of online purchases
Page 9
• They involve at least two, and increasingly three independent networks:
• Online purchases are a rich source of data and meta data.
• Card holder name
• Bank and country of card
• Card type
• Multiple sources of customer location
• Secure payment network
• Internet network
• Cellular network
Identity To Make Sure You Get Paid
Making the card present environment secure
Page
11
SignatureSignature
&
Photo
Tap & GoChip & Pin
How the EU is approaching e-commerce
Page 12
• PSD2 : Article 97 (2) – Strong Customer Authentication:
With regard to the initiation of electronic payment transactions as referred to in point (b) of paragraph 1,
Member States shall ensure that, for electronic remote payment transactions, payment service providers
apply strong customer authentication that includes elements which dynamically link the transaction to a
specific amount and a specific payee.
Article 98 then refers to the EBA’s “Security of Internet Payments” (SecuRE Pay) for cards and wallets.
SecuRE Pay requires:
- identification of the payee (KYC) per s6
- linking the payment instrument to the KYC per s6/7
- linking the KYC + payment instrument to two factor authentication (2FA) per s7
- 2FA comprising one dynamic element or biometrics.
The Payment Service Directive 2 & SecuRE Pay
Page
13
• SecuRePAY
• PSD2
o Both of these are technology neutral
o They are business case neutral
o Some overlapping requirements between SecuREPay and PSD2
o They introduce friction
o Converged technology and user experience is optimal – but does it exist?
o How the EU is approaching e-commerce
The Visa and MasterCard Rules
Page 14
• Cards are susceptible to chargebacks, and need to be included in the business case for operators.
• The Rules generally the EU rules, and provide a “liability shift” regime from merchant back to issuer when
Strong Customer Authentication is used.
• Latest Visa and MasterCard global operating rules also provide a means for chargeback reversal.
• NONE of the above relies upon 3DSecure (VbV/SecureCode/SafeKey etc), but industry incorrectly
assumes they MUST use 3DSecure (as it is incumbent).
• Both Visa and MasterCard allow for technological and business neutral solutions.
• iSignthis provides such an alternative to 3DSecure… under PSD2 and the Visa/MC global operating rules.
Paydentity
Page 15
Identity For Its Own Purpose
What is identity?
Page
17
The Oxford dictionary defines identity as;
The characteristics determining who or what a person or thing is.
Stanford states that;
“identity” refers to either (a) a social category, defined by membership rules and (alleged) characteristic attributes or expected behaviors, or (b) socially distinguishing features that a person takes a special pride in or views as unchangeable but socially consequential (or (a) and (b) at once).
The EU Approach to Establishing Identity
Page 18
• 4AMLD : Article 13 (1) – Customer due diligence measures shall comprise:
(a) identifying the customer and verifying the customer's identity on the basis of documents, data or
information obtained from a reliable and independent source*;
(d) conducting ongoing monitoring of the business relationship including scrutiny of transactions
undertaken throughout the course of that relationship to ensure that the transactions being conducted are
consistent with the obliged entity's knowledge of the customer, the business and risk profile, including where
necessary the source of funds and ensuring that the documents, data or information held are kept up-
to-date.
*excludes ‘self verification’ per ESA ‘Risk Factors’ Guidance.
“Bank Account Verification” (Global)
There are only four legally compliant ways to perform a Know Your Customer (KYC) check. Don’t
get left behind with last century’s solution.
Establishing Identity
Page 19
49%
42%
9%
World Population : Banked / Unbanked / CRA Data
Unbanked Banked CRA Database
What’s the Coverage of these methods?
Page 20
• 49% of the world is not banked * McKinsey
• Corresponding Low ARPU
• Manual processing with no
digital/electronic solution
• 51% of the world is banked *McKinsey
• 9.6Bn Credit/Debit Cards on Issue *Nilsen
• 51% Banked includes 9% CRA Database
coverage
• Corresponding High ARPU
Unbanked – 49%
Unique competitive advantage area.
Currently served by manual processes. No
CRA databases.
Traditional CRA’s and KYC databrokers
compete for limited market size.
CRA Database ~9% coverage
Banked – 51% coverage
Creative ways to identify customers
Page
21
• Biometrics
• Selfies
• Video calls
• Document uploads
• ‘trusted’ source accessing your bank details
Paydentity Verified
Page 22
iSignthis Ltd (ASX : ISX) – What do we do?
Page 23
iSignthis automates AML/CTF KYC & transaction monitoring via its payments and identity
processing platform for traditional and non traditional businesses including:
Australia’s only ASX listed RegTech, with payment processing capability.
• Financial Institutions,
• banks, lending, crowdfunding, pension funds,
• securities / equities,
• FX, CFD, binaries, and futures traders,
• gaming, wagering, betting, casino’s,
• money services businesses,
• payment service providers,
• insurance providers,
• real estate,
• digital currency platforms,
• eWallets,
• FinTech and
• other AML/Patriot Obligated businesses
iSignthis Service Availability
Page 19
• Multiple vendors
• Different vendor mix in each country
• Information fragmentation
• Compliance challenges
• Manual processes, with ‘follow the sun’ localised team normally required.
• High costs
• Long processing delays with complex customer onboarding processes
• High customer abandonment
Existing solutions: a fragmented process iSignthis solutions
Product Strategy
Page 16
iSignthis Ltd (ASX : ISX) – Global, Scaleable Cloud Based Service
• Payment gateway
• Card vault
• Anti Fraud Engine
• Strong Customer
Authentication
• KYCaas (compliance)
• Transaction monitoring
analytics (risk)
• Virtual card issuer
(Q4 2016)
• Card acquiring
Page 26
RegTechFinTech Financial Services