E-resident – show me your face!

Netcorp Software Services, Web and mobile application development, Scandinavian outsourcing and near-shoring centre

26 Apr E-resident – show me your face!

The companies and banks who are planning on offering services Estonian new e-residents, are waiting for a certain amendment in law like nothing before. It’s a law draft, that will allow residents and e-residents to identify themselves to open a bank accounts via distant channel. To be more specific, it means that identifying people via video and ID-card becomes a legal.

Today e-residents stand in a situation where they need to come to Estonia to recieve their E-resident’s card if they want to exectute different necessary transactions. It includes opening bank account for a company that was created through the Internet, communicating with the Tax Office and forming some other authorizations. The current law necessitates face to face identification, which means that people must travel to Estonia. This on the other hand is not in accordance with the Estonian e-resident’s concept, where everything should be done regardelss of the time and place.

The idea of law amendment is positive, but as with any other big, new change, there are certain risks, fears and pseudo-problems. It’s already a topic that e-residency has a negative impact on Estonian reputation and business environment. It seems like people are mixing all the fears and risks and by not really trying to understand the whole concept of e-residency and it may lead to bad attitude towards it.

To be cautious is a good thing, but there is no reason for panic. What are the main risks for e-residents, that might occur when opening bank accounts from distant?

Is face to face identity verification secure?

Face to face doesn’t guarantee safety!

People have doubts about the safety of identifying yourself via video and it brings up a question – how certain we are on trusting this channel? In reality, various Middle European banks are using video identification, also including German Commerzbank, which are using LiveBank, that is created in Poland. Video identification can be considered even more secure than identifications that are made from the bank office.

In the bank office, the customer advisor compares a client’s face with their ID, makes a copy of the documenta nd asks additional questions if needed. The same procedures are conducted in an encrypted video channel, but also the whole process is being recorded by the bank. In addition, different document databases, emotion identification and biometric face comparison databases are being used. If the identifications is executed by a bank worker, the only chance in case of doubt is to repeat the procedure.

Law-abiding e-resident?

If the identification via bank’s e-channels is as safe as the face-to-face option, there still is a huge risk – e-resident’s compliance with the law.

In the worst case scenario, e-residents create multiple banks accounts that are for money laundrying, taking loans and not paying back and other illegal financial transactions. We can assume, that the probability of the previously mentioned behaviour is higher when the transaction is commited by an insufficiently identified person.

ACORN-2

Identity theft is the biggest risk

The biggest risk for letting Estonian e-residents execute banking transactions, is identity theft – either conscious sale of Estonian e-residency cards and pin-codes or an actual theft. We can speculate on a topic where one thousand businessmen, who are also e-residents, sell their companies right after creating it and opening a bank account with their e-residency cards. There’s a possibility that the criminals can easily commit transactions with their passwords and other data. Is there anything we can do to prevent this kind of action?

The same principle that applies to actions in physical environment, should be used on identity theft. The banks should be capable to identify the client before every transaction. It’s like when going to the office, where we are being identified by a document or visual observation. An e-resident, who has a bank account, should always identify himself/herself when commiting a bigger transaction online. It’s hard to do so when you have to travel to Estonia for that, but identifying via video channel is another option.

For example, Bank ID is a similar system, that is currently being used in Norway. When a client is identified in a bank, she/he can easily create bank accounts without further identifications, but it doesn’t work for e-residents. The e-resident can take advantage of the identifying option that are used for weaker safety procedures and later get a access to creating bank accounts and committing transactions.

Today the ATM asks us to re-type the PIN code when withdrawing the money. This is for to be sure of the identity of the person who makes the transaction. Videobank brings together a typical bank office and a logic of ID-card’s safety and permits to digitally commit transactions everywhere, anytime. Meeting with the bank is happening face to face, but through the monitor. In addition to face check, the person is being identified by the ID-card or by the valid traveldocument if needed.

The option of automatic identification should remain forFinTech technology companies. This option is less costly than a video identification that is verified by another person. This is really important for many innovative identification system business models. Considering the safety risks of automatic identification, it is rational to set transaction limits to this kind of identification for lowering the risks and reducing the damage.

Author, Paavo Pauklin, FinTech’i expert, LiveBank area manager in Scandinavia and Baltics
Follow me on Twitter @paavopauklin

Paavo Pauklin
info@netcorp.ee
No Comments

Post A Comment