Business FAQ

View FAQ Overview
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form
CredoSDK
How long does it take to deploy CredoApp?

We can be up and running in pilot phase in less than two weeks. With it being a plug and play solution there is no need for long, cumbersome, integration.

CredoApp
How does CredoApp work to produce a score?

The CredoApp analyses the smartphone footprint only after the user has granted the required operating system's permissions and given her data privacy consent. Only at this point, the CredoApp proceeds with the credit analysis. The score is provided directly to the lender either via our web-based dashboard or the API. Our plug-and-play solution requires minimal IT integration and is light and fast for the borrower.

Scoring
What scoring technique does CredoLab use?

Our scoring solution utilises a proprietary Mobile App, CredoApp, developed to enable the launch of a digital scorecard. The app is used during the loan or credit card application process and provides CredoLab with a snapshot of the customer’s digital footprint. In combination with the bank's performance data, this enables the development of robust Big Data-based highly predictive scorecards that enhance the lenders' credit decisioning process.

About CredoLab
Who is CredoLab?

CredoLab develops bank-grade digital scorecards for any industry at the intersection with financial services from the best source of alternative data: smartphone and web behavioral metadata. CredoLab’s credit scoring platform generates customised digital scores built on over 10 million loan applicants across 50+ lending partners. Our bank-grade algorithm crunches over millions of features from opt-in smartphone metadata to find the most predictive behavioural patterns before converting them into credit scores.

Established in Singapore in 2016, CredoLab has powered almost USD 1 Billion in loans issued after analyzing about 1 trillion data points across 20 countries. We are backed by Fintonia Group, FORUM, and Walden International.

About CredoLab
What does CredoLab do?

Built on over 10 million loan applicants across 50+ lending partners, our AI-based algorithm crunches over millions of features from opt-in smartphone metadata to find the most predictive behavioural patterns before converting them into credit scores. These enable any lender to make the most granular assessments possible of their applicants.

Here's a quick look at how we make this happen in the most seamless, privacy-consented manner.

Getting Started
Who can I approach if I’m interested to know more about purchasing your product?

You can get in touch with one of our sales representatives to take the conversation forward. We will get back to you as soon as possible to show you a demo of our products  and know more about your business objectives.

CredoSDK
What is CredoSDK?

A simple plug and play data collection and credit scoring tool offered by CredoLab that can be easily integrated into your existing mobile application. Flexible APIs ensure that our scoring technology easily integrates with your existing IT infrastructure. CredoSDK enables companies to get started with AI credit scoring quickly with little hassle.

Scoring
What permissions need to be granted in order for the App to be able to collect data?

We collect data permissions from 8 main, broad categories-- Apps, messages, contacts, image and audio files, emails, calendars and downloads. We allow the customer to control which permissions they want to allow, and which they’d like to decline access to.

CredoApp
What is CredoApp?

CredoApp is a data collection and processing tool offered by CredoLab. The white-label app converts the customer’s smartphone metadata into credit scores, after getting explicit consent to access the device data. The score is then sent to your underwriting team for further assessment of the application.

CredoApply
What is CredoApply?

CredoApply is a comprehensive digital onboarding platform that facilitates all aspects of the customer application process. Built on CredoLab’s powerful AI credit scoring technology, CredoApply is packed with mobile intelligence to help manage all steps of the onboarding process, such as guiding customers through the application, KYC requirement completion, anti-fraud checks and digital credit scoring. With CredoApply, lenders can offer their customers a fully digitised and engaging onboarding experience. CredoLab’s advanced backend infrastructure ensures that customers enjoy a speedy time-to-yes while companies can profit from higher credit scoring accuracy.

Scorecard Development
What types of scorecards can we develop?

We can develop scorecards for all unsecured lending products including credit cards, personal loans, POS loan, payday loans, two-wheeler loans and auto loans. Our scorecards are effective with all user segments including new-to-bank and new-to-credit customers, and also to cross-sell to existing customers in developed and developing countries.

