Arpit Ratan, Ankit Ratan, & Ankur Pandey, Signzy: “undermining the risk of a data breach is the biggest mistake businesses make”

As more banks start to offer digital onboarding options, advanced data security measures must be taken to prevent fraud and identity theft.

There’s no denying that global digitalization is rapidly transforming our everyday lives – these days, even processes like creating a bank account no longer require showing up to an appointment or signing paper documents. While the digitization of such processes is surely convenient both for the customer and for the institution, there are countless criminals out there looking to take advantage of new technology.

To find out the essential precautions banks need to take to protect their customer data, we caught up with the team at Signzy – Arpit Ratan, Co-Founder and Chief Business Officer, Ankit Ratan, Co-Founder & CEO, and Ankur Pandey, Co-Founder & Chief Technology Officer.

How did the idea of Signzy come about? What has the journey been like?

Signzy was born in 2015 after its three co-founders came up with the idea of streamlining and automating compliance for both banking and non-banking applications. This idea was born out of our personal experiences of dealing with banks, both as individuals and companies in our previous professional roles. We noticed that while banking was going digital, the compliance function within the banks remained very manual and paper-driven. Banks were spending enormous resources and time doing tasks like customer onboarding, and back-office operations, which could be largely automated using AI. And this is what we at Signzy set out to do.

Today, Signzy is the leading digital workflow enabler for the global Internet economy, enabling 10 million+ end customer and business onboardings every month at a success rate of 99%, while reducing the speed to market from 6 months to 3-4 weeks.

Our award-winning no-code AI platform is redefining the speed, accuracy, and experience of how banks and other organizations are onboarding customers and businesses – using the digital medium. This platform delivers seamless, end-to-end, and multi-channel onboarding journeys while offering totally customizable workflows. From one bank in 2015, we have grown our clientele to over 250 financial institutions around the world, including the four largest banks in India. We also have strong global partnerships with Mastercard and Microsoft.

Can you introduce us to your platform? What technology do you use to make customer onboarding easier?

Signzy’s no-code AI platform offers AI-led digital onboarding, verification, and fraud detection solutions for both financial and non-financial companies. A company can use our no-code platform to build custom solutions that let them automate and streamline decision-making and compliance processes.

Using AI, Signzy is able to completely automate a bank’s back-operations decision-making process into a real-time API. This is possible due to a combination of Nebula , Signzy’s no-code AI model builder, and our Fintech API Marketplace of over 200+ APIs.

These APIs can enhance functions like extraction, forgery detection, background verification against government databases, etc. They also follow a plug-and-play approach, requiring minimum work for integration with existing workflows while considerably reducing the time needed as well as overall operational expenses.

Our platform is built upon a solid foundation of AI and computer vision tools with the ability to recognize documents, detect forgery and replicate the eye-balling process at the back end.

What cyberthreats surrounding online banking do you find the most concerning at the moment?

Purely from an end customer’s perspective, phishing and identity theft are the two biggest cyberthreats to be concerned about at the moment. Many users of online banking are susceptible to phishing scams that can steal their identity or even persuade them to transfer money to a fraudster’s account.

Banks on the other hand can do a lot in mitigating these and other threats that can hurt their customers, including cyberattacks on their digital infrastructure that can make their mobile apps or net banking portals inaccessible to their customers. While cybersecurity spending by banks and financial institutions is already making up a major chunk of their IT budgets, the same is often not true of their partners including fintech firms.

As we evolve and combat these threats with technology, there will always be bad actors coming up with new ways to steal data or money. The only solution is to keep our collective guards up at all times and integrate the latest technology and cybersecurity best practices to thwart these bad actors. This is as much true for banks as for end-users.

How do you think the recent global events altered your field of work?

The pandemic has sharply accelerated the shift towards digital transactions across all industries over the last two years, which has, in turn, led to a much higher demand for digital onboarding and automated compliance solutions. We have been scaling up our operations significantly and we have more than tripled our headcount since 2020.

