KYC as a service
Know Your Customer (KYC) is a process that identifies and confirms that a customer is who they say they are.
This case study discusses how Design can help prevent fraudulent account creation and usage.
How might we verify profiles
OK Group specializes in developing blockchain technology and owns crypto exchanges OKX and Okcoin. OKG aims to own a dynamic and complete service-oriented architecture for all its brands, allowing Design to focus on experience and services instead of the complexity of the underlying logic.
The pilot of this project was its most critical service: Know Your Customer (KYC). Some of its achievements so far are:
KYC users
Conversion Rate, KYC 1
Role & process
I've worked with cross functional teams to guide the vision, strategy and solution design.
Product Designers
Addie Meira, Rich Wang, Suni Yang
Lead Designer
Margaret Sommers
Design Program Manager
Erin Newell
Design System
Angie Badillo, Cody Williams, Jacob Morrison, Tabitha Kim
Content Designers
Alex Pompliano, Benji Tobi
Ethan Hsiao, Jiehan Chen, Jiaxing Ding, Poe Nadi Hline, Rain Yu, Seah Jie Song
Android
Changching Chi, Junqi Ma
Backend
Shijing Lu
iOS
Kae-Jer Cho, Jackson Siu, Mike Maguire
Web
Adrian Chan
Business Analysis Manager
Tim Le
Chief Executive Officer
Hong Fang
Chief Experience Officer
David Geere
Chief Product Officer
Simon Ren
Founder
Star Xu
Head of Design
Kelly Battista
Deep dive into the Design process
Data on Amplitude, communication channels, and competitors analysis made it possible to understand KYC pain points
UX outcomes & hypotheses about the KYC problem were some of the insights from UXR
Wrapping user flows, trade-offs, and international cross-collaboration to provide the best experience
Testing environment, Jira tickets, and working closely with Engineering team made it possible to find and fix bugs
Track performance at an Executive Level and a Product Dashboard to understand the high level and detailed data
KYC, explained
As regulated financial services companies, crypto exchanges are required to identify the users on their platforms - and Know Your Customer (KYC) is just the way to do so once it confirms that customers are who they say they are.
This multi-step process is one of the first things users see when signing up for a new account. Before users can fully use crypto exchange services, they must provide personal information over several screens.
KYC helps prevent the creation and use of fraudulent accounts - a massive problem in the crypto world - besides improving customer transparency and building customer trust.
Users need KYC to be easier
Amplitude shows that since January 2021, +239k users have completed signed up at Okcoin, but only 30% have started the KYC1 flow. Of those who started, 89% successfully finished the flow.
Also, on the first seven days after signing up, users weren't perform actions like trading (17,9%) or buying crypto (5,85%).
Okcoin hired a third party to run a competitor analysis from crypto exchanges, which made it possible to understand that the most prominent players in the market have two KYC approaches:
Standard onboarding, where users have to go through all the identity verification and authentication steps in one go. Deposit and trade are only available after this.
Progressive onboarding, where users can access the app with restricted actions while identity isn't verified. It also allows user to pause their onboarding if needed.
By checking communication channels, PMS and I found out both Okcoin and OKX had KYC related problems, such as ID scan and instability of vendor's system.
Together with the PMS, I got to write some hypothesis about KYC problems
As a retail investor, I want to understand why I am providing my personal information so I can have confidence to provide them to your platform
Problem: KYC's guidance isn't clear, making users feel spooky about sharing personal information
As a retail investor, I want to have a quick verification time so I can start trading right away
Problem: App's current vendor (Jumio) has long delay when there is spike in volume, which causes backend issues
As a retail investor, I want to be able to restore pre-populated personal information, so I don't need to start the verification process from scratch
Problem: The entered information is not saved in the system, so users have to enter it again if they decide to leave the flow before finishing it
I feel safe giving my information to Okcoin
I am happy for having my profile verified so fast and easy
I feel relief I don't have to resubmit my personal information
The path to verify an identity
After the lead PM structured the architecture, the Design Team started developing the prototype. This helped me identify error cases and determine the best path for business goals.
Once crypto jurisdiction differs for each country, we've had to work with six scenarios. For instance, the US requires Social Security Number, while European countries ask for proof of address.
Around 2% of users that undergoes the KYC process provide information that matches with names on a sanctions list. These users are required to go through the Enhanced Due Diligence (EDD) Program to prove their identity and ensure that the heightened financial crime risk presented by the customers is addressed.The team decided to move forward with the first option to provide the same experience to all OKG products, allowing us to compare metrics in the future.
Designing for speed vs. scale
OKX started to prototype before Okcoin, so we had to deal with two starting points:
OKX screens, where the Lead Product Designer applied the Okcoin Design System to each screen designed by OKX.
User flows, where I've designed screens having user flows and current onboarding screens as a basis.
This highlight our trade-off: building for speed vs. scale which made us ask: can we translate current styles to the new flow, or should we design for the best scaling system?
The team decided to move forward with the first option to provide the same experience to all OKG products, allowing us to compare metrics in the future.
Designer&PMs &Devs
Most of the communication between the squad was asynchronous, through Figma, group channels, and a stand-up board document. We've also had
Catch-up meetings between Product Management, Design, and Engineering from Okcoin and OKX.
Working sessions at least twice a week, which mainly included Product Designers, Content Designers, and the Design System team
Some of the results of the cross-collaboration were
Implementation of address autocomplete having street address as a reference to prefill city, state, and postal code.
Display clear guidance about proof of address requirements.
Because the team was focused on the MVP, it was decided that the App would use a vendor to run ID and facial scans instead of building the scanning system internally.
It also was decided that the App would only allow the upload of image files, leaving PDF for the next iteration.It also was decided that App would only allow upload of image files, leaving PDF for next iteration.
I was the only designer who helped map bugs in the testing environment for iOS, Android, and web versions.
The workflow was (i) Test feature in the dev-environment, (ii) Find bugs, (iii) Describe it at a Jira ticket by adding a screenshot and actual/ expected behavior, (iv) Align priority with dev, (v) Retest to check if the bug was fixed.
The outcome
Next steps
Iterate
I have written a few ideas that can improve the users. For instance, adding a card about unfinished KYC to the App's homepage can provide artificial progress toward a goal, motivating users to complete the task (Zeigarnik Effect).
Develop services
Provide eligibility status for different types of transactions (eg. crypto to crypto, fiat to crypto) based on trader's current location and not just residence.
Takeaways
MVP is your friend
When time is short, working with a more plain and feasible version can make everyone's job more straightforward. Aligning ground rules or design goals (such as limitations, technical requirements, and focused priorities) can help guide the design.
Know your stakeholders
Acknowledging what people are essential for the project and who makes the final decisions is always critical. Once crypto jurisdiction changes according to each country, getting Compliance involved in every stage was significant.
Nothing great is built alone
If you have an idea in mind or just want to make a new friend, feel free to ping me!