Partners
What are the benefits of partnering with CredoLab?

CredoLab has a wide ranging network that includes banks, consumer finance companies, auto lenders, online and mobile lenders, insurance companies and retailers. As a CredoLab partner, you will be in contact with an audience highly receptive to your offerings and business model. Read more on how the partnership will benefit your business here.

CredoWeb
What is CredoWeb?

A data collection toolkit that helps lenders score the applicants on desktop. The CredoWeb is a simple JavaScript that sits on the lender’s application web page to collect device fingerprint and behavioural data about the way an application form is filled in. The scoring algorithm uses a two-fold intelligence to assesses the creditworthiness of an applicant. It combines the device data insights with that of browser behaviour to get you a more predictable credit score for each applicant.

ScoreMe
What is ScoreMe?

ScoreMe is a light mobile app aimed at helping financial institutions generate demand for their loans and credit cards while improving the quality of the leads. Credo ScoreMe enables your applicants to see their digital credit score by simply downloading a mobile app on their smartphones. Our AI-algorithm identifies the best deserving customers and presents them with a link to the product of yours that they best qualify for.

Fraud Score
How does CredoLab generate the fraud score?

CredoLab has partnered with TransUnion, formerly iovation, to bring you the best in business anti-fraud solution. CredoLab and TransUnion, formerly iovation, have joined forces bringing a single mobile solution that uses smartphone device metadata to generate bank-grade digital scorecards and perform anti-fraud checks, in real-time.

Data Privacy
Does CredoLab collect personal data from the smartphone device?

No. All your customers’ personal data like messages and contacts are not accessed. The only information that some jurisdictions may define as personal would include: Android ID number and Geographic location based on file. This information is only used to deter fraudulent behaviour.

Aside from that, the bulk of the data that we collect is considered metadata, which translates to the data about the data. Furthermore, we access only anonymous data which we code them binarily, and only after the user has agreed to the required Operating System's permissions and granted data privacy consent. In doing so, CredoLab protects the end-users' anonymity whilst retaining the ability to detect fraud deriving from particular devices.

Data Privacy
Can you provide examples of metadata?

Examples of metadata would include: the number of events you schedule during work hours, the number of contacts saved per month, total number of apps upgraded in the last month, or the number of music files. We do not collect the personal contents, we just crunch the numbers.

Getting Started
How long would it take for us to go live after I reach out?

The typical journey we take with our clients involves:

  1. Understanding your objectives and challenges
  2. Signing of NDA
  3. Presenting proposed solution
  4. Finalizing terms and conditions
  5. Signing commercial contract
  6. Launching data collection
  7. Developing digital scorecard
  8. Redesigning underwriting process (after assessing outcomes)
  9. Rolling out digital scorecard

CredoSDK
Why should CredoSDK excite me?

This is a no-fuss, simple plug-and-play digital scoring tool. This product is highly recommended for businesses who already have an existing app with a substantial active client base. Our flexible APIs ensure that our scoring technology easily integrates with your existing infrastructure. CredoSDK enables companies like yours to get started with AI credit scoring quickly with increasing approval rates, while keeping your risk under control and start accepting more customers with CredoSDK. Find out more here.

Scoring
How many data points does are collected from the smartphone device?

CredoLab's scoring algorithm collects millions of data points on average from the smartphone device. The number of data points collected depends on the permissions granted, the operating system (Android, iOS) and its version, and the actual usage of the mobile device. In any case, the more permissions granted, the more accurate the score, the higher your chances of getting a better score.

CredoApp
Why should CredoApp excite me?

The very first white labelled app to be introduced from the CredoLab assembly line, CredoApp's AI-based scoring processes converts metadata from mobile devices into predictable digital scorecards. With CredoApp, you can now judge the creditworthiness and willingness-to-pay of customers with little or no traditional financial history like new-to-credit (NTC), millennials, self-employed and small business owners. Find out more here.

CredoApply
Why should CredoApply excite me?