We have also added more senior leaders to spearhead our continued growth and expansion in India as well as in key markets around the world. Last year, we partnered with Dubai-based investment company Seed Group to enter the UAE market and expand its operations in the wider Middle East. Through this partnership, we intend to accelerate the digital transformation of businesses and bring innovative AI technologies to the region. We are also growing our teams in the US and other markets.

What are some of the worst mistakes organizations tend to make when it comes to handling large amounts of customer data?

Fundamentally, organizations need to take 360º ownership of their customers’ data, which basically means that they must be vigilant not just about safeguarding data within their own servers or databases, but also about measures that their partners or third-party service providers use to protect data. As businesses extend their third-party ecosystems to perform fundamental tasks that are pivotal to their operations, perhaps the biggest mistake they can commit is to overlook or undermine the risk of data breach or leakage through their partners.

When a data breach does occur, businesses should immediately notify their customers and other stakeholders as well as report the risk of damaging their brand and consumer loyalty. Trying to hide data breaches is a mistake that can lead to long-term reputation damage as audits will inevitably reveal the incidents.

Finally, not ensuring that their app’s architecture and code are secure, or not using code obfuscation are other costly mistakes that many organizations tend to make.

Talking about individual users, what security measures do you think everyone should implement to protect themselves online?

Individual users are a target of a wide variety of threats and attacks. A recent survey by a leading cybersecurity company found that eight out of ten respondents in India have experienced a cyberattack or online threat, with common forms being malware (26%), fraudulent charges on mobile payment or digital wallets (18%), or social media breach or duplication (18%).

As individual users, we must be particularly careful about protecting our personal and private data. With our use of the Internet closely entwined with our online identity, our aim should be to control the degree to which subsets of our personal and private data are revealed to public and private entities. While it is difficult to be in full control, it is important to be familiar with the existing threats to our online identity.

While data breaches and password leaks are increasingly common, one of the most important steps all individuals can take is to set up two-factor authentication on all their email and social media accounts. Further, they should be able to regularly check if their personal data has been leaked in data breaches, using websites like “HaveIBeenPwned”. If any of their passwords have been leaked, they must be changed immediately and then permanently discarded. They must also commit to using much stronger passwords that are also unique and not repeated on multiple websites or apps.

They must also take time to read and inspect the privacy policies of the apps before granting permissions and generally avoid using unprotected or public Wi-Fi networks as far as possible. Finally, they must be wary of phishing and social engineering scams and avoid clicking on suspicious links or sharing sensitive information on the phone or via text messages with unverified people. Investing in comprehensive antivirus software is also recommended.

How do you think the financial sector is going to look to evolve in the near future?

The fintech revolution has in many ways disrupted the financial services industry and going forward we see a strong and industry-wide momentum towards delivering a much better customer experience through the use of technology. We will see this evolve and manifest in many different ways – from customer onboarding or new account opening (already, most banks now allow the opening of savings accounts at home without any paperwork, and complete their KYC process over a video call) to financial planning, where AI-based engines will help banks provide wealth management at an unprecedented scale to all of their customers at much attractive price points. We will also see hyper-personalization of financial products, for example, loans or cards or even extra value-add features for their savings or current accounts, at a scale that is simply not imaginable today. These changes will dramatically alter and enhance the banking experience for ordinary customers, and in turn allow financial institutions to improve customer satisfaction, margins, and profitability.

And finally, what does the future hold for Signzy?

At Signzy, we are working to build an environment of trust in digital transactions for both the digital economy and the end customers. Our objective is to enable and help both financial institutions as well as other digital economy companies in digitalizing and automating their compliance and related back-office operations for all types of transactions, so they can deliver a significantly better customer experience. For example, we are already enabling fast and seamless digital customer onboarding for some of the best-known banks and digital economy players around the world.