Multijurisdictional regulations and the increase in fraud within payments have created a difficult environment for payments providers, says Zac Cohen, general manager at global identity and business verification firm Trulioo.
“The challenge for payments is twofold: how to eliminate fraud in the network, and how to satisfy the regulatory regime of a particular hyperlocal jurisdiction,” he says.
While the second Payments Services Directive (PSD2) and the General Data Protection Regulation (GDPR) have helped shape the industry, regulators in different jurisdictions must continuously review and adapt rules in order to stay one step ahead of fraudsters. Figures around fraud within payments are staggering: in the UK alone in 2017, within authorised push payments (APP), payment providers reported gross losses of £236m, according to UK Finance. Globally, 78% of organisations felt the impact of fraud, according to a survey underwritten by JPMorgan.
“A lot of reasons the regulations change so frequently is that they’ve experienced or recognised external threats,” says Cohen. “Every time we develop a new methodology, fraudsters seem to try to exploit the one weak point. Then it has to change and adapt again. The regulators, businesses, and technology providers all have the same goal – to stay ahead of threats.”
The great challenge for payments providers is the fact that they must deal on a multijurisdictional basis in order to grow – meaning they must comply with several regulatory frameworks.
“It’s few and far between these days of payments firms that say ‘hey we’re going to launch in the UK. Or Ireland. Or Canada. And we’re just happy to stay there.’ That doesn’t really work from a business case perspective,” says Cohen.
“What most payments companies want to do is launch in five countries at the same time. They want to create a mini economy, or network – or maybe they want to provide their products and services to customers online around the globe. Without the right scalable and flexible solutions in place, this can be a very expensive, complex and friction-ridden process, simply because there is so much variation in the regulatory and compliance requirements.”
The variety of regulations makes things incredibly onerous for payments providers. However, Trulioo provides clients with a variety of services including fraud prevention and multijurisdictional compliance capabilities through its GlobalGateway platform. The key, says Cohen, is flexibility.
“The way our platform is designed, you can customise – with great detail – the types of products and data sources you’re using to verify an individual, for example documentation verification in one market might not hold in another,” he says.
Trulioo’s modus operandi is financial inclusion, and GlobalGateway is the company’s flagship product built as an identity verification platform. Available to payments vendors in more than one hundred countries, GlobalGateway enables individuals to “join the global economy regardless of who they are, where they’re based, their background, or economic standing,” as Cohen puts it, through legal verification.
“Many businesses find onboarding painful and prone to cart abandonment, so our platform makes that a lot simpler through a layered verification approach leveraging the best data and tools available for each market.”
In October, Trulioo announced the platform has access to more than five billion identities, a figure the firm could expect to rise exponentially as they continue to add mobile network operators into its GlobalGateway platform.
“A big challenge for financial inclusion between banked and unbanked individuals is that they don’t necessarily have all the traditional identity documentation that many do – but what they do have is a mobile phone,” says Cohen. “So we’re leveraging mobile phones and mobile penetration to help confirm the identity of an individual based on that tool.
“We are the engine that helps validate and verify information between the end user and the organisation they’re creating an account with online. When someone is trying to register for a new service using just their mobile phone, based on minimum attributes, the validation process can be very complex.
“We can also allow the customer facing application – which might be a payment app, or an marketplace app – to interface directly with the customer, the user, while we sit transparent in the backend helping facilitate the verification,” says Cohen.
For organisations, access to over 400 data sources is available through a single application programming interface (API), providing secure access to a global network that helps reduce fraud and satisfies compliance requirements in each market the vendor is operating in. Further, while onboarding customers might have taken a number of months in the past, GlobalGateway can onboard in real time to provide access in less than three seconds.
“It takes away a huge amount of pain, complexity, and saves significant money to be able to launch in this format rather than having to build out like a traditional bank would have fifty years ago,” says Cohen.