CredoApply is a comprehensive digital onboarding platform that facilitates all aspects of the customer application process. Built on CredoLab’s powerful AI credit scoring technology, CredoApply is packed with mobile intelligence to help manage all steps of the onboarding process, such as guiding customers through the application, KYC requirement completion, anti-fraud checks and digital credit scoring. With CredoApply, lenders can offer their customers a fully digitised and engaging onboarding experience. CredoLab’s advanced backend infrastructure ensures that customers enjoy a speedy time-to-yes while companies can profit from higher credit scoring accuracy.

Find out more here.

Scorecard Development
How do you integrate your digital scorecard with our existing one?

We offer three scorecard integration options: merge, dual, and input.

  1. Merge: you can merge your existing scorecard with a CredoLab digital scorecard to create a more powerful, enhanced score.
  2. Dual: you can run the CredoLab digital scorecard in parallel with your existing scorecard to assist in your decision making.
  3. Input: you can use the CredoLab digital score as one additional characteristic in your existing scorecard.

Partners
What are the partnership options available with CredoLab?

Currently we have three kinds of partnership options available to you.

  • Data partnership
  • Co-innovation partnership
  • Technology partnership

Visit our partner page to know more on each of these options.

CredoWeb
Why should CredoWeb excite me?

Forward to our flagship offering, CredoApp, CredoLab brings you a two-fold intelligence tool that assesses the creditworthiness of your customers based on browser data, in addition to smartphone data. The new web toolkit combines the device data insights with that of browser behaviour to get you a more predictable credit score for each applicant with just a simple strip of JavaScript. Find out more here.

ScoreMe
Why should I use ScoreMe?

ScoreMe is a light mobile app aimed at helping you generate demand for your loans and credit cards while improving the quality of the leads. ScoreMe enables each applicant to see their digital credit score by simply downloading a mobile app on their smartphones. Our AI-algorithm identifies the best deserving customers and presents them with a link to the product that they best qualify for. Find out more here.

Fraud Score
Is the credit score and fraud check done at the same time?

Yes. While our scoring algorithm crunches the consented device metadata to provide you with a reliable credit score, TransUnion’s FraudForce uses device recognition and intelligence technology to track over 45 types of fraud and abuse. All this happens in a matter of seconds giving you the fraud score and the credit score on the applicant in real-time.

Service-Level Commitment
SLA on score generation

Our standard SLA with most clients is no more than 1 minute but 97% of our transaction records show is less than a second for our clients to see the results.

Service-Level Commitment
Quality Support

Credolab agrees, represents, and warrants to provide the Client with quality support and access to knowledgeable personnel at all times. CredoLab provides a multi-level support to the Client executed by the both Customer Success Manager and the Technical Support team. Incoming requests are prioritized according to its scale and duration of impact on production:

  • Level 1, Customer support (General requests, minor issues. This is a transitional level for incoming requests).
  • Level 2, Technical Support (Minor issues with high priority).
  • Level 3, Technical Support (Major Issues).


About CredoLab
Why does CredoLab collect smartphone data?

CredoLab collects the anonymous, non-personal metadata from the smartphone device to calculate the user's credit score in order to predict the default rate. Of all the alternative data available - social, phone bills, psychometric data etc - smartphone metadata is the most predictable and non-intrusive.

Refer to the table below to see how each of CredoLab's products handles data.

Data Privacy
How do I know CredoLab only collects metadata and not any personal information?

CredoLab only reads permissioned information and transforms them into anonymous data about other data (metadata). If you could take a look at the data CredoLab’s scoring algorithm processes, it would be as below:

A screenshot of a cell phoneDescription automatically generated

We have had independent annual auditors (Ernst & Young, (2018) and eShard (2019) verify that our product do not have any exploitable vulnerabilities. 


Getting Started
How do you price your offering?

CredoLab follows a pay-per-use business model. You will pay a one-time setup fee and then a fee per score request, just like you would with a credit bureau.

