A classic idiom goes one rotten apple spoils the whole barrel. This is probably true for measuring the success of KYC and Fraud programs: if you let in just one bad actor who causes five to six figures of losses, it possibly outweighs the total LTV of hundreds or even thousands of good actors you let into your platform.
However, the analogy breaks down when we actually examine who could possibly apply to open accounts for banks, credit cards, fintechs, crypto companies, gig platforms, and more. There is an infinite amount of bad actors out there. Just one person can create thousands of synthetic IDs to try to exploit a possible loophole in account creation. Conversely, there is a finite amount of good actors out there. We know the number. In the US, there are about 115 million people between 18 and 45, considered the prime demographic for a lot of digital financial applications.
Unfortunately, business models and products today set out with a different mission: label (some) bad actors. There will always be bad actors to catch so companies can show results. But at the same time, some bad actors will still find a way to get in, which the current KYC/fraud tools will point to as evidence for their customers to increase spend on even more tools to keep bad actors out. It is a bad flywheel which is good for the bottom line of the KYC/fraud companies but doesn’t solve the actual problems customers face nor help streamline onboarding.
Put it another way: if you’re an orchestration tool that makes money by selling a bundle of KYC/fraud products, why would you want to label someone as good? It would defeat your entire business model, as you would be rendered fairly irrelevant the next time that person went to create an account. Of course, there is continuous monitoring to do, but the bulk of spend is at the moment of account creation.
The problem is that tools today are bucketed. KYC companies don’t want to solve the real problem because then their revenue models wouldn’t work. That doesn’t make them bad people, it is just the reality they face, and based on the technology that was around when they built their products. But because tools are disjointed, incentives are not aligned. Companies want to label bad actors, so they can keep charging large sums of money to run a plethora of tools the next time a good actor created an account.
While it may sound counterintuitive, the best way to find fraudsters may actually be to find good actors. By tying security to fraud to KYC, we can change the model with the goal of labeling good actors. Create a bar to enter the digital ecosystem, and once cleared in a second let people create accounts and permission companies to access. At the same time, that new KYC company has aligned incentives because they make money on securely storing the PII. This is a win-win: offload the cost and risk from companies, and at the same time optimize a business model with the storage enabling portable identities with good actors.
The more good actors are labeled with Footprint, the tougher identity theft becomes as good actors claim their ID. We tie your identity to biometrics on your mobile device, your phone number, and other information we match with bureaus. This means that if someone tries to steal your identity, we can detect it in real-time. Because, unlike fraudsters, good actors want to prove they are themselves, especially if that means a more interoperable online world for them going forward. Bad actors fear a one time step-up auth; good actors will be delighted if it is the final time they go through it online.
The best way to find the rotten apple—in a world where there are infinite rotten apples—may simply be to figure out who isn’t rotten.