Part of applying for a loan is proving you are actually who you say you are. Part of it is for regulatory obligations like Know Your Customer (KYC), but a lot of it is for risk mitigation for the organization. This project solves for the latter. I designed a novel process that leverages vendor technology to enhance the fraud prevention experience for Ally and the user alike.

Problem Statement

When I was brought onto the Fraud project, our existing identity verification vendor was being phased out and replaced with a new vendor. The new vendor - we’ll call it “Vault” - came with a new set of requirements and capabilities. Our task was to retool our ID upload experience to accommodate the new requirements while also leveraging the new capabilities included.

Design Process

I started my design process by examining the existing flow. “If it ain’t broke, don’t fix it.” Immediately, I noticed that there was a lot of repeat data entry. For example, if you needed to verify your full name and your social security number, you would need to upload a file for each data point. The biggest consideration we needed to solve for was a way to give the user enough information to feel confident while keeping as much as possible away from bad actors that could use it to learn how to abuse the system. I resolved to keep the flow largely the same while fixing that key pain point and reducing shared information where possible.

Key Value

While this seems like a bog standard document upload flow, there is actually some nuance to it. Most ID verification systems explicitly state which IDs you need to upload for verification. In my design, I opted to allow the user to decide how they want to verify. So instead of saying, “we need a copy of your drivers license and your Social Security card,” we can say, “we need to verify your name and Social Security number.” As a user uploads documents to the system and tags them appropriately, we use progressive disclosure to

Final Product

Final Screens

Once a user uploads their documents and Vault checks them against the database, they receive an email letting them know that they’re good to go and that they should expect an update on their lending application soon. We got great feedback from senior leadership and the design tested will with users. The project was a success that helped mitigate fraud attempts while giving legitimate borrowers confidence in their lending application experience.