When the internet went mainstream in the mid-90s, it had a ripple effect on countless businesses.
As consumers spent more time online, many businesses realized that there was an immense opportunity to grow their customer base without worrying about geographical constraints.
But for businesses subject to anti-money laundering (AML) and Know Your Customer (KYC) regulations, this posed a challenge: How could they transition their KYC processes — at that time traditionally completed in person or with physical copies of documents — to the internet age?
In most cases, the answer was to create an online account opening process that included a KYC process that users could complete remotely using their computer. The businesses that got this right were able to successfully weather the transition to the internet age while enjoying greater customer satisfaction, greater conversions, and greater profitability.
Today, businesses around the world are experiencing a similar transition, powered by the widespread adoption of smartphones and mobile internet that started in the early 2010s. While many businesses have already successfully made the transition to a mobile account opening process, many have not.
One of their biggest concerns? How to translate their desktop websites and signup processes over to mobile phones without losing the certainty that they know their users are who they say they are.
Below, we define mobile KYC, compare it against eKYC and in-person KYC, and take a look at how it impacts businesses operating in a range of different industries.
What is mobile KYC?
Mobile KYC is the process of verifying someone’s identity via a mobile device such as a smartphone. Generally speaking, mobile KYC occurs either through a business’s mobile application or through its website on a mobile internet browser.
In this way, it can be thought of as a subset of electronic KYC (eKYC), which encompasses any KYC processes that are completed digitally. While eKYC can refer to IDV that occurs on a mobile device or desktop device, mobile KYC only refers to IDV that occurs on mobile devices.
Mobile KYC can incorporate a range of different types of verification, including:
Government ID verification
KYC often involves the collection of an individual’s government-issued photo ID, such as a driver’s license or passport. When this is included as a part of mobile KYC, the user is typically asked to use the camera on their device to capture a photo of both sides of the ID. The ID then undergoes verification to ensure that it is not a forgery.
- Mobile driver’s licenses: In some states, drivers are allowed to store a digital version of their driver’s license in electronic wallets on their mobile phone. Where available, mobile driver’s licenses (mDLs) can be accepted in place of photos of a physical ID.
- e-Passports: All modern passports issued by the US (and many countries around the world) include an NFC chip in their cover, which contains information about the passport holder. By scanning this NFC chip as a part of the passport verification process, you can reduce the likelihood of passport fraud (especially compared to simply accepting a photo of the passport). Most mobile devices in use today are capable of reading NFC chips, while few desktop devices are capable of doing so, so this form of verification is unique to mobile devices.
Document verification involves the collection of various documents that can be used to verify specific pieces of information provided by the user. Which documents are collected will of course depend on the information organizations need to verify their users. Some examples include a utility bill or piece of mail (for proof of address) or a bank statement or pay stub (for proof of income).
Database verification simply involves cross-checking information provided by the user against information stored in authoritative databases. For example, a business might collect a user’s driver’s license and then cross-check that data against the issuing database (AAMVA) that contains DMV information. The goal is to identify incorrect information that may indicate fraud.
Selfie verification involves requiring the user to capture and submit a selfie (or series of selfies). These selfies are then compared against the image in the user’s photo ID or a previously-captured selfie to ensure that there is an adequate match and that the ID hasn’t simply been stolen.
Passive and device signals
When a user goes through the eKYC process, it’s possible to collect a variety of passive signals. This includes information such as the user’s IP address, geolocation data, device fingerprint, the use of a VPN to hide location, and more. This information can be used to identify instances of fraud — such as when a user’s geolocation data indicates they are in a country at high risk of financial crime, or when their IP address is drastically different from the address they provided (or where the bulk of their activity has occurred in the past).
What industries does mobile KYC impact?
Businesses operating in any industry subject to KYC rules and regulations can potentially embrace mobile KYC. Likewise, many businesses not subject to these regulations may choose to implement mobile KYC processes to convert more users, easily stay on top of shifting fraud tactics and compliance regulations, and more.
Below is a quick look at how mobile KYC influences some of these industries.
Mobile KYC in banking
Banks and other financial institutions (lenders, insurers, brokers, etc.) are required by law to implement thorough and effective KYC practices in order to reduce the risk of money being laundered through their businesses.
At the same time, mobile banking is becoming increasingly common and popular with Americans. Roughly two-thirds of Americans reported using mobile banking services in 2022, with adoption trends strongest for younger consumers like millennials. A full 35% of Americans claim mobile banking to be their primary method of banking, making it the primary method ahead of online banking, in-person banking, and other methods.
These factors have made it increasingly important for banks to offer a mobile banking experience — and with it, mobile KYC — in order to stay competitive and in line with customer expectations.
Mobile KYC in e-commerce
Certain e-commerce businesses are required by law to perform KYC. This includes businesses dealing in age-restricted commerce, such as those that sell and/or deliver alcohol, tobacco, pharmaceuticals, marijuana, and other regulated goods. But even many unregulated businesses that are not required by law to perform KYC often do, as doing so can offer a number of benefits including increased trust and decreased risk of various types of fraud (such as marketplace fraud).
According to a report conducted by Business of Apps, mobile e-commerce generated revenue worth approximately $3.56 trillion globally in 2021. While that number is impressive in and of itself, even more impressive is the fact that that figure accounts for more than half of all e-commerce sales.
As more e-commerce businesses move to the world of mobile, mobile KYC solutions have become increasingly important for most e-commerce brands.
Mobile KYC in crypto
As of 2019, cryptocurrency exchanges have been classified by FinCEN and other regulators as financial institutions under the Bank Secrecy Act, subjecting them to the law’s AML and KYC requirements. In subsequent years, they have been forced to meet compliance standards, or else face significant fines and legal ramifications.
The most popular cryptocurrency exchanges, in terms of both active users as well as in terms of revenue, allow users to access accounts via mobile devices — whether through mobile apps or mobile browsers. In fact, many of these businesses are considered mobile-first, as the mobile experience is often prioritized over the desktop experience. This means that strong mobile KYC processes are essentially a requirement for businesses operating in the crypto space.
How do businesses benefit from mobile KYC?
Businesses benefit from implementing mobile KYC processes because it offers them another opportunity to meet their users and customers where they are.
As consumers spend more of their time on mobile devices like smartphones, they increasingly expect to be able to complete a variety of activities on these devices without needing to transfer to a desktop device. This includes opening their account, verifying their identity, signing in, and accessing the tools, features, and solutions you offer.
Beyond this, mobile KYC empowers you to leverage verification techniques and technologies that are not typically supported by or optimized for desktop verification, such as selfie verification, mDL verification, NFC verification, and more.
Here at Persona, we know how important it is for businesses to be able to meet their customers and users wherever they are — whether they’re on a desktop computer or a mobile device.
That’s why we have designed our Verifications solution to be leveraged seamlessly across device types. Our Native Mobile SDK integrates with both Android and iOS, and supports verifications and theming out of the box. The result is a verification flow that feels like it is a part of your business’s app, instead of an afterthought or integration. Best of all, the integration takes just a few lines of code.