By Dev Chandrasekhar
The e-KYC (electronic Know Your Customer) process is integral to the operations of banks, and the finance industry, especially fintech startups the world over. It involves several steps, usually starting from customers uploading images of their ID documents or even cross-checking selfie videos of the customer holding up documents. This verification relies heavily on cross-referencing these images with existing records—a method aimed at ensuring that the individual presenting the ID is its legitimate holder.
However, the emergence of generative AI (GenAI) introduces new complexities to this already cumbersome process. Recent viral posts on platforms like X (formerly Twitter) and Reddit have shed light on how GenAI tools can be employed to manipulate ID images, crafting highly convincing deepfakes. These altered images are sophisticated enough to potentially bypass standard e-KYC checks that regulators, including the RBI, mandate on the finance sector.
Risk Amplified By GenAI Deepfakes
The use of deepfakes to tamper with digital identities affects not only basic ID photo validation but also makes enhanced security protocols irrelevant. For instance, various platforms have adopted liveness tests, which monitor real-time behaviours like head turns or blinking to verify someone's actual presence and authenticity. Yet, GenAI technologies have also managed to trick these liveness checks. This development marks a considerable increase in security threats, as creating believable fake images now requires less technical skill than before. The widespread availability of sophisticated photo editing tools allows fraudsters to commit identity theft and other digital crimes more easily and effectively.
Unveiling Power Of Verifiable Credentials
Verifiable credentials provide digital evidence of qualifications and personal achievements, securely attached to an individual's identity via cryptographic techniques, enhancing the reliability of e-KYC verification procedures in combating GenAI deepfakes.
These are more than mere digital analogues of physical documents. They encompass a broad spectrum of qualifications, achievements, or suitability proofs, such as educational certificates, employment certificates, or government-issued identification cards, reimagined for the digital age. Embodying the essentials of identification, issuing authority details, specific attributes, and constraints, each credential within this digital framework is inherently designed to be trustworthy and tamper-proof. The application of cryptographic signatures and decentralised ledgers ensures the integrity and authenticity of each credential.
Population-Scale Blockchains: A Keystone For Verifiable Credentials
The synergy between population-scale blockchains and verifiable credentials could be the linchpin in combatting the emergent GenAI deep fake threats for KYC. Blockchain provides a decentralised platform that is ideal for the anchoring and verification of digital identities, secure from tampering or falsification.
While blockchain and verifiable credentials offer promising solutions to the vulnerabilities exposed by GenAI, they require implementation on a massive scale to be effective. This means designing systems that can handle the verification needs of billions of users quickly and accurately, ensuring inclusivity and accessibility across global financial systems. ONDC’s Confidex, India’s population-scale instantiation of Dhiway’s CORD open-source blockchain, is a practical, on-the-ground real-world example of solutions with proven scalability and efficiency.
Enhancing KYC With Blockchain And Verifiable Credentials
Integrating blockchain and verifiable credentials within e-KYC processes presents a transformative approach to identity verification. It moves beyond the traditional reliance on cross-referencing documents with existing records, towards a model where identities are indisputably verified through cryptographic proofs and recorded on an immutable ledger.
This not only counters the threat posed by sophisticated deepfake technologies but also streamlines the verification process, making it faster, more secure, and user-friendly. Moreover, this integration promises a level of inclusivity hitherto unachievable, potentially extending financial services to unbanked populations by accommodating a wider array of verifiable credentials as proof of identity.
The Path Forward
The intersection of e-KYC processes and GenAI technology represents a critical juncture for digital security within the financial sector. As fraudulent actors gain access to increasingly sophisticated tools, the methods used to verify and secure identities must evolve at an equal pace. The potential of blockchain technology combined with verifiable credentials to safeguard digital identities offers a promising path forward.
Recent initiatives prove that infrastructural and technological challenges involved in the widespread adoption of population-scale blockchains and verifiable credentials can be overcome. Ethereum 2.0 and ONDC’s blockchain have shown that the integrity, privacy, inter-operative and reliability of e-KYC processes can be improved, better protecting against the ever-evolving threat of digital impersonation and fraud.
(The author is a Senior Research Fellow, Centre for Innovation in Public Policy, Indian Institute of Management, Kolkata)
Disclaimer: The opinions, beliefs, and views expressed by the various authors and forum participants on this website are personal and do not reflect the opinions, beliefs, and views of ABP Network Pvt. Ltd.