Top 3 tips to identify users in your financial services app
You have a great financial services app, your user experience is flawless and your business is growing. What can go wrong? Then come the growing requirements from the compliance department.
User identification regulations are essential, but they're also ever-changing. Sounds familiar? Here is ZealiD’s top advice to help you tackle them head-on.
- Think big: re-usable identity
Many service providers outsource their onboarding to a remote identification service provider. Using a sub-contractor to confirm user identity via video conference is convenient for sure. But it's not sustainable, as it only takes away one step of the journey, leaving the rest to you.
Focus on the entire customer lifetime experience - not just the onboarding. Consider establishing re-usable identity at the time of registration/onboarding. It will allow you to build lasting trust relationships with your users from day one.
Eventually, reusable identity wallets will completely re-shape the way we approach remote services, opening doors to safer, more efficient data exchange on a broad scale. In the meantime, here are some scenarios where it will serve from the head-start:
- Receiving a proper signature of an important agreement following the onboarding
- Meeting requirements in the law on a specific e-signature type
- Authorising large payments by following PSD2 strong authentication requirements
- Do your research and select a qualified trust service provider
In short, reusable identity opens doors for trusted users, creating faster access with less security steps. No need to invent anything new - a reliable solution that will match your needs is already on the market. To identify those needs, it's important to understand the European standard for identity, authentication and electronic signature - the eIDAS regulation. It only takes 10 minutes and will help you position your services in pole position.
Reusable identity means providing your users with a so-called digital certificate. It connects the natural person’s identity in the physical world and digital world. The certificate, a cryptographic encryption mechanism, is uniquely tied to the user. Based on it, users can complete all authentication, authorization and electronic signatures using Face or TouchID. All they need is their mobile device.
So what’s the catch with the certificate? It needs to be legally recognized to provide all the built in compliance, security and governance structure you need. And for that you need to buy it from a so-called EU qualified trust service provider.
- Introduce it in your financial services app
Qualified trust service providers (such as ZealiD), provide API/SDK type integrations that unlock best-in-class app service. The certificate comes with it, providing a full range of unique data transactions:
2 min in-app self-service registration of all nationalities to an EU qualified certificate. This is a machine-manual remote identification that grants a 2 year certificate housed in your app. Since ZealiD is a qualified service provider, full liability for identity verification and all following transactions lies on us.
Electronic signatures (so called qualified signatures - QeS) and strong authentication. The qualified electronic signature provides fully compliant AML-KYC remote identification. It matches eIDAS requirements and is recognized by all EU states. Also, as QES is becoming more and more popular, it will be useful for gaining access to many financial services - such as consumer credit.
Integrating reusable identity in your own app really is that simple. As a modern tool, it will remove the headaches of compliance, information security, GDPR and liability once and for all. These worries will fall in the hands of the EU law, leaving you - and your users - satisfied.