  • Platform Set-up Fee: The platform setup fee is a one-time fee that covers the integration of the SDK or the customization of the White Labelled mobile app/web tool-kit, support during the data collection phase, the development of the very first scorecard and its fine tuning for up to 12 months.
  • Fee Per Score: We charge a fee calculated based on the number of requests received every month. The fee amount depends on volumes generated. The higher the volumes, the lower the fee per score. You pay this fee only when you start using our solution.

CredoSDK
How big is the CredoApp application?

The actual size would depend on the number of permissions your app is allowed to collect. On average, the SDK is about 250kb big and can be operated on both operating systems (iOS and Android).

Scoring
How long does it take to generate the credit score?

The process is completed faster than you can say "CredoLab". The app begins accessing data only after the customer has granted the required permissions. Within seconds the score is generated and sent to the underwriter. Do note that all CredoApp does is take a 'snapshot' of the device usage and does not track information over time. Once the score has been successfully sent to the backend, the app is defunct and can be deleted.

CredoApp
How big is the CredoApp?

The CredoApp 3.0 version is approximately 2MB in size.

CredoApply
What kind of data does CredoApply collect?

CredoApply collects two types of data: personal data and anonymous mobile digital footprint. The personal data is transferred right away to the financial institution via a secure API. No personal data is stored on CredoLab`s servers nor shared with other 3rd parties.

The mobile digital footprint is collected anonymously in the form of metadata. This metadata is only used only to calculate credit score and to determine the outcome of your application. We then determine the correlation between your applicant and the predicted default rate.

You can get more information on how we handle the data under our privacy policies.

Scorecard Development
What is the Gini coefficient of an average CredoLab scorecard?

The Gini coefficient of CredoLab's scorecards varies from client to client. As of today, CredoLab has consistently delivered scorecards with an average of 30% higher Gini coefficient than the traditional scorecards used by the client.

Partners
Who are CredoLab's current partners?

Within a short span of time, CredoLab has grabbed the attention of the right kind of businesses who have partnered with us to offer a wholesome solution to our clients.

CredoWeb
What is the two-fold intelligence that CredoWeb provides?

CredoWeb focuses on two levels of analysis: Behavioural Application Analysis of the user and Anti-Fraud Checks of the device.

ScoreMe
How big is the ScoreMe application?

The ScoreMe application is approximately 2MB in size.

Fraud Score
What are the different kinds of fraud checks conducted by the fraud check algorithm?

Our fraud check algorithm protects you from 45 types of fraud and abuse:

  • Payment fraud
  • New Account Fraud
  • Application Fraud
  • Policy Violation
  • Account Takeover
  • Claims Fraud
  • Loan Default
  • Identity Theft
Service-Level Commitment
Response times

Incidents are prioritized based on severity level below to ensure that those with the highest business impact are resolved first. Technical support resources are available during local business hours.

  • Level 1: Critical Service Impact (A service failure or severe degradation. Case critically affects the primary business service). 4 business hrs first response time, 24 business hours resolution time.
  • Level 2: Significant Service or Implementation Impact (A service failure or severe degradation. Case critically affects the primary business service). 6 business hrs first response time, 72 business hours resolution time.
  • Level 3: Moderate Service Impact (Product features are unavailable but a workaround exists). 8 business hrs first response time, 10 business days resolution time.
  • Level 4: No Service Impact (Non-critical cases, general questions, enhancement requests, documentation cases, issues that have very little to no impact on functionality). 12 business hrs first response time, 15 business days resolution time.
About CredoLab
How does CredoLab collect the data from the smartphone?

CredoLab collects the metadata from the smartphone after requesting for permissions from the applicant explicitly, without any vague or misleading statements. CredoLab strives to ensure there is complete transparency and that the applicant has control of what happens to his/her data. Only if and after the permission is granted does the application access the metadata and generate the score. The score generated is sent directly to the lender. No other data leaves the phone nor is the score, data or insights shared with any third party. After the scoring, the user can delete the app as it is complete defunct and does not function in the background.

