by Heath Muchena

Using cloud, AI for KYC and ID management for African enterprises

Jan 22, 2020
Cloud ComputingMachine LearningSecurity

In this Q&A, James Lawson, co-founder and CIO of South Africa-based Intergreatme, explains how cloud and machine learning form the basis for Know Your Customer and digital identity management.

Artificial intelligence and digital identity
Credit: Thinkstock

Cloud and emerging technologies such as machine learning are enabling new types of businesses around the world. Although cloud uptake in Africa lags behind most other regions, early adopters on the continent are beginning to spring up. Intergreatme, maker of its namesake digital identity platform, is one of them.

In its efforts to help enterprises combat identity fraud and financial crime, Intergreatme (also known by the IGM brand) is tapping cloud, machine learning and automation technologies to enhance trust and transparency in data sharing as well as save time and money for its diverse clients.

The company’s digital ID platform includes a consumer app that enables users to create their digital identity using biometrics and passport or driving licence IDs. For businesses, it is designed to ensure that enterprises gain ethical access to verified customer identities in a secure, regulations-compliant, and instantaneous manner.

To get more insight into the impact of cloud, AI and automation technologies in the Know Your Customer and ID verification arena — which is expected to continue to grow as more people and businesses in Africa go digital — we talked to James Lawson, chief information officer and founder of Intergreatme. Edited excerpts follow:

What skills are important for CIOs to learn in order to cope with the rapid pace of technological change and disruption to business models?

Having a clear vision of the product or service you are building is key.

james_lawson_intergreatme Intergreatme

James Lawson, CIO and co-founder of Intergreatme.

Understanding current and future political and regulatory laws for example what we’ve witnessed in South Africa with General Data Protection Regulations (GDPR) and other regulatory obligations coming into force. At IGM, we’ve looked closely at incoming laws around the Protection of Personal Information Act (POPI) in South Africa and it was important from a CIO’s standpoint to familiarise myself with the legislation in order to better guide the business in its technological developments.

What technologies do you think will have the biggest impact on the sectors you service in 2020?

Machine learning and automation will provide us with the biggest impact in the KYC arena. Our business is reliant on them, and so they are at the forefront of product design and innovation in the business. With the advent of cloud technology providers such as Microsoft Azure and AWS coming to South Africa, it makes it easier for smaller businesses to provide services to companies. This has provided us with the ability to host data and services locally, and we look forward to being able to geographically replicate services between regions. A further advantage with cloud hosting means you are able to create instances close to your customer, as well as comply with local regulatory laws, so for instance, most of our customers in South Africa required us to store data locally. When we need to service customers in a different geographic region, we can easily host our service and data layers in those countries, so it makes for easier sales in those regions. With cloud, you’re able to spin up more instances of your technology stack to handle the additional throughput if you need to scale your operations; and then wind down those instances when the load decreases. Not only are you saving on salaries, but you’re also optimising IT spend.

What are the key technologies your business depends on and what aspects of your technology create the most risk in your business? There are four main concerns that our business depends on:

Cloud hosting providers, and the location of their data centreswe are reliant on availability and scalability, as to handle the volume of data coming through our platform, we have placed specific emphasis on being able to scale all layers of our technology stack – from front ends, services, and databases.

Machine Learning, and the continual enhancement and investment in it – while there are some companies that provide ML-as-a-Service (AWS and Azure come to mind), we decided to invest in the technology and hired talented people to build these services for us. It provides us with exactly what we want, without needing to jerry rig the pieces of the puzzle together.

Scalable database technologies – since we provide real-time services for our customers, a database going offline is pretty disastrous for the company. We have used queues in most places to allow services to continue running if a DB gets knocked offline, and are starting to invest into database engines that are clustered by nature, although our document repository is fairly large and runs off of scalable NoSQL technology. We are looking to try and reduce our technology spread between database technologies, and use a unified database engine with multiple databases in the future.

Security technologies storing personal information brings with it the complexity of keeping it all secure. If our security layer faulters, we have the potential risk of data leaking from the business. We attempt to secure as much as we can, taking the security of information and services as a core to the business ethos.

What is the biggest technological challenge your clients are likely to face and how do you plan to use IT to help them gain competitive advantage?

Within the landscape that IGM operates, one of our core focus areas has been around Know Your Customer (KYC). In the current landscape in South Africa, this is largely a manual process, where a business customer needs to provide identification and proof of residence documentation in person.

In some financial industries, the individual is expected to provide this documentation when they reach the branch; in others, the company will send staff out to collect this information from their customers. This further burden is put on businesses with the new risk-based KYC laws that were passed, where based on the risk profile of a customer, they need to provide their FICA documentation on a more regular basis.

IGM has built a digital onboarding and KYC solution which allows us to collect, validate and verify a person, helping our clients manage their regulatory obligations with their customers. Our existing product allows a customer to completely FICA or RICA within 6 minutes, including the use of liveliness detection.

This gives our customers a competitive advantage as they can now remotely onboard their customers while complying with the local regulation. IGM has the capabilities to either build the UI layers, or provide access to our API which allows an organisation to build their own UI around our technology.

Finally, as the IGM ecosystem develops and grows, we move away from this concept of Self-KYC, where our clients use a white labelled version of our software, towards an era where any IGM user is able to interact with any IGM client. The difficulty here is getting our clients to see the advantages of participating in this kind of environment, as larger entities still fight over the ownership of personal information data, even though the upcoming regulatory changes in terms of POPI shift the data ownership back into the hands of the customer.