Ekata Executive Series, Part I: Supporting Cross-Border Identity Verification

Welcome to Ekata’s Executive Series. In this series, our CEO, Rob Eleveld, will be outlining the dynamics we see developing in the global identity verification (IDV) market and highlight Ekata’s response to continuous market demands.

Today, our theme is “cross border” in the payments and card-not-present (CNP) ecosystem.

Global Electronic Payments

Global payments have been growing very steadily at 6% compound annual growth rate (CAGR) according to McKinsey’s 2019 Global Payments Map Report, notably faster than the world’s economic output.

More importantly, electronic payments in various regions of the world are growing even faster, as the report notes:

• Europe: “Electronic payments transactions in Europe are growing consistently at double the European GDP growth rates (from 2013 to 2018, 7.9% compound annual growth rate [CAGR] versus 3.5% GDP CAGR).”
• APAC: “Electronic payments transactions have been growing at a staggering rate in the region—upward of 15% annually, more than 2.5 times the rate of GDP growth.”
• North America: “Payments revenues have been growing two to three percentage points faster than GDP for the past four years because of a combination of interest-margin expansion and rapid transaction growth.

Electronic Payments – Cross Border

Unlike traditional banking and payments, electronic payments have a large cross border component. As we all know, retail banking has traditionally been a domestic business in any given country. Credit and credit risk have also been siloed by country, in large part due to the heavy regulation of credit bureaus in a given country.

The requirements of eCommerce, especially digital goods, and the associated payments ecosystem have a hard requirement to support cross border transactions and payments.

Because of the aggressive growth of electronic payments, as the McKinsey study points out, this requirement for the payments ecosystem to support cross border payments is getting more pronounced every month.

We are seeing disruption and innovation across the payment’s ecosystem supporting the growth in electronic payments and the associated need for more seamless cross border payment options.

1. Banking: Challenger Banks are addressing friction points in the traditional banking industry, in part by disrupting the country silos in which traditional banks have operated. Revolut, one of the best-known London-based fintechs, is targeting a much more seamless and transparent experience for sending or accepting different currencies in cross border transactions.
2. Issuers: Goldman Sachs’ Challenger Bank entrant, Marcus, is the issuer for the innovative Apple Card, combining two companies with a much more global and cross border approach to payments.
3. Card brands: Ajay Banga, CEO of Mastercard, explained the outlook of at least major one card brand far better than I can in a recent Financial Times article: “The economic cost of building siloed systems in a world where citizens travel globally is really stupid, and where crime travels globally is even more stupid, and where technology is completely global is even three times more stupid.”
4. Acquirers/payment service providers (PSPs): Some of the most aggressive and fastest-growing PSPs are specifically targeting much more integrated support of cross border payments with transparent fees as a differentiator. Rising stars like Adyen, Stripe, and Checkout.com are all leaders here. A Pymnts.com summary of Adyen’s 1H2019 results: “80% of the volume growth logged in the period [1H2019], said management on the call, came from existing merchants. Macro trends continue to benefit the company, especially cross-border commerce, noted the CEO.”

PARADIGM SHIFT: From Identity Data Silos to a Global API Response

To paraphrase an old adage, “It’s hard to know where we are going unless you know where we have been.” Back in 2015, a small tiger team here at Ekata set out to create a global response to our flagship Identity Verification (IDV) product: Identity Check API.

The existing paradigm for global identity data in 2015 was the credit bureau model. What the large bureaus could provide was identity data in 15-20 countries where they had stood up credit bureaus, usually as wholly-owned subsidiaries due to country-by-country credit regulations. To get that data for fraud detection and IDV, a merchant or PSP would normally need to contract with all the different local entities separately, receive files from each geo to integrate or code to many different APIs, and beyond the 15-20 countries where bureaus existed, the merchant or PSP needed to look elsewhere for identity data.

