Verifying the identity of customers and even employees has become more challenging over the last year because of the Covid-19 pandemic. What kind of challenges have companies faced?
The financial services sector is facing rapid change and unprecedented uncertainty. The Covid-19 pandemic, new security threats and rising consumer expectations are all challenges for the sector, Adam Desmond, of Mitek, told an audience of IT business leaders at a Business Reporter virtual roundtable.
The pandemic has accelerated change, particularly when it comes to online identity and verification, but obstacles still remain, most notably an increasing volume of attacks by cyber-criminals.
Accelerated digital processes
Several attendees agreed that the pandemic had compressed projects that were expected to take five years into just six months as businesses scrambled to cope with the shift to working from home and digital channels for customer communication. It was, as one delegate put it, “a kick in the digital backside”.
Areas such as payment verification, which had been a very physical process, needed to become completely digital very quickly. One delegate gave the example of the Polish government, which quickly legislated for a shift to NFC payment during the pandemic. The contactless technology was not an option for digital payments before the pandemic, but the Covid-driven adaptation also improved customer experience.
When it comes to onboarding and verifying new customers, this too had to become a much more digital process. Initially, said one attendee, third parties were unwilling to accept digitally signed documents. Many in the financial services sector were unsure whether these were even permitted under particular regulations. However, as the pandemic continued, the industry had to adapt, and most attendees said they were now routinely using digital document signing.
Managing customer expectations
For a lot of businesses, managing this change was a challenge. One delegate said that 90 per cent of documents coming into his business were sent on paper, so there had to be a plan for digitising them. Another pointed out that his business had been very reliant on faxes – when staff started working from home, they suddenly had no way to send these.
In a way, the fax machine is an example of a legacy system that some parts of the sector have not managed to eliminate. But it is far from the only one. Some attendees said that legacy systems were their main obstacle to being able to communicate with customers the way they wanted to, and to offer the kind of personalised, omnichannel experience that they know customers demand.
While customers had initially been patient during the first wave of lockdowns, their expectations very quickly returned to the previous levels. This was particularly true as some companies shifted to digital channels with more success than others.
Some areas, such as anti-money laundering (AML) and know your customer (KYC) procedures, proved difficult to digitise entirely. Some attendees suggested that there should be a third party to handle these processes. As one delegate pointed out, if 10 institutions onboard the same customer, then the same AML and KYC processes are being carried out 10 times, which is a huge waste of effort.
Rising cyber-crime challenges
That said, the need for robust systems to stop criminals and other malicious actors became even clearer during the pandemic. Most attendees said they had seen an increase in cyber-attacks and phishing attempts during the pandemic. These attacks were not necessarily very sophisticated, but they increased significantly in volume, which stretched resources.
Phishing attacks in particular were particularly prevalent. One delegate said a colleague had been promoted and soon afterwards the finance department received an email asking for his salary to be paid to a new account. This kind of social engineering attacks, often using social media outlets such as LinkedIn, were identified as a key tactic for attackers.
Home working had made this more of a challenge too. People joining a company during the pandemic will often have been onboarded virtually and might not have met their colleagues in person at all. With very little personal contact, it can be hard to be sure that a person on a call is who they claim to be or whether the wording in an email is consistent with the supposed writer’s style.
For the new employees themselves, the reverse problem is the case. They don’t know what the norms are at their new company. They might not know, for example, that the CEO would never email them and ask them to transfer money to a third party.
Developing new ways of dealing with these challenges takes time, but most attendees agreed that the changes forced on them by the pandemic had been positive ones. Customers were generally pleased with digital communications channels and the accelerated progress would give them a strong foundation on which to build. However, the new world of identity means establishing trust in digital channels and this is an area where significant work remains to be done.
Learn more how companies in financial services fight fraud today from Mitek’s Fraud Trends and Tectonics report.