Should Telcos Verify Customers Using Their Banking Identity?

By Kevin Trapp
Risk, Fraud & Security

The telecommunications industry is not alone in fighting threats on several fronts. Might telcos learn from how banks and lending businesses verify customers using techniques additional to the standard checks of Credit Reference Agencies (CRAs)?

The financial services industry has always been self-reliant when it comes to trust, with banks historically trusting other banks for the integrity of the information they provide each other. One of the earliest and best examples of online identity verification took place in Scandinavia, where the governments and banks of Norway and Sweden pioneered the leading bank verification scheme, BankID, in 2003.

So what is bank verification? It lets consumers share their bank verified identity and if required, to share their certified bank statements online. The premise is that the bank holding the online account has been licensed and authorised by their specific Financial Conduct Authority, and so has already determined the identity of their customer to a high level. This allows the grandfathering of this detail over to the new transaction without the friction of gathering it all again. Identity in this respect remains constant. It is facilitated by letting the applicant log directly and securely into their bank account from another trusted website.

Bank verification leverages existing standard account aggregation practices that have been around for the last 17 years. This is a process by which consumers use their bank credentials to share the financial data direct and untampered with from their bank to a third party. This is a consent based approach in which the consumer is explicitly granting access to their financial data. This means that the consumer has authorised access to their online financial data to an agreed level using their bank login credentials.

Why would telecoms businesses use bank verified identity?

  • CRA data and the telco’s own proprietorial databases have a lack of depth in some areas. Connecting directly to the bank gives a significant opportunity to capture business which cannot otherwise be properly risked.

  • CRA data is historic and aggregated. It matches a set of data supplied to a set of data held on file and often self-asserted. Onboarding a customer by leveraging a very personal and confidential piece of information – the customer’s password – to sign on to their account allows best practice to be followed in online identity checking by using something known only to the true holder of the identity.

Bank verification relies on trust and consent because the consumer uses their internet banking username and password to initiate the secure verification. Businesses and consumers are increasingly trusting the verification process and this method. We find on average 80% of people offered online bank verification will choose that option.

The benefits of bank verified identity are extensive:

  • Identity Assurance. The capability is agnostic to business or personal accounts. In the former case the verification process not only provides an identity check not available elsewhere (75% of business are not on any CRA database) but also confirms the customer’s current financial position in granular detail.

  • Credit Risk. The financial information obtained is always up to date.

  • Onboarding. In lending an example of addressing the thin credit files from a bank with 50,000 such cases meant an uplift of around £20m in new business written to book, with a lifetime value of £750 per case.

  • Collections. Businesses like Deloitte use this solution to actively collect debt.

  • Compliance. The FCA have approved both the service and its use as a method of satisfying audit requirements for Know Your Customer and treating customers fairly.

More telcos are open to copying the best practices of the banking sector, not least because they are offering financial products like mobile money. As a consequence, there is a strong argument that telcos would benefit by emulating the way banks use online identity verification to mitigate their risks whilst increasing the amount of credit they can provide to reliable business and personal customers.

Kevin Trapp
Kevin Trapp
Kevin is the BDM for The ID Co., a company principally servicing the finance industry with a capability to embed identity verification tethered to their customers own bank log in details while also allowing consumers to share their bank statements directly. DirectID allows businesses to offer a single-use sign-on that leverages a user's bank credentials to prove their identity and verify transaction critical data. Businesses can eliminate fraud, replace more costly and time-intensive offline identity checks, verify income or other information to more quickly underwrite borrower applications, complete affordability testing, or process other high value transactions completely online.

Related Articles

Get Our Weekly Newsletter by Email

Articles copyright © the author, all else copyright © Revenue Protect Limited