Anastasia Andrea, Captela: “spoofing programs on the dark web are more advanced than the tools to combat them”
Today, some companies and institutions are still relying on optical ID scans for identity verification. Unfortunately, anyone with a computer, editing software, and skills can produce a fake document and exploit it for malicious purposes.
While there are certain anti-spoofing tools and software designed to detect fraud, cybercriminals often manage to be one step ahead. So, Cybernews had a chat with Anastasia Andrea, the COO at Captela – a company that provides white label fintech solutions. She introduced the future of biometric onboarding and explained ways to solve other banking-related issues.
How did the idea of Captela come about? What has your journey been like ever since?
We had already created a widely successful white-label banking platform in Spain and the Netherlands – EBANQ. We took that platform with us and set up our base in Cyprus in 2018. The relocation and birth of Captela brought various benefits, such as a vibrant FinTech scene and very favorable business conditions in general. Not to mention the sunshine 340 days of the year!
Can you introduce us to what you do? What are your main areas of focus?
EBANQ, our virtual account management platform, is still a core product but we have branched out more and more into biometric client onboarding, sanctions screening, and other compliance-related areas. We have clients on five continents with a wide range of business models. What they all have in common is that they are required to properly identify and screen their customers, both during onboarding and on an ongoing basis. Our systems are not based on optical scans of passports and ID cards.
Users download our KYC Screen app and read the chip in the ID card or passport using the NFC reader on their phone. All personal data including a high-resolution picture of the ID holder is extracted from the chip. Governments put that chip there for a reason so we think relying on optical scans in this time and age is outdated. Biometric passports with RFID chips have existed since the 90s and have so far been adopted by over 160 countries, including the US and all EU countries.
What predictions do you have for the Fintech landscape for the upcoming years?
We see a need for better liveness checks and anti-spoofing technologies. Currently, spoofing software and tools that are widely available on the dark web are more advanced than the tools to combat them. We expect this will be a constant growth area since the need for remote client identification will not go away.
Additionally, it’s not only Fintech companies and banks that require remote onboarding. For example, company formation agents, law firms, accountants, short-term rental hosts, and various online platforms where sellers and buyers need to be identified to combat fraud need that as well.
How do you think the pandemic has affected your field of work?
It’s hard to say in certain terms but we have not seen any decline in demand for our products. Since everything we do and offer is online, we are not adversely affected when the whole world is doing everything remotely. We have not seen the extreme boom that some online retailers and others experienced as a result of changing habits in the pandemic, but we were fortunate to continue unscathed with solid growth.
What issues surrounding banking do you hope to see solved in the next couple of years?
One problem that needs to be resolved is international wire transfers, such as SWIFT. In Europe, we have the SEPA Instant with more and more banks coming aboard, meaning that payments within Europe are instantaneous and error-free. SEPA instant even makes digital currencies look slow. The US is finally catching up with their FedNow payment service which will work similarly with instant bank-to-bank payments.
Imagine bridging these two systems with a middleware of sorts and all of a sudden you have instant and error-free transatlantic payments. We believe the traditional, slow, and rather unreliable international wire transfers will remain in the developing markets with less uniform payment rails. However, we envision major payment markets to link their national payment systems to bridge the gaps and leverage the latest technologies on both ends.
In your opinion, why do certain organizations hesitate to implement new and innovative technologies?
Usually, the bigger the organization, the slower it moves. Once they assess and conclude whether new technology can be implemented and how it should be done, that technology might be obsolete already. The cost of adopting constantly changing technology can be very high. This is part of the reason why some online banking interfaces still look like they were designed in the 90s. However, things are getting better and even the dinosaur banks are somewhat catching up with clean and user-friendly UIs.
What are the best practices companies of all sizes should adopt nowadays to maintain smooth and secure remote operations?
Most companies by now have the technologies in place to maintain secure remote operations. When problems arise, they are often related to the habits of staff who are reusing passwords and mishandling information in various ways. Therefore, companies must assess and continuously reassess their remote access policies and cybersecurity protocols while keeping the staff educated and informed on the subject.
Talking about personal security online, what solutions do you think casual Internet users should look into?
Again, I think human habits are the biggest problem, like reusing passwords across platforms. With two-factor authentication (2FA) being pretty much standard these days, I’d say casual users should not have too much to worry about if they just use secure, unique passwords and keep 2FA enabled where available.
What does the future hold for Captela?
We will continue developing systems to detect spoofing. Many platforms that require user action-based liveness checks can be easily tricked. For example, if you ask a user to blink, they can pass the check by simply holding up a picture of a face with cut-out eye holes. We are also improving our passport NFC scanning UX. Another product in development entails building our own proprietary database for sanctions and PEP data. This database will be integrated through APIs and used to screen user and payment data in online platforms, such as EBANQ. We have a very exciting roadmap ahead!