Document Verification: Overview (United States)

Compliance questions

The decision to collect or not collect ID documents is as much a compliance question as a fraud prevention question. All financial institutions are required to maintain a "Customer Identification Program" that outlines how they verify their prospective customers. Alloy is not your compliance officer and cannot make this decision for your company, however, the FFIEC Online BSA Manual is a great resource for understanding how to construct a CIP program. 

There are two types of verification a company can use to verify the "minimum" information the customer is required to provide: 

• Document verification: the customer provides documents (government IDs, utility bills, etc) to verify all of the information they've provided
• Non-document verification: your company verifies the information the customer provided via reputable third-party data sources (credit bureaus, public records providers, phone carriers, etc) 

Your institution may likely conclude that is both acceptable and advantageous for both risk and user experience reasons to do "non-document" verification for most or all prospective customers. If this is the case, collecting and verifying documents is necessary only for fraud prevention or edge-case remediation where non-document verification is not possible. 

User experience: Native (apps) vs. Web (browsers)

When ID verification providers show demonstrations of automated document collection and verification, in almost every case these are on "native" or "downloaded" mobile applications from the iOS or Android app stores. These demos look smooth and simple because on "native" applications, you will be able to: 

• Automatically open the high-resolution phone on your user's device
• Guide the user to line up their ID and automatically snap a clear picture of the ID when the ID is in the frame
• Tell the user in real-time whether the image was sufficiently clear, and if it was not, quickly guide them to re-take it

Unfortunately, none of that is possible on web browsers (Chrome, Safari, Firefox, etc) that your customers actually use to open accounts (unless you are a mobile-first bank or have in-app account opening). On web browsers, you must: 

• Have your user pull up the camera on their mobile device
• Hope the user takes a good picture of the front and back of their ID
• Have the user successfully upload that image on your web page for account opening 
• Tell the user whether the images were sufficiently clear, if not which image was not clear and why
• Have the user re-upload better images 

All of this is a huge challenge, and it requires meticulous attention to detail on the front end of your web account opening form to get into even a "passable" state. 

Alloy's recommendation  

If you are starting from scratch, a good option is to start by automatically presenting the users in "Manual Review" with the ability to upload ID documents into your application flow, but not to attempt to verify them automatically. Rather, have them uploaded into Alloy's case management system for manual review. Once that process is working well, you can consider how to implement automated verification where appropriate. 

Consider implementing Alloy's SDK for Web or Mobile to provide your users with the best experience as possible. If you follow our guidelines for high-quality images, you can also prompt your customer to re-take the image if the quality is too poor. 

Contact us at sales@alloy.co or support@alloy.co so we can learn more about your specific situation and provide the best guidance and information possible about how to implement document collection and verification in your account opening process.