The GDPR represents an opportunity, not an obstacle to improvement

May 17, 2018

Time’s up. As of May 25, 2018, the General Data Protection Regulation (GDPR) goes into effect in the European Union. The GDPR, designed to safeguard personal data, requires companies to tell customers what data they have on them and how they use it, and report data breaches within 72 hours, among other requirements. If they fail to comply, companies handling personal data from the EU face penalties of up to €20 million or 4% of global turnover, whichever is higher. Mitek is already GDPR compliant and to view more info on this, view our GDPR Compliance innovation page. 

Certainly, companies face major challenges, both financial and logistical, while racing to comply with the regulation. Yet, daunting as it may seem, there’s a silver lining to this cloud. That’s because the GDPR actually represents an opportunity for companies to improve their processes and strengthen the trust of new and existing customers.

As Steve Pannifer, COO of Consult Hyperion, said in one of our recent on-demand webinars, “There’s a strong connection between digital identity and successful and good implementation of GDPR.” And digital identity is the key to realizing gains in many other areas as well, including in the areas of customer confidence and process improvements.

The financial services industry provides a good case in point.


While the GDPR effects every company with customers in the EU, financial institutions are among those most directly impacted by the regulation. Banks will have to verify IDs online more often to guard against fraudulent accounts and logins that could result in compromised data that could, in turn, lead to fines.

But checking IDs aggressively can also mean locking out legitimate customers if done wrong. Already, according to LexisNexis Risk Solutions, two-thirds of financial institution leaders believe they’re losing business due to customers being flagged incorrectly as risky or potential fraudsters.

Then there’s the risk of putting customers through a laborious process only to have them bail out before they’re finished, and take their business elsewhere.

The solution for many banks, says Joe Bloemendaal, VP of Sales for EU at Mitek, in the webinar, has customers coming into a branch for identity verification. However, only a small percentage of customers actually does come in, and those who do often present insufficient credentials for completing the process. And they may never return.

The challenge is clear. Financial institutions now have to work harder to get more efficient at identity verification  and stay compliant with new regulations. There’s a lot of work to be done in this area. And the right digital identity verification solutions can make all the difference.


A dearth of standards for digital identity verification could spell chaos for companies scrambling not to fall behind. However, the absence of standards also means there’s a lot of room to improve and actually get ahead of the pack.

For example, “These institutions can think about the data that needs to be protected and isolate the personal data to minimize the risk to the rest of the bank,” says Pannifer. “Which means setting up some kind of personal identity store within the bank—an identity provider service.”

GDPR requirements such as the directive to provide customers access to their data on demand make identify verification doubly important. “You need to know who that request is coming from,” says Pannifer. “And if that person is someone you don’t have regular dealings with, it may well be that you need a mechanism to verify and determine that you are talking to that person.”

Additionally, in a time when customers expect instantaneous results from their digital interactions, methods of ID verification have to work quickly and efficiently without sacrificing security.


Fortunately, next-generation identity document verification technologies are quickly evolving. “The latest Apple device introducing facial biometrics helps to build momentum in this area,” says Bloemendaal. Banks are beginning to take advantage of facial biometrics to digitally verify identification. The technology allows verification systems to compare a customer’s just-taken selfie with his or her government-issued ID, say a driver’s license, to confidently verify a match.

State-of-the-art ID verification technologies can help companies remain in compliance even as they help them streamline operations, reduce hassles for customers, even improve sales. And as many companies have found, turnkey solutions that don’t require reinventing the wheel can also keep costs low.

In the webinar, Roel Boer, CEO of blockchain payments platform Nocks, says, “Onboarding and automating your customer checks and IDs is a no-brainer…without automation, Nocks wouldn't be able to grow as fast.”

To replace manual ID verification—which took up to 24 hours—Nocks turned to Mitek’s Mobile Verify. Within six months of automating their process, Nocks’s user base increased by 214 percent. “And our abandonment rate dropped drastically,” says Boer. “People are finding it much easier to sign up.”

Mitek’s full compliance with the GDPR further safeguards consumer privacy and reduces compliance risks. Mitek also abides by international mechanisms and standards for data protection for when companies need to transfer data across international borders. In short, Mitek is committed to helping its customers on their GDPR compliance journey. It’s all part of helping companies realize the opportunity represented by the new regulations.

To learn more, sign up for the on-demand webinar, “Digital ID Verification: Knowing Your Customer, Cutting Your Compliance Costs” at