Q&A: How Socure is Tackling Digital Identity Verification and Fraud Prevention
As part of our effort to share news and insights from both inside ff Venture Capital and our broader network, we’re kicking off a series in which we’ll interview the founders and CEOs of our portfolio companies.
In this Q&A, we’re speaking with Sunil Madhu, the co-founder, CEO and President of Socure, to understand how he’s helping enterprises tackle the issue of identity verification and fraud prevention in an increasingly perilous digital environment.
Can you describe what Socure is and what the company does for those who might not be fluent in digital identity verification?
We’re a digital identity startup focusing on real-time online identification. Essentially, this means that we help businesses like financial institutions verify that their customers are who they say they are.
We do this by combining social biometrics and artificial intelligence technologies — like machine learning — with online, social, and offline data in real-time, so our clients can more easily accept good customers while reducing fraud and the cost of compliance.
Can you talk about the technology underpinning Socure?
We’ve patented the Socure Social Biometrics™ SaaS platform, which uses proprietary machine learning algorithms to analyze massive quantities of public and private data in real-time to help verify identities.
Our core solution, ID+, can be quickly and seamlessly integrated into business workflows via an API. A good use case for the ID+ technology is when, say, it’s called to verify the identity for customers opening a new account, or a lending or payment transaction.
In about 1.5 seconds or less, we can search, match, and resolve the customer’s identity from over 300 online, social, and offline data sources. ID+ also scores the risks associated with acceptance of the customer, fraud prevention, audit, and compliance.
How are you seeing financial institutions encourage customers to open accounts while also meeting rigorous Know Your Customer (KYC) and Anti-Money Laundering (AML) regulations?
We think financial institutions can improve top-line revenue by signing up more good customers in a compliant way. All too often this means adding friction in the path of the consumer. And with the next generation of young adults moving to a convenient, mobile-first banking world, there’s no margin for friction or inconvenience.
I think Socure is leading the way in changing the way organizations verify customer identities in this increasingly digital world. AML and KYC regulations require organizations to know as much as they can about their customer; these regulations vary depending on in-person vs. online customer interactions. For online verification, the mere validation of identities using basic information like name, address, date of birth, SSN or Driver License — which is mandated under current regulations — is insufficient because of the ease with which this information can be stolen or socially shared in our digital world.
Similarly, documents can be faked for in-person verification. Auditors use sources like LinkedIn and Facebook to verify the identities of “thin-file” customers — like millennials, people without bank accounts, and people in more than 180 countries who don’t have credit — who otherwise would likely not be accepted without manual review. We’ve automated this tedious processing by using machine learning, and coupled it with the analysis of additional online and offline data sources. This has resulted in greater coverage and wider resolutions for a global customer base that has become increasingly reliant on mobile and social usage.
The market has started to acknowledge the advantages of using offline data in combination with online and social data, and we’re seeing the widespread adoption of our approach growing quickly. Regulatory organizations such as the CFPB and the NY Attorney General have asked financial institutions to stop relying on credit alone in order to account for better financial inclusion of changing demographics. The AML and KYC regulators have also taken notice — so we see the compliance rules changing rapidly in our favor.
What are other key risk management issues that enterprises need to consider?
Enterprises should also look at reducing their total cost of ownership by replacing legacy solutions with more forward-looking, comprehensive innovations that take into account financial inclusion, an increasingly younger demographic, and mobile-oriented audience. This all ties back to reducing friction, as I mentioned earlier.
What security implications does the on-boarding of more and more millennial customers have for financial institutions?
Millennials are technologically savvy, as we all know. They prefer using mobile and digital applications for financial services over brick and mortar banking. The use of mobile security technology — like our multi-factor authentication platform — is mandated for this audience.
How and why are the top financial institutions taking a layered approach to customer decisioning?
There is no silver bullet when it comes to customer decision making. Financial institutions, who have the most stringent security and regulatory requirements, have a complex system of technologies that has been layered over time to deal with the changing regulatory and threat landscape.
This means that their customer decision making stacks are made up of a mix of technologies for security, governance, risk, and compliance. Included within these layers are technologies used in identity verification for security, during on-boarding, and throughout all transactions.
What’s your outlook on how the industry will evolve to reduce payment fraud in an increasingly digital world?
We think the new norm in fraud mitigation will include a mix of identity verification measures using social biometrics and multi-factor authentication. I also think that identity and payment tokenization — the process of substituting a sensitive data element with a non-sensitive equivalent, referred to as a token — will reduce the impact of data breaches.
As the types of payment devices change in the future (for instance, will our self-driving cars pay for our purchase at a drive-throughs?) new threats will emerge. At the same time, technology will evolve to use a combination of our connected devices and biometrics to better verify our payments and our identities.