Depending on yourbusiness practices and objectives, the data collection is done using CredoApp, CredoSDK, CredoApply, or CredoWeb.

Data Privacy
Is the interface between your clients and the service platform encrypted?

Yes, CredoLab's end-to-end communication protocols are encrypted.

Getting Started
Once we have signed the contract, how long does it take to go-live with your digital scores?

There are 4 stages to getting started with CredoLab.


A close up of a mapDescription automatically generated

Stage 1: Data Collection


The first stage involves collecting data on your customers. This can be done through CredoWeb, CredoSDK, CredoApp or CredoApply. The objective of this stage is to feed a good sample of data sets to the scoring algorithm in order to build final, custom scorecard for your business. This includes both good and defaulting customers. Ideally, we suggest having at least 300 defaulting customers in the data mix to ensure the algorithm is trained how to identify these customers and flag them. The duration of this stage varies from two to three months depending on the availability of data.

Note: no scores are generated at this stage. Merely collection of data is done to train the scoring machine/algorithm.

Stage 2: Outcome Window


This refers to examining the outcome of the credit disbursed during the start of the data collection stage. The scoring algorithm used this to match the features of applicant to their outcomes. Thus, the more data and their outcomes are fed into the machine, the more comprehensive the learning, and the more accurate the scoring algorithm gets. This stage starts form the first month and can last up to three months depending on the availability or satisfying mix of data to feed into the algorithm.

Stage 3: Model Development


Once we have the data and their outcomes, our standard scoring model is tweaked to customize it for your business, market and objective. The machine/algorithm is trained to identify a defaulting and fraudulent customer from day 1. This stage takes up to one week to complete, depending on the complexity of the features considered for scoring.

Stage 4: Production


After testing the customized scoring algorithm and ensuring it works perfectly, we then roll it out and make it live to be used by you. You can start generating scores now.

CredoSDK
What is the size of the average datasets?

The file containing the metadata used to calculate the credit score is no bigger than 120kb.

Scoring
Can the App collect data in the background?

No. The only time the app is active is when the customer initiates the scoring process. Once the score is sent to the backend, the app is defunct. It does not access any data or remain active in the background. The customer is free to delete the app right after the scoring is done.

You can get more information on how we handle the data under our privacy policies.

CredoApp
What is the size of the average datasets?

The file containing the metadata used to calculate the credit score is no bigger than 50kb.

CredoApply
How big is the CredoApply App?

The App is approximately 7Mb in size.

Scorecard Development
How does CredoLab develop its digital scorecards?

We have arrived at this 7 step process of developing a scorecard after years of analysis of what goes into designing the perfect engine that can assess the creditworthiness of each applicant efficiently. Each step is executed closely with your team to ensure its customized to your objectives, business, and markets amongst other relevant factors. Here's a snapshot of what the process looks like:

Partners
How can I be a part of CredoLab's partner ecosystem?

Get in touch with us at partners@credolab.com with your information and our partnership team will get in touch with you right away.

CredoWeb
What does Behavioural Application Analysis entail?

CredoLab’s Behavioural Application Analysis is a new solution that assesses users while they apply for a loan or credit card on a lender’s or aggregator’s website. CredoLab’s Behavioural Application Analysis uses behavioural metrics to build profiles of users’ behaviours that include:

  • How they type, the keys that they press and how they press them?
  • How they move the mouse on the screen?
  • How quickly they answer questions that they should know?
  • How slowly they answer questions that they may not know immediately?
  • How they swipe left to right on a mobile platform or utilize other gestures?
  • How uniform is the typing rhythm?

Through the behavioural monitoring of a user’s loan or credit card application, we provide lenders with a new credit assessment tool based on users’ actions. We crunch these metrics with an algorithm that also accounts for behavioural variances across platforms and can detect if automated activity might be involved (for instance, a bot for application form completion or past e o r autocompletion tool).

CredoLab’s Behavioural Application Analysis seamlessly integrate in any mobile app and website. It collects behavioural metrics via a simple JavaScript that enriches the credit assessment without introducing any friction in the user experience.

