Blog article
See all stories »

ePassports, the panacea for financial services’ digital identity verification pain?

Looking ahead, it’s highly likely that once the exit of the UK from the EU occurs, additional hurdles to seamlessly onboarding new customers or authenticating existing ones will create greater challenges.

With at least 3 million EU citizens currently living in the UK and over 1.2 million Britons residing across Europe, banks have crucial decisions to make about how they want to interact with their customers in today’s fast paced, rapidly evolving, digital world. Furthermore, if the UK wants to retain the crown as the world’s banking and finance’s center, time is now for financial institutions in the country to get ready for the imminent materialization of Brexit. 

To date, the main drivers for financial services providers for digitizing identity verification processes are consumers' digital preferences, regulatory requirements, and the potential benefits to be gained in terms of returns on investment and cost savings.

As the actual Brexit gets closer, we are noticing that that the way people identify themselves and institutions and regulators decide what documents and other factors of identity verification are acceptable is the subject of much conversation. In this regard, the Financial Conduct Authority recognizes in its Access to Financial Services in the UK report that there is a growing interest in the application of new technology to help overcome some of the access problems that consumers face verifying their identity.

Key market regulators such as the JMLSG encourage proving identity based on documents

Aware of this urge to de-risk convenience, the JMLSG guidance favors the option of proving identity based on documents, permitting banks to rely on a single government-issued document which includes the customer’s full name and photograph and either their residential address or their date of birth (JMLSG, 2014; Part 1, 5.3.63).

According to recent data published by the British Office of National Statistics (ONS), of those ‘long-term immigrants’ censed in the UK in 2015, 43% came from EU countries, another 44% are from non-EU countries, and the reminding 13% are British citizens who were living abroad. Given their international travelling, most of them carry passports and use them as their root identity document of choice. 

In this regard, our experience is that those banks with international customers or operating within global markets tend to rely on passports to satisfy the JMLSG criteria for identity verification.  More so, the ePassports or electronic passports, also known as biometric passports, combine their dominance (according to ICAO, out of 900 million passports issued, 730 are ePassports) with high levels of functionality and security. In their predictions for 2017, NXP summed up the rise of the epassport: “Answering the demand for leaner administration and stronger security, the ePassport is evolving from just being a travel document to being a government-issued root credential for other applications, including a virtual mobile identity.”

Financial Institutions need to address their new responsibilities as the ‘de-facto’ gatekeepers of trustworthy and compliant identity verification

Having a bank account shows that we have had our identity checked and verified by a regulated financial institution, by the time it shifts the responsibility to financial institutions of assuring a reliable, trustworthy and compliant identity verification process has been implemented. This shift towards completely digital customer journeys happens at a time when identity fraud rates in the UK are increasing substantially. In December 2015, detected fraud rates for current account applications stood at 156 in every 10,000 applications, up from 73 in every 10,000 applications in January 2015, highlights the FCA. In such an scenario, finding a solution that balances the institution’s needs to mitigate fraud risk and comply with stringent AML and KYC with the customer’s demands for speed, security and convenience has become the number one priority for financial services providers in the UK.

Now that the European Commission Fourth Anti-Money Laundering Directive (4AMLD) accepts that electronic means of ID verification are as valid and trustworthy as in-person methods, tables are turning into the financial services’ favor. The FCA has stated that banks must maintain high standards for identity verification of new customers and that if they adopt digital identity services to undertake verification, these also must meet stringent governance standards.  

Regulators’ willingness to use digital channels to resolve the risk-convenience dilemma makes electronic passports even more relevant as secure means of digital identity proofing. To use them for digital identity verification they must be unlocked and read with technology such as NFC, which allows the ePassport chip to be securely scanned for data extraction and comparison (for example, we are seeing a great deal of interest in the way the photo contained in the chip can be compared against that printed on the passport itself for higher levels of assurance and accuracy.) 

Transformation is not without its challenges, but banks should make the most out of the regulators’ positive attitude towards digitalizing KYC and capitalize on the opportunities available to engage with their ‘digital-first’ customers.  A seamless mobile user experience and strong and secure identity proofing based on documents such as passports are not mutually exclusive. In fact, they can be achieved at once by providing end-to-end digital journeys that allow consumers to verify their identity and prove they are who they say they are without disruption, within the digital channels.




Comments: (1)

Barbara Matthews
Barbara Matthews - BCMstrategy, Inc. - Alexandria, Va 23 May, 2017, 14:12Be the first to give this comment the thumbs up 0 likes

Banks have indeed become "de facto gatekeepers" for the financial system.  Your analysis has deep implications for FinTech companies seeking to provide services to those gatekeepers.  One key question is whether the third party vendors will end up regulated as if they were banks.

In the United States, any updates to the OCC's third party vendor rules will be closely watched for signs of tacit sandbox initiatives and/or extensions of the regulatory perimeter. 

Blog group founder

Member since




More from member

This post is from a series of posts in the group:

Digital Banking Trends

Digital Banking trends and Industry Intelligence for Bankers, Fintechs, and Solutions Providers

See all