eKYC (Electronic Know Your Customer)
eKYC (Electronic Know Your Customer) is remote identity verification using document OCR, face capture, liveness detection, and face match scoring. In regulated onboarding, it replaces paper ID reviews with a digital flow that produces verifiable evidence.
Definition
eKYC (Electronic Know Your Customer) is remote identity verification using document OCR, face capture, liveness detection, and face match scoring. In regulated onboarding, it replaces paper ID reviews with a digital flow that produces verifiable evidence.
What eKYC replaces
The classical KYC flow asked a customer to walk into a branch, hand over a physical ID, and have a staff member eyeball the card against their face. It works, but it does not scale, and it does not produce the evidence trail a modern compliance team needs. eKYC replaces that workflow with a mobile or web capture that runs the same checks digitally: OCR the document, capture a live selfie, run liveness, compare the faces, and return a structured result that can be retained and audited.
The core goal is identical. The difference is that every step of the digital flow can be measured, logged, retained, and reviewed later, which is exactly what a card-scheme audit or regulator inquiry asks for.
The standard eKYC pipeline
- Document capture. The user photographs the front and back of an ID document on their mobile device. Edge detection and glare check ensure the capture is usable before OCR runs.
- OCR. Structured fields (name, ID number, date of birth, address) are extracted from the document image. The text is compared against what the user typed on the form. Any mismatch is raised as a discrepancy.
- Liveness-detected selfie. The user takes a live selfie. Active liveness challenges (blink, turn head) guard against replay attacks and printed-photo spoofing.
- Face match. A similarity score compares the live selfie against the document photo. A tunable threshold decides pass/fail; scores below the threshold route to manual review.
- Result bundle. Document images, selfie, OCR output, similarity score, and the pass/fail decision are packaged into an evidence bundle attached to the onboarding case.
eKYC inside KYB
For individual-focused onboarding (a consumer wallet, a buy-now-pay-later signup) a single eKYC pass covers the whole workflow. For merchant onboarding, eKYC is one layer inside a larger KYB process. The KYB flow resolves the legal entity against the companies registry first, pulls the real list of directors and controlling persons, and then runs an eKYC pass for each of them.
This layering matters. A merchant can declare five directors, but only the ones on the authoritative registry need to be face-matched. Anyone declared but not on the registry surfaces as a discrepancy on the case before the eKYC even runs.
Why threshold tuning matters
A face similarity score is a decimal: 0.92, 0.78, 0.64. The threshold that decides pass/fail is a policy choice, not a technical constant. A threshold that is too high rejects legitimate users whose capture conditions were poor. A threshold that is too low passes near-misses that should have been manually reviewed. Kenal AURA exposes the threshold as a per-acquirer configuration, so acquirers can set the operating point that matches their risk appetite and audit expectations. Every threshold change is logged alongside the evidence it affects.
Frequently asked questions
- What's the difference between eKYC and KYC?
- KYC is the regulatory goal: verify who the person is. eKYC is the electronic implementation: document OCR, liveness-detected selfie, and face match scoring, usually via a mobile device. Most regulators accept eKYC as equivalent to in-person KYC when the liveness and face match thresholds are met.
- What documents are typically used?
- In Malaysia, the MyKad national ID is the standard source. OCR extracts the full name, IC number, date of birth, and address. A selfie is captured with active liveness challenges, and a face similarity score compares the selfie against the MyKad photo. Other ASEAN markets use equivalent national IDs or passports.
- What happens when the face match fails?
- Below the configured similarity threshold, the eKYC result is failed and the case is routed to manual review. A human reviewer can override the result with a documented reason, or escalate to secondary verification such as a video call or a supplementary document. Every decision is logged.
- Is eKYC accepted under Malaysia PDPA?
- Yes. Malaysia's PDPA governs how personal data is collected, stored, and processed. It does not prohibit eKYC. Kenal AURA runs eKYC on a multi-cloud regional footprint (AWS Malaysia and GCP Singapore) and places Malaysian tenants on the Malaysia region so PDPA residency stays satisfied. Storage is encrypted at rest, access is role-based, and retention is aligned to card-scheme requirements.
See how Kenal AURA handles this in production
Kenal AURA is the merchant lifecycle risk operations platform for acquirers, PSPs, and fintechs across Malaysia and ASEAN.