# Electronic Know Your Customer(eKYC)
E-KYC is a process in which approved entities query a digital (and usually national) ID system to authenticate or verify their customers’ identities and, in some cases, retrieve basic information about them. E-KYC systems can improve the onboarding process by reducing or eliminating paper-based procedures and record-keeping, which reduces cost and time spent on verification, making it more profitable to provide services to low-income customers.
## eKYC in Southeast Asia
- In VietNam:
- [Hyperlogy produce Smart eKYC products](http://thoibaonganhang.vn/smart-ekyc-giai-phap-giup-ngan-hang-dinh-danh-khach-hang-dien-tu-82351.html)
for more information about [Hyperlogy](https://www.hyperlogy.com/vi/hyperlogy-se-trinh-dien-giai-phap-smart-ekyc-va-mobile-ekyc-tai-dien-dan-ngan-hang-ban-le-viet-nam-2018-ban-da-san-sang-trai-nghiem/)
- [FPT Shop apply OCR system identifies Vietnamese people's identity card](https://techinsight.com.vn/language/en/fpt-leads-the-market-of-id-card-identification-technology/)
- In Indonesia:
- [Bank Sinarmas Cooperates with ASLI RI Strengthening e-KYC Services](https://www.wartaekonomi.co.id/read217393/bank-sinarmas-gandeng-asli-ri-perkuat-layanan-e-kyc.html)
for more information about [ASLI RI](http://www.asliri.id/)
- [Innov8tif Solutions Pte Ltd](https://innov8tif.com/products/customer-onboarding-ekyc/) provide EMAS eKYC for Malaysia, Indonesia, Singapore and Southeast Asian Countries. [slides](https://www.slideshare.net/innov8tif/innov8tif-emas-ekyc-for-malaysia-indonesia-singapore-and-southeast-asian-countries-v14b)
## Machine Learning in the e-KYC
- Fill the details (Optical Character Recognition Technology)
- Complete IPV (In Person Verification) process over video call (Facial verification, documents verification(ID numbers), address verification)
**Note**: Documents verification(ID numbers), Address verification need secure, authenticated, government-issued electronic identification (eID).
## Challenging to implement e-KYC
- To prevent unauthorised or malicious users from getting access to the private and critical information of your end customers
- To protect your end customer’s biometric data from manipulation by authorised and unauthorised users to serve their malicious intentions or goals.
- To safeguard your organisation from data breach harms, protecting from legal harm, safeguarding the organisation's brand image, saving heavy penalties or even legal action against the system manager.
## Solutions
A hardware security module **(HSM)** is a physical computing device that safeguards and manages digital keys for strong authentication and provides cryptoprocessing. These modules traditionally come in the form of a plug-in card or an external device that attaches directly to a computer or network server.
Example: The eKYC data, such as ID numbers and biometric data, along with demographic data, needs to be protected and secured when the data is at rest, in transit or in processing within your organisation. eKYC will send the demographic data along with session key which is encrypted using the organisation's Public Key. The same would then be needed to be decrypted using the organisation's Private Key for further decryption of demographic data, only after which the next level of processing would be achieved. This circular mandates that these keys need to be generated within a FIPS 140-2 Level 2 or Level 3 HSM, and the Private Key should be stored inside the HSM and it should not be extracted outside the device at any given point of time.
For more information about HSM:
- Hardware Security Modules present by Paul Hampton [slides](https://rwc.iacr.org/2015/Slides/RWC-2015-Hampton.pdf)
- An introduction to the use of HSM [doc](https://www.nlnetlabs.nl/downloads/publications/hsm/hsm.pdf)
Sign in with Wallet
Connect another wallet