ScoreMe
How does ScoreMe function?

Once downloaded, the ScoreMe requests for permissions to be granted to access the metadata of the smartphone and process the data into a credit score. On approving the access, the customer can immediately see his/her score. The customer is then presented with possible products that they are eligible to apply for. On picking their preferred product, the request for application and the score is sent to your team. This provides a pre-approved list of quality leads for your sales and underwriting team to process further.

Fraud Score
Does the fraud score check any additional data access?

No. The fraud check is done with the same meta data accessed after explicit consent is taken from the customer. The customer is given full information on how and for what purposes the metadata collected will be used while requesting for access. We believe in complete transparency and do our best to ensure your customers know they are in full control of their data – even though its non-identifiable metadata.

Service-Level Commitment
Error handling

CredoLab agrees, represents, and warrants to use commercially reasonable efforts to resolve errors in a manner consistent with the requirements of the Client, the Agreement, the Services, and our SLA. CredoLab shall use the standard HTTP response codes to indicate specific failure modes. The high-level breakdown of the standard HTTP error conditions and how Client's system will interpret these are as follows:

  • 2xx:  Supplier API has received, understood, and accepted a request.
  • 3xx:  Further action is required in order to complete the request.
  • 3xx: An error occurred in handling the request. The most common cause of this error is an - invalid parameter.
  • 5xx: Supplier API received and accepted the request, but an error occurred while handling it.
Data Privacy
What kinds of data do you collect?

CredoLab collects privacy consented, non Personally Identifiable Information (PII) anonymous metadata, such as:

  • SMS, Log, Email, Network: We analyse SMS, Email and Network communication activity, not actual content, including frequencies, ratios, intervals between actions, distribution, and entropies.
  • Contacts: We analyse the address book and correlate it with the communication activity including existing contacts or unknown ones or short numbers without moving any contact outside the mobile.
  • Device: We analyse all characteristics of the device including the model, display size, RAM size, storage size and utilization, age of the device.
  • Browsing History: We analyse the browsing history including browsing patterns, preferences or simply intent to apply for a lending product.
  • Applications: We analyse the type of apps including competitive lending apps, office applications, e-wallets, and suspicious ones such as TOR or VPN.
  • CredoLab can also collect Non-anonymous data: In this mode, the CredoApp and CredoSDK collect the content of text messages, the actual phone numbers, the names and details of contacts in the address book, the geolocation and other personal data. This approach allows your institution to dramatically increase the accuracy of KYC while opening up new use cases including skip tracing and collections management.

Getting Started
Once we reach production, how can my underwriting team start generating scores on the applicants?

For each applicant you receive, you can generate a unique ID from the backend and send an SMS/Email to the applicant giving them instructions on how to proceed with the digital score generation. You can view the entire process in the video below.

CredoSDK
Once I have integrated the SDK into my app, how can I start scoring my customers?

Refer to Scoring to know more on how to kick off scoring your customers. Watch the video below to get a quick understanding how the customer would use the app once ready.

About CredoLab
How does CredoLab convert smartphone metadata into digital scorecards?

CredoLab has developed a proprietary statistical methodology that calculates a credit score based on the metadata available on mobile devices of the applicant. To know more about our scoring algorithm and how it processes the data, take a read at the white paper by Dr. Xiaofei (Susan) Wang, PhD, Lecturer and Research Scholar, Department of Statistics and Data Science, Yale University, where she tests the accuracy of our scoring algorithm and explains how CredoLab’s AI-powered scoring algorithm generates highly predictive credit scores.

Alternatively, you can reach out to us and we will be happy to take you through our scoring process.

Scoring
What if the customer refuses to grant permissions to access the device data?

Then CredoLab will not be able to generate a score for that applicant. The score is generated based on the information allowed to access.  The more permissions granted, the more accurate the score will be reflected and thus, higher the chances of getting a better approval score.

CredoApp
How does CredoApp function?

