Ron Atzmon, AU10TIX, the global technology leader in identity verification: The challenge now is the proliferation of AI to the masses
The beauty of machine learning is the ability to rapidly process massive amounts of data in order to provide much more accurate results.
Ron Atzmon is Co-Founder and Chairman of AU10TIX, the global technology leader in identity verification and ID management automation. He is a successful serial entrepreneur with a 25-year track record of leading startups and developing businesses in the areas of technology, internet and finance.
From 2012 to 2020, Ron served as CEO of AU10TIX, pioneering the use of multi-channel ID authentication and record generation solutions that, in turn, have positioned the company as the technology leader and provider-of-choice of the world's major players in e-commerce and payments. He also serves on the board of AU10TIX parent company ICTS International N.V. (OTCQB: ICTSF).
Ron is a seed investor in technology disruptors FOXinGreen, Sardine, and Mesh Payments, and serves as a mentor at Barclays Techstars Tel Aviv Accelerator and London's Level39, one of the world's most connected technology communities. He holds a BA in Business Administration from the College of Management in Israel, and an MBA in Business Administration from the Imperial College of London, United Kingdom.
The company recently participated in one of the leading banking/fintech industry events, Money20/20 Europe. AU10TIX is a Tel Aviv-based company that has been in business since the '90s and handles ID verification, management and fraud prevention for some of the world's biggest companies, including PayPal, Santander, PayU, Google, Uber, Microsoft, Thomson Reuters, Coinbase and many more.
Mr. Atzmon, AU10TIX is now a global leader in identity verification and management technology. But how did you decide to start AU10TIX? And how is the market in Israel regulated when it comes to identification and payments?
Actually, the technology started from doing ID verification in an airport security company, and I was brought in to look for other interesting business opportunities because we were doing emigration at that time, and that was not a very competitive market. And when we were looking at what we could use the tech for, we read an article about banks getting fined for not doing proper KYC (Know Your Customer). And what the KYC process was, was checking documents, so that’s when we decided to pivot away from government and more into the financial sector, so this is basically how AU10TIX grew from a very small R&D unit of 12-14 people to more than 200 people. So we decided to address how we can help solve identity problems in regulated markets. Our first customer in the financial sector was, and still is, a company called Payoneer, who do cross-border payments on a global level. Though they are part-American/part-Israeli, their R&D center is in Israel, and they were looking for a solution to help them with their global KYC services, and that’s how we started to pivot in that respect.
Then later on, in 2014, we worked with Google on their world business and 2015 with Paypal and that’s how the company started to grow on global level. We do have a few customers in Israel, but it’s very marginal with regard to the revenue we are collecting on a global level.
In which countries are you working today?
We serve all our customers on a global level. We have customers in New Zealand, Australia, Japan, APAC, Africa, Europe, USA and Latin America, but the beauty of our business is that our solution is global and we are able to give a global service to all of our cutomers.
They can be based in India, Sri Lanka, Indonesia, Nigeria…. We look for customers on a global level; it’s not country-specific.
Is there any difference between the European market and the other markets you are working on, in terms of regulations?
Each country has its own rules and requirements. For example, in Germany, they are still working on – you still need to do a lot of what is called ‘video ident’. You need to get on a call with an agent, so he can review your documentation and prove who you are as a person. In Spain, there is a different regulation, UK has different regulations, Italy also has its own, so I would definitely say that, when it comes to working in regulated markets on financial services, there are different requirements per country. And it’s not just in Europe, but also in Asia, in…. Basically, each country in the world has its own regulations.
In Bulgaria, we prefer to do all these in person right now. I think the situation is pretty much the same in other European countries. You can tell me more about that. How do you authenticate people in different countries and how do they pay? I think there’s a big difference between Europe and Asia, for example.
The question is, what is the service that the end customer is looking to get? If it’s a banking service, a payments service, or transfering money, each country has its own needs and requirements. For example, in Israel, to do payments between people, there are two major apps: one called Bit and the other called PayBox, and that’s how most of the people move money between people. In the USA, you have Venmo by PayPal and Cash App by Square, so I would say that this is a much more local requirement and it’s tailored., On the cross-border level, you have big players like PayPal and Ant, but unfortunately I am not that aware of the regulatory requirements that exist in Bulgaria. I am not in a position to give you my perspective of the right approach for you and your local market.
Maybe the question is more about the experience you’ve had in other markets?
From our point of view, we’ve had a good experience. It is an issue of the government. The government needs to make a decision: what kind of flexibility and ease of life do they wish to provide to their citizens?
I do not think that, in that respect, Bulgaria is a unique market. It is all about the decision the government needs to make: are they willing to take a step forward and give their citizens an easier platform? We see that it is happening in Greece, Romania, and Turkey as well, so I don’t think there should be a big problem for Bulgaria to take that leap of faith. Bulgaria is a great country and Sofia is a place where there are a lot of technical companies specifically in the financial sector like Paysafe and Nuvei. Sofia is a major tech hub in that respect. The tech is there; the talent is there. I would expect Bulgaria to take the challenge, to take that leap of faith to have more financial capabilities in the digital space.
