CRDB – Uganda’s Largest Indigenous Bank
OmniDefend authenticates workforce users and customers to help eliminate banking fraud.
Centenary Rural Development Bank had been looking for solutions to prevent banking frauds which were perpetrated by internal users as well as customers. The bank decided to implement an IAM solution to strengthen the current KYC process by using biometric authentication to verify the identity of a customer when they come to a branch to transact business. By using the same biometric authentication for employee logins, internal frauds linked to password sharing and theft would also be eliminated and a strong audit trail of transactions performed would be available.
Centenary Bank selected Softex’s OmniDefend Identity and Access Management solution to achieve the objectives laid down by the Bank’s IT risk management team. The final results are that 1.5 million customers will be using biometrics to transact business with Centenary Bank at their branches and other locations. In addition, 3000 employees use fingerprint biometrics to login to their core banking and to approve transactions. Finally, up to 10,000 users per week can be enrolled into biometrics using high-end 4-4-2 fingerprint sensors to reduce enrollment and verification times. At the end of the day, security is improved, customer satisfaction is raised, and overall banking fraud reduced.
Protected using biometrics
Using biometrics for logins
Biometric enrollments per week
Centenary Rural Development Bank Ltd. started as an initiative of the Uganda National Lay Apostolate in 1983 as a credit trust. It began operations in 1985 with the main objective of serving the rural poor population and contributing to the overall economic development of the country. In 1993, Centenary Rural Development Bank Ltd was registered as a full-service commercial bank. Centenary Bank is one of the leading microfinance commercial banks in Uganda, serving over 1.5 million customers with services accessed across 69 branches, 172 ATMs and the phone banking (CenteMobile) platform.
Centenary Rural Development Bank had been looking for solutions to prevent banking frauds which were perpetrated by internal users as well as customers. To address customer fraud, the solution developed was to strengthen the current KYC process by using biometric authentication to verify the identity of a customer when they come to a branch to transact business. The existing paper documentation-based processes were vulnerable to threats such as the creation of false aliases as well as unauthorized access due to identity thefts. The application would also serve as a secure access control for bank employees to the core banking systems for daily banking transactions Using biometric authentication, internal frauds linked to password sharing and theft would be eliminated and a strong audit trail of transactions performed by users would be achieved.
There were four main business objectives that were driving the requirements of this project.
In alignment with the business objectives, CRDB decided to deploy an IAM solution in order to achieve important and significant gains in security, efficiency and compliance enforcement. The following points were considered as mission critical requirements.
Centenary Bank selected Softex’s OmniDefend Identity and Access Management solution to achieve the objectives laid down by the Bank’s IT risk management team. OmniDefend covered three main areas of the banking process:
The bank’s workforce has been provided with a secure access mechanism using biometrics. This ensures that only authenticated internal bank users are accessing the core banking and other legacy systems. By adding the biometrics as a 2nd factor along with the existing password, users can not share passwords any longer to get unauthorized or aliased access to mission critical systems. In addition, the accesses to these systems is now fully recorded and auditing can be done to see which user accessed which system from which PC at what time and performed what action. As a result, internal fraud from password sharing and theft has been eliminated.
One of the prime requirements of the Bank was to ensure the removal of duplicates and false aliases in the customer database. This was required to prevent customers from fraudulently operating accounts under different and false identities. Biometric enrollment with a de-duplication process has been added to the customer onboarding process. Using this process, no customer can enroll under more than one identity and so unlawful activities as a result of identity aliasing and theft have been eliminated.
The OmniDefend application has been integrated with the Intrasoft PROFITS core banking system, to ensure that each banking transaction at the teller windows are validated and secured. When transacting business, the customers now perform biometric authentication to verify their identity. This ensures that fraudulent transaction through identity theft and aliasing will be detected and blocked. The final results are that 1.5 million customers will be using biometrics to transact business with Centenary Bank at their branches and other locations. In addition, 3000 employees use fingerprint biometrics to login to their core banking and to approve transactions. Finally, up to 10,000 users per week can be enrolled into biometrics using high-end 4-4-2 fingerprint sensors to reduce enrollment and verification times. At the end of the day, security is improved, customer satisfaction is raised, and overall banking fraud reduced.