In many Indonesian companies, identity has long been treated as an operational detail — a requirement for compliance teams, a checklist for onboarding, or an administrative formality. But over the last three years, the risk landscape has shifted too drastically to rely on old assumptions. Synthetic identities, high-quality fake IDs, account farms, and engineered social manipulation now affect almost every sector — from fintech to transportation.
Regulators are moving too. KYC regulations, AML/CFT expectations, and audit trail requirements are tightening. At the same time, consumers demand fast, seamless onboarding with minimal friction. In this environment, identity is no longer a technical issue. It has become a governance, reputation, and competitiveness issue.
This article examines how business leaders in Indonesia are navigating identity risks today and why many are turning to eKYC and biometric verification. This is not a technical guide — it is a strategic perspective, written from one decision maker to another.
The Leadership Problem: Taking Identity Seriously Under Pressure
Every executive responsible for digital growth eventually faces the same set of trade-offs:
- Verification accuracy must improve — but operational costs must decrease.
- Onboarding must be fast — without compromising compliance.
- Fraud is getting smarter — but manual review can’t scale.
- Customers expect frictionless experiences — while regulators expect tighter controls.
What is less discussed is the cost of doing nothing.
“Not making a decision” about identity — delaying upgrades, retaining outdated processes, or relying on habit — is itself a decision. And increasingly, it is the most expensive one. Many fraud losses in Indonesian businesses come not from technology failures, but from managerial biases: believing that “our current system is still enough” or “fraud in our industry isn’t as bad as fintech.” In reality, identity risk today crosses industry boundaries.
Common Blind Spots: Why Identity Risk Is Still Underestimated
Despite rapid digital adoption, many Indonesian companies still carry outdated assumptions about identity.
- “OTP and selfies are secure enough.” This is the most common — and most dangerous — assumption. OTP is vulnerable to SIM swap, phishing, and social engineering. Meanwhile, selfies without liveness detection can be bypassed with printed photos, digital screens, recorded videos, or deepfakes.
- “Our industry doesn’t experience fraud as badly as fintech.” Evidence suggests otherwise. Underreported fraud is far more common in insurance, multifinance, BPR, e-commerce, and mobility. Fake or borrowed identities are used not only to obtain loans, but also to manipulate insurance claims, create duplicate accounts, exploit promo systems, or obscure accountability.
- “Manual review is safer than automation.” In theory, perhaps. In practice, humans get tired, overloaded, and inconsistent. Manual processes don’t scale, especially when fake identities become more sophisticated and visually convincing.
- “Biometrics are expensive, complicated, and error-prone.” This is an outdated view.
Today’s biometric systems are fast, device-friendly, and capable of operating under variable lighting, weak connections, and high traffic — making them more reliable and cost-effective than legacy methods.
Case Studies: How Indonesian Industries Are Responding
Rather than focusing on features, let’s examine the strategic shifts happening across sectors facing the highest identity pressure.
A. Fintech Lending & Multifinance: This sector faces a unique problem: synthetic identities — combinations of real and fabricated data that create a “convincing” borrower. ID borrowing is also rising, where individuals use another person’s data to access loans.
Fintech leaders increasingly recognize that OCR + selfie is no longer sufficient. They move toward biometric liveness detection and population database checks to eliminate room for manipulation. The impact: fewer fraudulent applications, better NPL control, and risk teams able to focus on strategic work instead of manual verification.
B. Banking & BPR: Banks — especially BPR — face a different constraint: traditional KYC requires face-to-face processes, consumes time, and is prone to human error. Offline verification is costly and slow. Decision makers in this sector are shifting to biometric eKYC for new customer onboarding, both in-branch and via mobile. When paired with authoritative identity matching, the result is faster onboarding, cleaner audit trails, and lower regulatory risk — without compromising user experience.
C. Insurance (Life & General): Fraud in insurance often appears during claims, not onboarding. Perpetrators manipulate identities, file duplicate claims, or use someone else’s identity to obtain benefits.
Forward-looking insurers now integrate biometric checks at claim submission — via branch offices, agents, or digital portals. This enables faster validation of legitimate claims and earlier detection of suspicious cases. Customers benefit from faster claim processing, while insurers gain better fraud control.
D. Mobility & Transportation: Mobility services — from public transportation systems to EV rentals and ride-hailing — operate under high volume and time-sensitive environments. Their biggest issue is account abuse: duplicate accounts, promo exploitation, and invalid identities that compromise safety.
Biometric verification is used as a fast, low-friction validation layer at entry gates or as part of user onboarding. The result: smoother passenger flow, fewer identity-related incidents, and better trust between users and providers.
The Decision Framework: How Leaders Evaluate Identity Systems
Mature decision makers approach identity technology with a broader framework, not just a feature checklist.
- Risk Exposure: How much is lost annually to fraud, manual review, operational inefficiencies, and potential compliance breaches?
- Regulatory Alignment: Does the solution meet expectations from OJK, AML/CFT guidelines, P2SK requirements, and audit trail standards? Executives evaluate not only for today’s compliance but for future regulatory shifts.
- User Journey Impact: Does verification accelerate onboarding and reduce friction?
Strong identity systems should improve user experience, not hinder it. - Scalability & Operational Load: Can it handle mid-range devices, poor lighting, weak connectivity, and fluctuating traffic volume?
- Trust & Brand Reputation: Identity is the foundation of trust. The more visible fraud becomes, the greater the reputational risk. Forward-thinking leaders treat identity as a strategic asset, not a cost center.
Closing: Identity Is a Strategic Asset — Not a Checklist
The most adaptive companies today aren’t those with the most complex technology, but those that make identity decisions clearly and decisively. eKYC and biometric verification are simply tools — part of a broader transformation toward trust-based business operations.
Ultimately, leaders must determine how they want their organization to be seen five years from now: reactive to fraud, or proactive in building trust. Technology is only the mechanism. Identity decisions are the strategy.
Last modified: December 3, 2025
