Note: This Insight Piece is a joint piece written by Narmi and Alloy
Collecting and validating identity documents during digital account opening, such as driver’s licenses and passports, has significant upside in fraud prevention but also serious user experience downsides. Further, this fraud prevention vs. user experience tradeoff is different on web browser vs. native (“downloaded”) mobile apps on iOS and Android.
The decision to collect or not collect ID documents is as much a compliance question as a fraud prevention question. All financial institutions are required to maintain a “Customer Identification Program” (CIP) that outlines how they verify their prospective customers. While Narmi is not a compliance team and cannot make this decision on for financial institutions, the FFIEC Online BSA Manual is a great resource for understanding how to construct a CIP program.
There are two types of verification a financial institution can employ to verify the “minimum” information the customer is required to provide:
- Document verification: the customer provides documents (government IDs, utility bills, etc) to verify the information they have provided
- Non-document verification: financial institutions verify the information the customer provides via reputable third party data sources (credit bureaus, public records providers, phone carriers, etc.)
In Narmi’s experience, financial institutions may likely conclude that is both acceptable and advantageous for both risk and user experience reasons to focus on “non-document” verification for most or all prospective customers. If this is the case, collecting and verifying documents is necessary only for edge-case remediation or manual reviews (where non-document verification does not fully verify the identity of the applicant).
When account opening providers show demonstrations of automated document collection and verification, in almost every case these demos are on “native” or “downloaded” mobile applications from the iOS or Android app stores. These demos look smooth and simple because on “native” applications, you will be able to:
- Automatically open the high-resolution camera on a user’s device
- Guide the user to line up their ID and automatically snap a clear picture of the ID when the ID is in the frame
- Tell the user in real-time whether the image was sufficiently clear, and if it was not, guide them to re-take it
Unfortunately, none of this is reliably possible on web browsers (Chrome, Safari, Firefox, etc) that customers actually use to open accounts. The exception is that if you have natively built in-application account opening.
Therefore, the experience on web browsers is less than ideal:
- Have the user open the camera on their mobile device
- Hope the user takes a good picture of the front and back of their ID
- Have the user successfully upload that image on your web page for account opening
- Tell the user whether the images were sufficiently clear, if not which image was not clear and why
- Have the user re-upload better images
- Keep repeating until the user abandons the application or successfully uploads a clear picture
All of this is a huge challenge, and it requires meticulous attention to detail on the front end of your web account opening form to get into even a “passable” state.
Requiring ID document collection on web based account opening experiences increases applicant drop-off by a significant amount (contact us for statistics). Attempting to automatically verify these documents can increase drop-off even further if not implemented perfectly. The additional lift in fraud prevention, if already using a robust set of non-document verification data sources, is also negligible.