The Ekata team didn’t spend much time on existing paradigms, but instead went out and talked to customers and prospects. We did not need to travel far to hear and feel the cross-border requirement for IDV. Right across Lake Washington, not 20 minutes from our Seattle headquarters, sits Expedia. Each month, Expedia processes transactions from consumers in over 150 countries. We knew the siloed paradigm would not work at all for them, per Ajay Banga’s quote above.

We set out to create a global API response with one mission: Move a risk model in 175 countries. It was a novel approach – a global vision – but with a very long and tortuous journey ahead…

Ekata: Supporting Cross Border Identity Verification

“One API to integrate, one SLA to monitor, one neck to choke.”

Ekata did not begin to have the data sources or the data budget to go everywhere in the world in 2015. Of course, that didn’t slow us down. We started looking for unique ways to meet the mission of moving a risk model in 175 countries.

When we launched in 2016, we could:

• Validate phone numbers globally: While this is easy to do in North America, it is very hard to do globally; especially when many consumers fail to enter country codes. When a fraudster wants to fake a phone number, they don’t fake an easy number, they fake one in Romania, or a country where some number blocks start with 0 and often get dropped. This makes it near impossible to tell if the phone is invalid. Here in 2020, phone “is valid” remains one of our Top 5 model features according to customers.
• Validate physical addresses globally: This problem is orders of magnitude more complex than that of validating phone numbers. How do you ensure that “123 Main Street” and “123 Main St.” resolve to the same unique address identifier and the same lat/long every time? In the US, this is a relatively tractable problem with known solutions (even if simple string matching would indicate that these are different addresses). Outside of the US, this problem gets much more complex. How do you ensure that “5 ORCHARD PARK, ARMAGH, BT61 8JE, GB” and “5 ORCHARD PARK, LOUGHGALL, United Kingdom” resolve to the same unique address identifier and the same lat/long every time? And this example says nothing of the complexity once you introduce non-ASCII inputs in support of more robust multibyte UTF-8 encoding! This is a paper unto itself, so, for now, let’s move on.
• Measure IP to shipping address distance (or IP to phone number): Again, this is easy to do in North America and very hard to do globally where addresses do not have a standardized lat/long. But again, in the present day, this distance calculation is a very predictive model feature.
• Validate email ownership and authenticity: The first 18 months of our journey, we sourced email-to-name data globally (since emails are not constrained by borders), before focusing on phone and address linkages in our Identity Graph.

We also committed to one principle for our global response when we launched in 2016: Make it better every quarter.

• New data sources: We have added new data sources from some corner of the world every quarter since 2016. We have a global data network today and a group of consultants that refer to us our sources. We test, vet, and contract with all those sources ourselves after flying to meet them in their offices. We comply with all local laws in sourcing data, and we rep that we will only use the data for risk and identity verification, never for marketing.
• Confidence Score: In 2017, we launched Confidence Score as part of the global return. It was a unique 0-500 score that could predict good customers as accurately as it predicted fraudsters. We used chargebacks as training data for a predictive machine learning model. Very quickly, this data element became our most predictive model feature.
• Network Score: After two years of work building our Identity Network in which 98% of our customers participate, and through which we process over four billion queries annually (and growing!), we are in a unique position to see behavioral patterns across our customer network. In the delivery of these services, we anonymize and hash all our data (a cryptographic one-way hash of 512 characters in compliance with GDPR standards), to provide our customers with unique behavioral signals associated with the identity elements we track (person/business, phone, email, physical address, IP address).

And the results in 2020? Let’s just say we would not be working with Checkout.com, Adyen, Expedia, Booking.com, Airbnb, and many others without a global API response supporting cross border eCommerce and payments.

When I speak with the teams at these companies and many others, I always say: “What the market of global payments and eCommerce needs from an Identity Verification (IDV) provider is one API to integrate, one SLA to monitor, and one neck to choke.”

That’s what Ekata offers.

As the global Identity Verification (IDV) market continues to expand, Ekata will be there to respond to each and every demand; each quarter better than the last.

In the meantime, I invite you to contact one of our representatives to learn more about how Ekata can help your business.