In September 2019, SentiLink was selected by the SSA to participate in the June eCBSV pilot, an electronic version of the SSA’s existing CBSV program. This new product offering presents several compelling options for risk teams in terms of preventing synthetic fraud as well as validating identities of applicants who may have been incorrectly flagged by legacy KYC solutions. This blog post is the second in a series of eCBSV-related content that we will be publishing as the program goes live.
For any product manager or risk management team, the ability to verify a name, date of birth, and SSN directly with the Social Security Administration presents several compelling options. One question comes up frequently: how should eCBSV be used?
Before discussing potential use cases, please note that eCBSV can only be used as part of a transaction — an account opening, loan or credit card application, credit limit increase request, etc. — and cannot be retroactively used on consumers for any purpose. In fact, declaring a specific purpose for eCBSV use is part of the consent requirements of the program.
Regarding use cases, two categorizations seem to emerge: purpose (compliance vs. fraud detection) and volume (all applications vs. exception flow). eCBSV can be used effectively at each juncture, though some inherent limitations in the SSA Numident file and matching logic need to be considered in order to make the overall implementation a success.
Let’s delve into each of these use cases more closely.
Compliance x All Applications
If an institution already requires SSA-89 forms as part of the onboarding or application process (e.g., mortgages, licensing requirements), eCBSV allows for faster completion, submission, and processing by nature of migrating the process online.
eCBSV can also be added to existing KYC processes as another verification layer. It should not, however, be the only KYC check an organization performs on its customers. The SSA anticipates that eCBSV will experience issues with unreported name changes, nicknames, typos, and other inconsistencies that, though harmless, could lead to low double-digit mismatch rates.
Compliance x Exception Flow
eCBSV can be used to quickly and easily obtain more signal on a subset of applications that existing KYC processes have flagged as risky, in lieu of asking for additional history or information to verify an identity. This can decrease onboarding or signup friction while providing similar rigor.
Fraud Signal x All Applications
Performing eCBSV checks on applicants as a first pass could allow institutions to increase the number of financial products provided to thin file consumers with limited credit history. This may be particularly useful to financial institutions with products designed for and marketed to those populations (immigrants, entry level credit, etc.). Due to the anticipated mismatch rate, however, eCBSV should be coupled with other services capable of reviewing the subset of applicants with no-match results in order to decrease false positives.
Fraud Signal x Exception Flow
Many institutions have fraud detection services and risk models in place. For these institutions, eCBSV may be a useful tool to obtain direct source information on applicants who have been flagged as high risk by existing models.
Alternatively, eCBSV could confirm the “risky” flag and institutions can then cite the no-match result as one of multiple reasons in an adverse action letter.
eCBSV will certainly help financial institution improve their operations and decision quality. However, the anticipated mismatch rate and lack of explainability around the binary match/no-match response makes it insufficient as a standalone solution for identity verification or fraud detection. Instead, the power of eCBSV lies in the unique SSA data assets, including state-level deceased data which hasn’t been publicly available since 2011. The use of eCBSV should be coupled with other identity and risk services, in which eCBSV serves as one of the important data points that inform a financial institution’s decision making process.