How to evaluate and choose a fintech identity verification solution
- Manage risk while complying with AML, KYC, KYB, and other regulations
- Control for the friction that identity verification can potentially introduce into your sign-up process, as friction might impact conversions — and thus your company’s growth
- Balance the first two priorities without putting undue strain on your overall operations
Your step-by-step plan for choosing an IDV solution
Download the guide most relevant for you
1. Set goals and create a prioritized checklist of needs
Setting your goals
- Reduction in fraud rates
- Increase in conversion rates
- Decrease in manual review time
- Decreased rate of false positives
- It’s important to consider whether you have existing data to compare results to or whether you’re gathering data and setting goals based on estimates. Earlier-stage fintech companies, for example, may not have a strong understanding of their fraud rates or false positives rate. They may also be more focused on onboarding new customers than preventing fraud or minimizing false positives. If you fall into this boat, rather than using these OKRs to evaluate your eventual vendor choice, you may want to consider these metrics numbers to simply monitor and begin to understand — and then set goals against them in the future.
- Fintech companies have a unique set of challenges in that minimizing fraud while maximizing conversion is almost always the ideal end state, but the balance between the two can ebb and flow as the company grows and changes. For example, if your company is targeted by fraud attacks for six months, conversion may begin to matter less as you fight the bad actors. When said fraud attacks subside, you may push again for conversion to make up for numbers lost during the attack.
Creating your checklist
Product features and vendor characteristics
Do you intend for it to be used to facilitate one, multiple, or all of the following processes below?
When you picture the ideal IDV solution for your business, what functionality and capabilities does it offer?
What specific verification methods does it need to support?
- What level of automation do you expect from the IDV solution?
- How flexible would your ideal solution be in terms of allowing you to segment users based on risk, fine-tune match requirements, etc.?
- How important is ease-of-use — both for your employees as well as your customers?
- How will you evaluate a solution’s privacy and security processes? What privacy laws and regulations does your business need to comply with? What certifications would be ideal for the IDV solution to have?
- Do you need social proof to make a final decision? If so, customer reviews, testimonials, and case studies can all help you evaluate the IDV solutions you are considering.
- Do they have expertise working with fintech companies and financial organizations?
- Do they have experience working with companies at the stage of development you’re in — whether you are a startup, scale-up, or established organization?
- Do they show respect for your time, needs, and preferences in their communication with you?
- Do they prioritize relationship management over “selling” their solution?
- Will they offer ongoing support post implementation?
- Have they demonstrated a track record of continuously adapting their product to meet evolving laws, regulations, and fraud techniques?
- Will they partner with your organization to help move broader business initiatives forward?
- What does your existing IDV solution do well?
- What features or functions does your current IDV solution offer that any replacement solution would also need to offer in order for you to consider it?
- What does your existing IDV solution do poorly?
- What weaknesses does your existing IDV solution have that a replacement would ideally address?
- How might switching to a new IDV solution allow you to provide additional value to your users, delighting them and fostering affinity for your brand?
- What business opportunities might become available by switching from your current IDV solution to a new one?
- If you could dream up your ideal IDV solution, what features or functionality would it offer?
- What potential threats (legal, regulatory, monetary, or otherwise) is your business exposed to due to its reliance on your existing IDV solution?
- How might a new IDV solution help you address these threats?
Downstream fraud considerations
- Was money directly involved in the fraud attack(s)? In other words, did someone withdraw money from an account that wasn’t theirs? Or were credit card accounts opened by the same individual and drawn down, resulting in direct losses to your business? If the answer is yes, what was the cost of the fraud attack(s)?
- Did your team need to drop the work they were doing to prevent and block the fraud attack — and stronghold the platform against future fraud attacks? If so, how much time and resources did this change of plans cost? What work was dropped, and how much did that loss of work cost your business?
- Was your brand tarnished in any way? Did your users or potential users lose trust in your organization due to this fraud attack?
2. Evaluate potential fintech IDV solutions
- Be sure to include input from your fraud and compliance teams as you design the test. Because these individuals will be working with the tool on a daily basis, they'll likely have unique insights you may not have considered otherwise.
- Include your existing IDV solution (if you have one) in the test as well. This will give you the opportunity to directly test how your current platform performs against your potential replacement — and help you justify a transition.
- Test each solution using the same dataset. This standardization will save you time and effort as you evaluate the performance of each tool. For example, you might compile a list of 200 IDs, alongside an answer key of which IDs should pass and which IDs should fail (as well as why they should fail), and use this list to test each solution.
will you be testing?
Testing which verification to use could also be valuable, but not during the proof of concept between vendors. Keep your variables to a minimum.
these verifications in the same way?
For example, some vendors may require a barcode scan of the back of the ID, in addition to a photo upload of the front of the ID when verifying a driver’s license, while other vendors may only require a photo upload of the front of the ID. These differences can impact conversion rates and accuracy during the test.
- Would this have performed better with a full integration?
- Are there configurations that could have been changed to catch certain bad actors?
- Consider whether one vendor was better at certain things, like fraud prevention, than the other.
- Is there room to use both vendors in your process, or are you hoping to use one vendor across the board?
- What will help you drive the most value for your business?
3. Select your vendor and plan your rollout strategy
Part of your selection process should be to consider what options your vendor has for rollout and how much support they provide. Does the vendor have a standardized rollout process that they’ve built and recommend based on their existing customers?
4. Test everything — both during and after the rollout
- As an organization, what is your approach to thinking about automation more holistically? Do you want to move toward automating everything or simply leverage automation to help your manual review team work more efficiently?
- Can the automation support the business logic you need it to? For example, if individuals in particular countries need to be routed to manual review, can the system identify countries, tag the verification with the relevant country, and surface it to the manual review team to better support their process?
- Do you have engineering resources to make technical changes? Or do you need a tool that allows non-technical teams to make changes?
- Integrate with the platform seamlessly into all of your workflows, not just your onboarding flows?
- Compile all identity data into a single place (such as a dashboard) that will allow you to gain a more comprehensive understanding of your users?
- Update your systems of record and connect the verified identity back into your customer lifecycle?
5. Perform a post-launch audit and continuous monitoring
- Providing feedback to your vendor and sharing your findings. A true partner will work with you to remedy the issues you’ve identified or share possible alternative solutions.
- Further refining your processes, workflows, reports, etc. to see if it is possible to improve performance to where it needs to be.
- Exploring additional, complementary tools — whether they are offered by the same vendor or a different vendor. This might help you fill any performance gaps.
- Reevaluating success metrics to determine if they are the right way of measuring success.