During the last two years, we’ve been actively discussing this crucial subject with our clients operating in online lending and microcredit spaces. Our objective was to understand how we could help them reduce drastically the number of default rates they encounter on their websites. The main keyword here? Process. And no, this is not a scary word - it’s just the most efficient way of dealing with user verification in your company.
Combating efficiently fraud on online services means creating a systemic, dedicated process, that will impact a large part of your organization. But with good tools and advice, it’s not an impossible thing to do. With the right approach, it can even be designed and implemented in a few days. Ready to start? Just follow the guide!
What a bad anti-fraud process looks like
Want to understand what should be avoided at all costs? Here’s an example for you. This is what one of our clients used to ask its users to do whenever they were asking for credit on their website. Before implementing Mati, their customers had to:
- Go on the website and fill up +30 form fields with their personal information;
- Send an email with official ID and passport attached to a dedicated email address;
- Wait for a phone call where they had to repeat another time all the personal information they just gave online;
- Exchange by email with an operator to make sure they had opened a dedicated bank account, and give (again) to the operator their personal information, just to make sure it was the same person.
You can see the problem here, right? First, people don’t have time for that! On the customer side, onboarding abandonment rates were indeed skyrocketing for this client. Second, it costs a lot - just in terms of salaries for human operators. And third? Well, this is the perfect recipe to create operational headaches.
What a good anti-fraud process should look like
- on the user’s side
Building a good onboarding process for your users means solving a dilemma your marketing & compliance teams are already aware of: how to get the maximum of information from your users without traumatizing them? How to avoid unnecessary friction that will discourage them, and make them look for another service less painful to register to?
A good, secure onboarding process should be:
- short: people should be able to submit their documents and prove their identity in less than a minute;
- simple: people need to understand what is required from them, how long it’s going to take, and not be confronted with multiple interlocutors;
- nice looking: your teams have spent hours optimizing and refining the design of your website, it would be quite ineffective if your onboarding interface was ruining all their efforts :/
What a good anti-fraud process should look like
- on your side
This is not a surprise, a good anti-fraud process always starts with one thing: user verification. This is what allows companies to reduce fraud by almost 90%. So you probably should start here too!
But before digging on how to design a good user verification feed, we need to be clear on something: dealing manually with user verification is a VERY BAD IDEA. It is not efficient, it takes ages, it doesn’t scale well, and errors or inattention mistakes will always happen. Plus, it costs a lot! According to a study realized by cloudtask, it can cost up to $259,955 per year if you build in house a team of 4 in the US. Obviously, it would be cheaper here in Mexico, and even more if you decide to outsource it. But still, nothing that can compete with the cost of automated checks.
So our first recommendation here is logically to opt for a fully automated user verification solution. But this is not the only thing you’re going to need. According to the best practices we’ve observed, this is how your anti-fraud process should be organized if you’re operating a lending company:
1. Gathering data from your users directly on your website
Forget about asking people to come to your stores or offices - no one has the time for that. It’s about time to digitalize those processes, and good news, tools exist! Some solutions will allow you to integrate directly into your onboarding process all the verifications you need to make each time a user asks for a loan. Keep in mind that the tool you choose must be :
- Easily customizable, so you can ask for different types of documents, according to your needs / the countries you’re operating in - IDs, bank account certification, etc.
- Fully automated, to reduce delays of verification and errors - meaning that the solution must be able to read and extract data from thousands of different documents;
- Efficient: make sure your tool is powerful enough to detect fraud intents, so you can build a secure onboarding process;
- Nice to look and easy to use, to not penalize your brand & your conversion rates.
2. Analyzing this data and set up alerts
In the lending industry, fraud related to identity theft is a real burden, that hurt default rates more than anything. But good news for you: fraudsters’ techniques tend to be always the same, and there are numerous ways to detect them automatically before you grant someone shady a loan. The 4 types of fraud intents we see everyday at Mati?
- Facematch issues: users’ face in front of the camera doesn’t match with the photo on the official document they sent you;
- Liveness issues: when users are asked to upload a video of their face to make sure they are a real person, they don’t comply or just put a photo in front of their webcam;
- Document alteration: the data on an ID seems edited, watermarks are missing, etc.
- Document revision matching: the data on the official document doesn’t match with existing governmental databases.
With a fully automated user verification platform, this step would be transparent for you. You would only receive an alert if something looks wrong with a user. At Mati, we’re able to detect all those alleged frauds intents (and much more!), and to send you an alert straight away so you can proceed to other checks or directly ban the fraudster 👮♂.
3. Integrating other checks
If you’re running a lending company, you’re well aware that an ID is not the only thing you need to grant a loan to someone. Here are the 3 types of integrations and cross-checks our clients in the lending industry generally perform at that moment:
- Contact information: email, phone number, IP address, DNS…To make sure the person is not stealing someone identity;
- White and blacklists checks: are your users part of the Politically Exposed Person list here in Mexico? Do they appear on Interpol listing or other lists recognized by the Mexican government? Does the information they gave you matches with national databases run by the authorities? Would be nice to know, wouldn’t it?
- Credit score checks: of course, but did you know that you’ll be able to perform those checks directly in the Mati platform?
4. Treating alerts and conduct due diligence processes
The majority of our clients have set up their own rules in terms of alerts within Mati. But they all have one in common: fraud intents! Every time someone submits an altered document, or doesn’t exist in national databases, or doesn’t match in person with the photo on the ID that was submitted, they receive an alert, and automatically puts those users on hold. With no manual checks to conduct, their teams of operators can now focus on making good decisions and conducting due diligence processes if needed.
The result for our clients, across all industries.? On average, they succeeded in cutting out by 90% detected frauds on their website. This is both the results of well built internal processes, and of using Mati. You want to start optimizing your fraud detection processes? Well, we can help you with that :) Let’s talk!