Is Identity Broken?
Identity is broken, or many will have you believe so, in reality it sort of works allowing hundreds of millions of consumers and businesses to activate and access services around the world. Clearly more needs to be done, and the industry is burgeoning with new solutions, approaches, strategies and movements to try and solve the conundrum or conundrums. That is really the key message here, for too long the perception is that identity is as a single thing a credential or a token, well I have some news for you it isn’t. As the digital world evolves, identity should increasingly be considered as a multitude of factors which are linked to an individual or entity, and how that end state of the identity is constructed and subsequently used has to be contextual, based on the use-case, value, customer-experience and so on.
That’s where Orchestration technology comes into play, and so a good opportunity to explain what makes a strong Orchestration technology, how it solves complex challenges in respect of AML, KYC, KYB and Fraud Management and the key ingredients needed to make it effective, adaptable and scalable.
Perhaps a good starting point is looking into what Gartner has to say about Orchestration. According to Gartner in its *Market Guide for Identity Proofing and Affirmation (Market Guide for Identity Proofing and Affirmation (gartner.com), in which Sphonic was mentioned, “by 2023, 75% of organizations will be using a single vendor with strong identity orchestration capabilities and connections to many other third parties for identity proofing and affirmation, which is an increase from fewer than 15% today.”
So the market trends suggest that such technology is certainly in demand, with the potential that it becomes more mainstream over the coming years. Sphonic has been somewhat of a pioneer in this space for over 9 years, when we launched in 2012 we thought about orchestration as core to the product strategy based on learnings we experienced in our consultancy days pre-Sphonic.
Developing a Market-Leading Orchestration Platform
We actually originally planned to call the product Orchestra back then, but went instead down a similar musical/harmony path with Symphonic -> Sphonic (see James Gutteridge’ blog on this ). The starting point was creating the strong relationship with many of the key data vendors that form part of the Orchestration Marketplace, back in 2012 we started with 11 or so, today we have over 85 which has grown due to our ongoing research into vendor technology, those that solve regulatory challenges in particular, as well as demand from our growing client base. But anyone can connect to API’s, but truly understanding those API’s and their role in the Orchestration journey requires a strong mix of technology considerations as well as subject matter experts that can help in designing, deploying and supporting client solutions.
Naturally we have seen a plethora or similar products creep into the market since then, but it’s important to consider our thinking into the platform at the time and its relevance now:
- The innovation in KYC/B, Fraud and AML data is constantly evolving – having a comprehensive data access layer ‘oven ready’ is crucial on the buy side, otherwise they could easily integrate themselves. New vendors are constantly coming into the market, for the end client being able to review, select, engage, integrate and test new vendors becomes costly and time consuming
- Regulations change – the 3rd thing in life that is certain after death and taxes is ever-changing regulations affecting financial services firms, gaming operators, merchants and other actors in the eco-system
- Orchestration strategies – How best to orchestrate an identity or fraud management journey comes only with years of expertise in living and breathing fraud management as a practitioner, as well as a strong understanding of the data landscape and how it all fuses together. Furthermore the ability to conduct A/B testing, failover and champion-challenger tests are all key factors to provide a client a credible solution that can solve tangible business challenges.
- Data Standardisation – Vendors will all return data in disparate formats, headers and structures and with varying response times. In some cases data returned may only provide partial insight which might less effective, but when combined with other data items it could provide further significance that may allow a potential ‘reject’ to becomes an ‘accept’.
- Vendor Management – managing and supporting multiple vendors is a challenge for an orchestration platform and as new vendors come in to the market, the work required to research, assess, engage, connect, deploy and roll-out new APIs is time-consuming and costly, as is the ongoing version management and support
- Future proofing – based on the factors above, a number of scenarios could result in changes in orchestration strategies and as such minimising the downstream tech impact on the client is key, the legwork needs to be done within the orchestration layer in order to be truly compelling ‘no-code’ platform.
- Scalability – ensuring that the platform can scale to handle increased payload and the platform can support a client with growth strategies whether based on new product or market launches
There are clearly many more facets to orchestration we could quite easily cover and certainly the Sphonic platform ticks all the boxes above as well as numerous other ‘hidden gems’ in the stack that make the shift to an Orchestration platform a compelling one. One of the most important factors above those mentioned has to be platform credibility. A client doesn’t want to work with tech that’s constantly in Beta, particularly if they are on a growth journey themselves and it’s an important learning from the last 8 years at Sphonic, working with some market-leading brands such as Paysafe, SafeCharge/Nuvei, NewDay, Funding Circle, Zopa and many others, in collaboration to solve some of these complex KYC, KYB, AML and Fraud challenges in a constantly evolving digital environment.
