KYC Processes and Account Opening
Account opening is the perfect example for the delicate balance between regulatory compliance, security, and user experience. The process itself can be extremely frustrating to users if not managed correctly. The account opening process has a few identity-related steps that need to be carefully orchestrated and managed to achieve the desired result in terms of customer experience, compliance, and security. These steps include:
Identity verification: the first step in the process is validating the user’s identity. This process typically requires collecting one or more identity documents from the user and then matching them against various databases and services for validation.
Registration and provisioning: once the user’s identity is verified, identifiable information needs to be collected and the user needs to be added to the identity store, linked to the relevant groups, and assigned the relevant permissions.
Issuing credentials: once the user is in the system, the next step is providing credentials so that the user can log into the various applications and services. This includes basic credentials such as username and password as well as advanced credentials such as face and voice biometrics.
Identity Services Hub
Identity is a highly fragmented space with many tools and capabilities from different vendors: biometric authenticators, traditional authenticators, KYC tools, risk and fraud engines, behavioral tools, directories, device security, and more. Integrating each of these services into your systems and applications requires significant ongoing work. This work involves processing input and output from each of these services, building the various user journeys around these services, and dealing with exceptions, failures, and edge cases. With Transmit, this can be avoided. The Transmit Identity Services Hub includes built-in, secure connectors to dozens of third-party identity services, dozens of built-in services, and a flexible, secure plug-in architecture that allows you to add anything and everything. It’s a complete, secure abstraction layer between your applications and the entire identity ecosystem. It’s the only platform capable of securing client-side identity services such as authenticators and KYC tools and also the only platform that doesn’t require writing third-party specific code in your applications.
Over-the-Air Journeys is the technology that sets Transmit apart from all other vendors. Using Over-the-Air Journeys, application owners can use graphical tools and an orchestration language to design simple and complex user journeys that involve authorization, authentication, KYC, fraud prevention, regulatory requirements, and more. Once done, these journeys can be pushed "over the air" and played in any application that is connected to Transmit, without making any code changes to the application and without the need to re-publish the application. Over-the-Air Journeys consist of two main technologies - a Journey Player and an Orchestration Engine. The Journey Player is incorporated into your applications as an SDK and is responsible for playing the entire journey inside the application. The Journey Player works with the Transmit Orchestration Engine which orchestrates the journey and defines the next steps on either the client or server side.
Bring your own directory from any vendor and connect it to the Transmit Identity Services Hub or just enable the built-in LDAP-based directory that is already included in the Transmit platform. You can also connect multiple directory services and easily orchestrate them using Transmit’s orchestration engine, which completely isolates your applications from any directory service you chose to work with. Using Transmit platform, you can switch between directories, consolidate directories, route between directories based on any attribute, and combine on-premise and cloud directory services with no impact on your applications. Transmit also includes modern APIs which can be used to access directory information as an alternative to LDAP
Transmit provides a full set of authentication services to manage primary login, multi-factor, and step-up authentication across various applications and channels. The platform includes a large set of built-in authenticators such as OTPs, soft tokens, biometric authenticators, and knowledge-based authenticators. In addition, the platform can be used to manage any third-party authenticator or authentication service connected to the Identity Services Hub. Transmit’s authentication services manage the enrollment process for each authenticator and also tasks such as de-enrollment, re-enrollment, and expiry periods. The platform provides flexible ways of defining authentication levels and attaching them to different authenticators and journeys. The platform allows building rules for authentication failures across different authenticators and devices and taking various actions when thresholds are reached. Transmit is FIDO certified and can be used to manage any FIDO authenticator alongside non-FIDO authenticators.