Towards "digital": Why do MFIs need biometrics?

Kazakhstanis have been getting online loans through microfinance organizations for a long time now. It is becoming as easy as buying a pair of Nike sneakers in one click. 

But this began to be abused by fraudsters, taking advantage of the simplicity, convenience and remoteness of online credit services, they actively arrange loans to front men.   

In response to the challenges of online fraud, the financial regulator on April 30, 2021 amended the rules for granting microloans electronically.

According to the rules, in order to take out an online loan, a person must undergo biometric identification and authentication.

Amendments to the law were necessary as digitalization is gaining momentum. In addition, during the COVID-19 pandemic, it becomes unsafe to visit public places, including the branches of MFIs and banks.

Fraudsters do not sleep

The move to online lending has become not only convenient for customers, but also interesting to scammers, who have started taking loans from MFIs to front men. In order to obtain a person's personal data, the scammer could take copies of identity documents of his acquaintances under various pretexts and take out loans on them. Some fraudsters were more inventive. 

They placed ads for jobs on the Internet, social networks, and from those who responded, they asked for copies of documents via WhatsApp. For example, an IIN. Those who took out loans found out that a loan had been taken out in their name only after a call from an MFI employee or a collector. 

There was a case when a fraudster could arrange 44 loans for different people. 

The scale of online fraud is illustrated by the data from the Ministry of Internal Affairs. 

According to the department, in the three months of 2021, the internal affairs authorities registered more than 6.8 thousand facts of online fraud. "To carry out their criminal activities, scammers use various methods, including social networks, as well as place false Internet ads, create fake pages and sites," the Ministry of Internal Affairs specified. 

The growth of Internet frauds can be judged by the Committee on Legal Statistics and Special Accounts of the General Prosecutor's Office of the Republic of Kazakhstan. 

According to their information, more than 14 thousand cases of Internet fraud were registered in Kazakhstan in 2020. In 2018, this figure did not exceed 517, in 2019 - 7,769. 

The Ministry of Trade and Integration reported that the amount of damage caused by online fraud was 3.4 billion tenge.

Losses from e-commerce fraud in Europe have recently reached $2.1 billion. 

To bring the share of fraudulent schemes to a minimum, MFIs should improve the security of registration and verification of clients. Today, biometric technology is used to achieve this worldwide. The use of passwords is considered insecure, as 55% of consumers use the same passwords for online banking, email and social media accounts.

Using biometric verification reduces fraud by 95% when scammers impersonate another person. In addition, through remote biometric verification of clients, MFIs can reduce the risk of deteriorating the quality of the loan portfolio. Biometrics also saves time, a valuable resource. An MFI can provide a loan in as little as three minutes. And, of course, it will speed up business processes, build a quality customer base, and increase profits as a result.

How it Works

What is biometric verification and identification? With the help of this technology it is possible to recognize a person by the image of his face, a fingerprint, voice, iris or even the pattern of veins of the palm. All of these characteristics are unique, no two voices or irises are alike. Facial recognition technology is widespread in Kazakh banks and MFIs. This is understandable. After all, our country already has a database of photos of individuals, those are the photos that each of us has on our ID cards and passports. Such photos are stored in the state database "Natural Persons".

A remote customer identification project for financial organizations IDPC was launched in October 2020 on the basis of a subsidiary of the National Bank of the Republic of Kazakhstan, KISC. How does it work?

To take a loan, the borrower goes to the MFI or bank's website or mobile application, makes a video call to the operator during the registration process, and/or undergoes an automatic vividness confirmation check (the so-called protection procedure, when a photo/video of another person is substituted for himself). This process can take up to 30 seconds. 

In the process of the video interview - determination of the object for "liveliness" (when it is found out if the person is real) - a photo image of the person is extracted (selfies). This procedure is necessary because fraudsters are now using various tricks to secure a loan.

To prevent such "gray" schemes, the Verigram team developed the Liveness Detection technology. It can be used to determine whether or not a real person is taking a photo in the mobile app screen of an MFI. That is, that he blinks, smiles, frowns, and, in general, has facial expressions. Why is this necessary? Often fraudsters can take selfies with a photo of the person they want to apply for a loan, or they can take a photo of a sleeping person. 

During the loan process, the MFI asks the borrower for an IIN from their ID card and a selfie photo. The client's IIN and selfie photo are sent to the IS COID, where the selfie is compared with a reference photo corresponding to the IIN from the state database of individuals (INDB).

Biometric solutions are needed to determine how similar these two images (the borrower's photo and the INDB photo) are to each other. They are offered by vendors of facial recognition software.

One such company is Verigram. With the help of our facial recognition system an MFI can determine whether a fraudster is planning to take out a loan or not.

Verigram does not store any data. 

By the way, Verigram specialists can give free consultations to MFIs, help to launch biometric verification and provide free access for two months.

Not only financial market goes to "digital"

Amendments to the law "On Microfinance Activity" are timely. And it's not only about the pandemic and the increasing incidence of fraud in online lending. Many countries are trying to implement biometrics not only for loans. They are launching biometric projects on the governmental level. This market is actively growing. Research company Acuity Market Intelligence predicts that by 2022 more than 1 trillion mobile transactions worldwide will be approved using biometrics.

Let's take a look at how remote identification is used around the world. 

For example, in 2009 in India the Indians used a special Aadhaar card when they used financial services, including credit. The card contains a unique 12-digit digital identification number. The purpose of Aadhaar Authentication is to provide an online digital identification platform so that the identity of Aadhaar number holders can be verified instantly, anytime, anywhere. With Aadhaar, Indian citizens can receive social security payments, pensions and have equal access to financial services such as bank accounts, money transfers, and credit. To get an Aadhaar card, an Indian citizen must provide not only his or her personal information (name, date of birth, age, gender, address, and so on), but also biometric information. All of this information is stored in a central database managed by the Indian government. 

In the UK, there are also plans to use biometrics to verify the age of children when registering on social networks and to protect them from dangerous content. A special bill is already being considered. Today, biometric-based age assessment technology is already being developed. However, some experts fear that this norm may hinder free access to the Internet.

Singapore is expected to become the first country in the world to use facial recognition in its national identification system. Biometric verification will give Singaporeans secure access to both private and government services. The state technology agency says it will be the "foundation" for the country's digital economy. It has been piloted at a major DBS bank and is now being rolled out nationwide. 

Given that Kazakhstan is also seeking to gradually build a digital economy, local companies simply need to adopt different technologies of authentication and verification. 

Moreover, as we have already found out, biometrics covers not only financial services. 

It can be used to remotely register with car rental services, courier services, to take exams, and to obtain a SIM card. It is convenient and secure.

We assume that over time, all MFIs and banks in Kazakhstan will begin to serve their clients remotely, at least such a possibility already exists. With this in mind, all of them will need biometric verification, identification of their clients. With its help, both MFIs and banks will be able to reduce their costs and hence reduce the cost of their services, expand the geography of their business, and, of course, improve the quality of customer service.