Are digital banks in the Philippines ready to rise to the fraud challenge?

By Frederic Ho, Vice President of APAC, Jumio Corp.

Six digital banking licenses have already been granted in the Philippines as part of the ongoing revolution in financial services.

Digital banking is well-poised to play a key role in serving the needs of the large unbanked population in the Philippines, especially considering one of the biggest hindrances to reaching these communities is the inaccessibility of physical bank branches.

This development also presents its own set of challenges, however. The digital banking landscape in the country has evolved to become increasingly competitive, with traditional banks quickly turning to digital solutions to transform and effectively streamline processes, manage costs, and achieve operational efficiency.

Leveraging technology to encourage digital banking adoption in PH
Making the PhilSys digital identity system work for both citizens and businesses

At the same time, fraud levels in the Philippines continue to rise amid the pandemic. To make matters worse, 4 out of 5 Asia Pacific banks say the introduction of real-time payments platforms has resulted in increased fraud losses. With the country being home to a growing number of daily transactions, an increasingly digitalized banking landscape is no doubt also well-suited for criminals to perform fraudulent transactions.

The shift to digital, then, presents a dilemma to banks — providing convenience and efficiency for them and their customers, while also exposing their business to more fraud risks.

How so, can digital banking players in the Philippines hone the benefits of digitalization to ensure that it helps (rather than hinders) the banking experience?

Strategy is key

With the right strategy, financial institutions can design a workflow that benefits both the customer and the organization — while minimizing costs and security risks.

In a rapidly transforming banking landscape, it is imperative that all banks in the Philippines evaluate their strategy and pick the right technologies carefully to remain ahead of their criminal adversaries and set themselves apart from other players.

In this regard, it’s important to understand that technology cannot simply be “shoehorned” in. Yet, we see this across many organizations and sectors — where new features and costs precede the real needs of customers and business processes. It is crucial for banks — both digital and virtual — to not fall into this trap, as there can be many security ramifications for their choices.

For instance, banks have long looked toward eKYC (electronic Know-Your-Customer) technologies to streamline digital banking processes and ensure compliance with regulations. These technologies work to verify a customer’s identity through official documents such as passports and IDs to ensure the person is who they say they are.

While more financial institutions are leveraging biometrics verification — such as selfie-based and fingerprint-based biometrics — these, too, may have their own inherent security risks and vulnerabilities. An example of this has already occurred in Asia, where a government-run facial recognition system was used by tax fraudsters to fake tax invoices. Fingerprint fraud, too, has become a worrying problem as bad actors have been able to create rubber clones of fingerprints to fool payment systems in India. These compromised solutions may then become platforms that users actively avoid, as they do not provide adequate security needed for customers to transact with peace of mind.

In a bid to circumvent these issues, while complying with the various regulations and compliance requirements, many financial institutions often make short-sighted business decisions based on the cost of any new technologies used. While this is done in hopes of minimising overall expenses, this strategy often incurs hidden costs. For instance, deploying separate and unlinked technology solutions (e.g.: optical character recognition for data extraction from ID documents, facial recognition for identity proofing, among others) results in slow, onerous, and inaccurate verification processes that are unable to definitively assess the digital identity of an online user or assess whether they’re physically present.

The impact of these inaccuracies are immense. They require layers of manual reviews that are performed by specialised, in-house teams — resulting in higher overhead costs and customer loss due to longer processing time.

That said, the adoption of any new solution will surely come with its fair share of risks. But, the onus is on the businesses to pick the right ones. For instance, many identity verification providers are now offering liveness detection — a feature that enables companies to determine the user’s physical presence behind an app. These technologies have sent fraud levels plummeting, as most fraudsters often abandon the process as soon as they learn that they are required to take a live selfie.

But even then, not all liveness detection methods are the same. Legacy liveness detection techniques rely on users making visual movements such as blinking, smiling, turning, or nodding, which can be spoofed easily with deepfakes. Newer methods, however, are rigorously tested to ensure that they can foil advanced spoofing attempts (including realistic 3D masks or deepfakes). For hackers to be able to sneak these solutions, it would require an unimaginable amount of investment into bleeding-edge technologies, such as look-alike 3D animatronic puppets that could somehow exhibit lifelike gestures and natural reactions to the environment. Even if the investment is made, advanced liveness solutions are always evolving, and may still be able to detect small differences.

The cost of friction

In their rush to make technology systems more secure, financial players are also at risk of overlooking ease of use for consumers. While users are indeed demanding higher security, they are also unwilling to compromise on convenience. Tedious admin processes that slow transactions are, after all, one of the main reasons banks lose customers.

Moreover, these users are typically not shy to make their frustrations known publicly — via app store reviews — when they are not able to navigate or effectively open and maintain an account. This risks damaging the company’s brand reputation and turns prospects away from their services altogether.

Ultimately, digital banking should simplify the lives of users. If they complicate the banking experience, then going digital is barely worth the effort.

The good news is that robust security doesn’t necessarily mean something that’s laborious or restrictive. The better long-term solution is to partner with a seasoned solution provider that has the expertise and technologies to deliver and refine an all-digital experience.

For instance, banks can unlock a full suite of online identity verification solutions that leverage liveness detection, artificial intelligence (AI), computer vision, biometrics, automated watchlists, and any necessary manual reviews by partnering with an integrated eKYC provider. Such a system enables seamless orchestration between these separate components to deliver faster and more reliable ways for verifying remote users, detecting online fraud, and simplifying regulatory compliance.

Most importantly, as these solutions don’t require any additional steps from the end-user, they pave the way for a smooth onboarding process and a frictionless customer experience.

While balancing simplicity and reliability is a task that’s easier said than done, organizations don’t have to tread into the unknown to make that happen. We already have solutions that can cater to these specific needs so as to achieve a user experience that is seamless, intuitive, fast, and secure.

All that remains, is for them to take the next step.

Jumio is an online mobile payments and identity verification company that provides card and ID scanning and validation products for mobile and web transactions. Jumio has verified more than 400 million identities issued by over 200 countries and territories from the real-time web and mobile transactions. Jumio’s solutions are used by leading companies in the financial services, sharing economy, digital currency, retail, travel, and online gaming sectors. Based in Palo Alto, Jumio operates globally with offices in North America, Latin America, Europe, and the Asia Pacific.