Is it safe to rely only on KYC?

With digitalization on the rise, is it really safe to rely solely on the KYC process?

As digitalization increases, more companies are looking to make the account and/or service opening process easier for their customers.

To achieve this goal, companies need to know the customer applying for their services. This requires a process that captures the user's image, digitizes their document, and obtains their information. This process is known as KYC. KYC ("Know Your Customer") is an essential process that financial institutions and other entities use to identify and verify the identity of their clients. This practice involves two essential steps: taking a picture of the user's face (selfie) and a picture of their official ID. Subsequently, these photographs are compared, and if the faces on the ID and the selfie match, the user is validated.

‍

What happens if the information contained in the ID does not correspond to the applicant's face? In other words, if the ID information belongs to someone else but the face matches the selfie (identity theft occurs), it is very likely that the KYC provider will accept this identity as valid. In addition to this reason, we will analyze others why relying solely on KYC protection may not be enough to stop fraud:

‍

It is very easy and cheap to buy a fake ID: These IDs can be convincing enough to pass basic KYC checks. They start at 10 Mexican pesos (~50c USD) and can be obtained on Facebook pages or in markets.

Fraud cases are not always prosecuted: Often, identity fraud is not prosecuted with the required diligence, creating a favorable environment for fraudsters to act and continue defrauding many companies.

Companies lack collaboration to stop fraud: Without a joint approach and the sharing of information about potential fraud, companies work in isolation, which can facilitate fraudsters' actions. If a fraudster attacked one company, they are very likely to continue defrauding others with a fake ID. It is very important to collaborate to stop fraud.

Documents are very easy to forge: With technological advances, forging identity documents with high precision has become more accessible, complicating the task of traditional KYC and creating an easy environment for fraudsters.

There is a lack of a central identity verification system: Although the INE (National Electoral Institute) made its user identification system available to companies a couple of years ago, adoption has been very low.

‍

So, are your customers really who they say they are? Does the information contained in their ID really belong to that individual?

All of the above means that identity fraud in Mexico is a business for fraudsters, who work in an organized manner to continue attacking companies with capital at risk (insurers, fintechs, lenders, etc.). If we put together how easy it is to obtain a fake ID and how easy it is to bypass KYC systems, we can conclude that companies are in great danger when it comes to validating their customers. This is very concerning from many angles, because it generates problems that affect us all:

‍

• When an impersonator steals an individual's identity and acquires a debt, the credit-granting company and the victim of impersonation end up "paying the price".
• To assume the risks involved in lending in Mexico, companies increase their interest rates.
• These rates generate debt for other buyers of credit products (i.e., for the other customers of these companies).
• Higher rates mean more problems repaying the debt.
• More problems in debt repayment mean a more fragile economy.

‍

In conclusion, the KYC process has long been a centerpiece in efforts to protect the financial system and institutions from potential threats and fraud. Its relevance in the field of customer identity verification is undeniable. However, in today's dynamic and technologically advanced environment, relying solely on KYC is like putting a simple lock on a door while there are thieves equipped with sophisticated tools.

‍

The growing skill of fraudsters, combined with easy access to tools and resources to commit fraud, highlights the need for a more robust defense. Institutions that limit themselves only to KYC could quickly find themselves falling behind, vulnerable to increasingly sophisticated threats.

‍

Therefore, it is essential for companies and financial institutions to adopt a holistic and collaborative approach in their fight against fraud. This approach should include advanced technologies, inter-institutional collaboration, and a mindset of constant improvement. Solutions like those proposed by Unico, which combine collective intelligence, artificial intelligence, and big data, represent the next step in the evolution of financial security.