How does AU10TIX work and what kind of businesses can use the technology?
In the core, our core component is computer vision. So, like in the airport, we are able to look into your Bulgarian ID when you land in Greece or go to another country, for example. We are able to look at an image that you upload to your service provider and tell you if the ID that you have provided is authentic or not, if you tried to manipulate it or not.
Then basically the additional stuff: after you have presented your driving license or residence permit, or an ID card or passport. Then we compare your ID to a selfie that you submit to make sure that you are the right person behind that capability of trying to get a service or open a bank account. Then we take the data and look into our consortium and we see if we’ve seen you trying to log in to similar services, and to check to see if these interactions are positive or negative, basically to see if you are a fraudster or not a fraudster. We provide this service to anybody that needs to -- for example, if you want to open a bank account, if you want to make a payment, if you need to do alcohol delivery to your house and prove that you are over 18, if you need to to rent a flat in Airbnb, we also validate that you are legitimate person. If you want to do dating on Bumble, we provide the ID verification to Bumble. If you want to go play online roulette, we provide the service for 888.
There is a wide area of services that we are able to authenticate, whether it is gaming, dating, travel, payments, banking, alcohol delivery, ridesharing.
In all kinds of businesses, you can provide authentication services.
Correct. The service is customized based on the risk tolerance that businesses are looking to achieve.. If it’s more risky, we can make the system a bit stiffer; it if’s a bit less risky, we can make the system a bit more forgiving.
How do you use AI? We have been talking so much over the past weeks and months about AI. How do you use it in your technology, and how can it help prevent fraud and organized crime?
People say “AI,” but it is a very generic name that could be used for multiple things. We have been using AI for the last five or six years - it’s called “machine learning” - in order to improve our algorithms to detect fraudulent people and fraudulent transactions. The beauty of machine learning is its ability to process big amounts of data in order to give much more accurate results. The challenge is that what’s happened in the last couple of months is the proliferation of AI to the masses. So now, what was just in the hands of sophisticated companies like AU10TIX is now suddenly in the hands of people. They’re getting a taste of that technology and now the question is: What are they going to do with it? Will they use it in a positive way or in a negative way?
Are there now more risks of fraud increasing today? Or are there technologies that can prevent fraud and attacks? How is fraud growing now?
Well, it’s definitely growing, and we already see it, because the AI enables unsophisticated fraudsters with sophisticated tools. We definitely see these peaks, and it is a problem and it is a challenge. To be honest, I do not have a textbook answer for you in that respect, but definitely the accessibility of this stuff to people makes our life more complicated.
You’re right. We can use it for the right things, but we can use it for bad things as well. It depends on us.
Exactly! I don’t think anybody has a simple answer in that respect; it’s yet to be seen.
You are working with so many big companies like PayPal, Google, Microsoft and Uber. Could you share with us some of the most interesting AI fraud cases that you have detected?
I can tell you what is publicly exposed in the market. What we do for Uber, for example - it was not much for fraud, it was to deter criminals. We started to work with Uber in 2018 because Uber was trying to create a safer driver environment in the Latin America market. I am not sure that you are aware, but in Latin America, the usage of credit cards is relatively low. So when you order an Uber, you do not pay with a credit card; you pay cash. So what happened is that there were challenges because some criminals were trying to rob the drivers. Therefore, Uber wanted to use ID verification in order to make sure that everybody using the app is a legitimate person and not a robber. That’s one case we’ve been talking about. Another one is for 888. Again, we were dealing with fraudsters who were trying to deceive the operator with regards togaming.
The company just this week announced that its Serial Fraud Monitor protected businesses against $1.3 billion dollars' worth of ID fraud in Q1 alone. How did it happen?
Serial Fraud Monitor is a consortium tool where we track signals of fraud on a global level. We calculated the amount of fraud that was disclosed by our customers on a global level. We know the amount of attacks that have happened, and we know the value transaction of each attack we have prevented, so we’ve built a model that says, “This is the average fraud on one use case, and we know how many fraud cases we catch on a daily basis,” and we based the multiples on that.
The company recently launched Reusable ID in collaboration with Microsoft? Could you tell us more? What does it mean for you and the market?
The cooperation we have with Microsoft is on verifiable credentials. The next thing when it comes to identity is for people to have a bit more control of their identity, and this is the product we’ve been working with Microsoft on for the last three years. We actually launched it with a joint project in Microsoft themselves. We built it with them and they are our first customer for such a use case. We’re going to deploy it in some other markets. At the moment, we are only doing it in the US, but there is a use case on a global level.
As a global leader in identity verification and management technology, is AU10TIX planning expansion? If so, where?
On the verifiable credentials side, the first customer is an American use case, but tomorrow morning if there is a bank in Bulgaria that wants to work with us, we can do it tomorrow in Bulgaria. We are more driven where we see the demand come from. At the moment, we see more demand coming from the US, but if tomorrow morning we see a demand coming from the UK market, we can go that way, or to Bulgaria or Australia or wherever. We haven’t really focused on a specific market in general.