Digital onboarding is the process of acquiring a new customer to a new company, or subscribing a new user to a new service remotely, typically using a user’s mobile device. The main purpose of digital onboarding is to verify the identity of the person being onboarded in order for a company to make sure that the person is actually who they claim to be. To verify a user’s identity digitally and fully remotely, facial biometrics and liveness detection technology are used, combined with identity document processing.
The term onboarding was primarily used in business in connection with human resources, especially when acquiring new employees. The onboarding process was characterized as the process during which a new employee gains all the necessary knowledge to become an integral part of an organization.
In general, the onboarding process can be described as the process of acquiring a new customer to a new company, or subscribing a new user to a new service. While this process used to be performed typically on-site and in person (e.g., in a brick and mortar branch of a bank or a mobile operator) just a few years ago, it is becoming more and more usual for customer onboarding to be performed digitally, and often, fully remotely in the digitized era we live in nowadays. This shift to digital onboarding has been significant in many areas of business especially after the coronavirus outbreak, when it became necessary for businesses to have the possibility to acquire new customers remotely.
To verify one’s identity remotely (and digitally), the organization has to verify if a client on the other side of the onboarding process is who they claim to be, including if they are real and ‘live’.
Within the identity verification operation, the client’s identity document or passport is processed – the personal data (including the photo of the client) are extracted from it and cross-checked against the data encrypted on the RFID chip or Machine Readable Zone (MRZ). The document is also checked for its authenticity to prevent document tampering.
The following step biometrically verifies a client’s photo (selfie) against the biometric template created based on their photo extracted from the ID during document processing. At the same time, liveness detection uses various biometric measurements to ascertain that the organization is dealing with a real ‘live’ face and not a replica in any form.
There are two main approaches to liveness detection: active and passive. The more traditional approach – active liveness detection– relies on asking customers to perform an action. This can include nodding, moving eyes, blinking, smiling, moving head, moving the device, or speaking. Recently, passive liveness detection has become more popular as it makes the interaction simple (runs in the background of the selfie capture, without the customer noticing it) and it makes it much harder to spoof as the attacker does not even know if and when liveness verification has transpired.
In a digital environment, businesses operate various apps or websites to acquire new customers and verify their identity remotely. Widely used are mobile apps allowing a customer to sign-up for a product or service completely online using their mobile device solely.
The technologies working in the background of such apps usually combine optical character recognition (OCR) technology, together with document authenticity check, MRZ parsing and/or RFID chip reading technologies in order to process a user’s identity document or passport (extract data from it) and allow cross-checking of the user’s identity against their selfie.
For biometric verification of a user’s face, facial biometrics compares the user’s selfie against their picture on the document, and presentation attack detection technology, i.e., liveness detection is used to prevent identity fraud attempts and verifies if the user is ‘live’ and real.
There are dozens of companies nowadays offering either digital onboarding platforms or services which enterprises and organizations can use to acquire new customers. Moreover, there are technology providers offering either complex or partial digital onboarding technologies, which can be integrated into tailor-made solutions.
The main purpose of the digital (or customer if you wish) onboarding process is to verify a customer’s identity remotely, i.e., verify if the client is who they claim to be.
For users these days, that basically means taking two pictures with their smartphone – of their ID or passport and their selfie. The technology behind is quite sophisticated and complex, usually utilizing deep neural networks, AI and facial biometrics. From a technological point of view, the customer onboarding process consists of processing the customer’s identity document and verifying their face (against their picture on the ID), including presentation attack detection.
Although technologies taking care of document processing (e.g., OCR) and face verification had been used on the market for quite some time, the challenge with fully digital remote client onboarding was in making sure that the person whose identity is being verified is actually ‘live’ and real.
A revolution in this area started when video calls instead of branch visits were introduced. With spoof attacks growing more sophisticated every day, this approach quickly became obsolete. Many businesses already have, and even governments, are now starting to use a combination of facial recognition and liveness detection to safely and securely verify people’s identity online.
Of course, all businesses aim for the perfect first impression. In terms of digital onboarding, the identity verification process needs to be as frictionless as possible for the users to perform as they tend to abandon time-consuming procedures and malfunctioning apps quite easily.
Since users expect the onboarding process to be fully online, the onboarding process should be executed completely digitally – no paperwork, no sending documents by mail, no visits to the branch, etc.
We all value our time, and so do our clients. Therefore, the onboarding process should be quick, utilizing the best performing technology to be able to verify the client’s identity in real time.
It is also important that digital onboarding is available for users anytime and anywhere. Solutions should use technologies that can work with low bandwidth and/or offline directly on-device.
Last but not the least, it is crucial for organizations (and also users) to only use digital onboarding solutions that are secure, able to prevent fraud, and keep user data safe.
During the pandemic, we saw the rapid evolution of biometric-based digital onboarding mostly in the banking sector. In banking, the term digital or client onboarding denotes the practice of signing up for a bank account or other banking services entirely online, typically via a user’s mobile phone.
As banks and financial institutions have a legal obligation to know their customers and perform so-called Know-Your-Customer checks (or KYC procedure), they have to assure that when it comes to onboarding clients remotely, there has to be a reliable and secure way to verify a client’s identity digitally (the KYC procedure is in this case called eKYC or electronic Know Your Customer, as the whole process is completely digitized).
Within the eKYC process, the bank or financial institution has to make sure that the client is actually who they claim to be. While this can be quite easy (although time-consuming) to check the old-fashioned way (on-site and in person), it is quite challenging to perform such a check reliably remotely, especially when online identity fraud is on the rise and deep fakes feel more and more “real”. That’s when fully remote digital onboarding steps in.
During the digital onboarding process, the client’s identity is verified by processing their ID and biometric verification of their face combined with liveness detection.