Orchestration Technology for Consumer and Business Verification
Furthermore, we have also recognised the role of Orchestration in solving many key challenges in the Identity and Risk Management one such example is with KYC/Identity Verification –
- In the digital world, your digital attributes are key to your identity and its subsequent layers of access with a given institution.
- Traditionally KYC checks in the digital world relied on calling end-point vendors with a focus on ticking boxes to keep regulators happy. In the data-breach driven world we operate in, attention needs to be given to ensuring you are enabling that service for the correct individual who has applied for the service.
- This is where we focus on an anti-impersonation layer utilising cutting-edge, market-leading products to profile devices, location, emails, mobile, behaviour and so on to ensure the prospect of this being someone else is highly unlikely.
- So when the verification check is subsequently made (along with the all-important AML checks) you can be sure the identity verification threshold is high-quality and you have confident it’s the genuine user.
- As we have seen the world move to identity proofing through document capture with Selfie/Video checks, which play a strong role in the identity journey, in an Orchestration layer the client can dictate at which point they would like to or need to impose that additional friction when the data-driven approach described above may require further levels of confidence.
As the industry increasingly looks towards solutions such as self-sovereign identity enabling Digital Identity through Orchestration and managing contextualisation of how the identity can be asserted based on the use-case, relying party access threshold, transactional value and so on, are all core features that bring the proposition further to life in a way that erodes concerns over trust and data privacy.
Another area that is really compelling for Orchestration is with Business Verification or KYB. As the digital world (driven in part by the pandemic) has pushed SME’s and large corporates to embrace Fintech, but the compliance processes that underpin entitlement are equally important. Here is an orchestration strategy, that has worked well in this space :
- As above anti-impersonation layers are key, Business checks can potentially be expensive so kicking out rubbish and blatant fraud early is key to the Orchestration strategy. Think about the fraud Tsunami we are about to experience from the CBILS and BBLS lending schemes and how considering these layers early would have eradicated a large chunk of the fraud perpetrated.
- Then the dynamics of geo-locating the business, the actual applicant and the relationship between the two
- Business checks can be waterfalled to ensure existence ahead of deeper verification, to initially determine Business Existence, Lines of Business, SIC codes etc to determine if you really want to take this business on ahead the deeper level of KYB.
- Once into KYB, there is a myriad of data items to navigate through to determine which of those play a role in decisioning whether to accept, reject or review. With the increasing focus in Identifying Beneficial Owners, understanding complex corporate structure as well as financial viability there are numerous routes for the Orchestration journey to go down
- And even more crucial area is the complexity of identifying and verifying Beneficial Owners and Directors in as seamless a way as possible, and then ensuring both Business and Officers linked to it do not feature on any global watch lists for Peps, Sanctions, Incarcerations etc.
Orchestration Technology that works and cuts through the noise
Ultimately the challenges to deliver effective orchestration experiences to end clients remains a complex one but with the right team and tech you have a strong prospect of success, as such Sphonic prides itself on its collaborative experiences with its clients through long-term relationships strongly echoed by Giacomo Austin VP of Compliance Strategy & Advisory :” Sphonic has proved to be a strong business partner and one that is always willing to go above and beyond. In particular, their excellent subject matter expertise and strategic guidance ensures Paysafe is always able to find innovative solutions, and adjust our implementation as and when needed in order to achieve the best possible outcomes. We work very well together.”
In Summary, we feel the key to working with an Orchestration platform is best summarised in the recommendations by Gartner in their Market Guide referenced earlier :
Recommendations – Build an identity-proofing strategy on a foundational orchestration layer:
- Leverage a vendor that has built connections to multiple other vendors and data sources and offers flexible workflow capabilities.
- Optimize your identity-proofing process by using this orchestration layer to test and evaluate different workflows, comparing different vendors and data sources to achieve your identity-proofing objectives.
- Support the scalability of your business by using the orchestration solution to connect to vendors and data sources that facilitate expansion into new regions.