CredoApply
What permissions need to be granted in order for CredoApply to be able to collect data before scoring?

We collect data permissions from 8 main, broad categories-- Apps, messages, contacts, image and audio files, emails, calendars and downloads. We allow the customer to control which permissions they want to allow, and which they’d like to decline access to.

Scorecard Development
What info can I see during the scorecard development phase?

During the scorecard development phase you will be able to monitor the progress of datasets uploaded but will not receive a score. The very purpose of the data collection phase is to collect enough dataset required to tailor-make the scorecard model. After you approve the scorecard, we then put it into production and starts charging a fee per requested score. At the end of the pilot you will receive the scorecard and the underlying features.

CredoWeb
What does the Anti-fraud Checks of CredoWeb entail?

CredoLab’s Anti -Fraud Checks help you assess the devices used to apply for a loan or a credit card. In collaboration with TransUnion, previously iovation, CredoLab’s new anti-fraud solution analyses the context of an application on mobiles, computers, and tablets and helps answer the following questions:

  • Is this a new device or have we seen it before?
  • Is device being evasive?
  • Are there geolocation risks?
  • Are there device risks present?
  • Does device have history of fraud?
  • Is device associated with other devices that have fraud history?

Through mobile device intelligence, we offer a new anti-fraud tool that helps you accurately separate the fraudsters from your good customers by identifying:

  • Evasion techniques: Transactions originating from TOR networks, use of a proxy server, or use of mobile
  • Device anomalies: Location mismatches, time zone and IP address changes, and transactions that originate from known high risk locations, IPs, or ISPs.
  • Risky device behaviours: High transaction volumes, too many accounts and/or geolocations per device, and past history of fraud or abuse.

CredoLab’s Anti-Fraud Checks seamlessly integrate in any device. It collects metrics via a simple JavaScript that enriches the credit assessment without introducing any friction in the user experience.

Service-Level Commitment
Data protection

CredoLab agrees, represents, and warrants not to post, transmit, retransmit, or store material on or through the CredoLab Infrastructure that:

  1. is in violation of any applicable local, state, federal, international law, regulation, treaty or tariff; or
  2. violates the rights of any person, including rights protected by copyright, trade secret, patent or other intellectual property or similar laws or regulations, including, but not limited to, the installation or distribution of pirated or other software products that are not appropriately licensed for use by CredoLab.

CredoLab agrees, represents, and warrants to comply with data protection laws and regulations that apply to the performance of its obligations under this SLA and to process any personal data (including any which forms part of the Client's Data) as a result of, or in connection with, the provision of the Services to the Client strictly in accordance with Clients’s instructions and/or all applicable data protection laws and regulations and not otherwise. CredoLab agrees to take reasonable, appropriate technical, business, and organizational measures against accidental, deliberate, or unauthorized destruction, loss, alteration or disclosure of any data and implement adequate security programs and procedures to ensure that unauthorized persons do not have access to any equipment used to process personal data as part of the Services.

CredoLab agrees, represents, and warrants not to use or disclose Client’s Data or any end-user data, except to perform the Services and conduct activities authorized in this SLA.

ScoreMe
What permissions need to be granted in order for Credo ScoreMe to be able to collect data before scoring?

We collect data permissions from 8 main, broad categories - Apps, messages, contacts, image and audio files, emails, calendars and downloads. We allow the customer to control which permissions they want to allow, and which they’d like to decline access to.

Data Privacy
You collect so much of people's data. What if it leaks out?

With the anonymous approach, CredoLab focuses on protecting the users’ data privacy. Even if users’ data are stolen, it would be impossible to identify neither a user, or any of her contacts, or fetch any other information from a data set. CredoLab does not collect the content of messages or emails, phone numbers, contact names, geolocation or any other personal data.

Getting Started
What is the unique ID for?

In order to maintain the anonymity of the applicant, CredoLab connects every end-user's application to a unique identifier generated from the backend by you. This identifier could be the card/loan application number, or any alphanumeric combination. Only you will be able to see who this ID belongs to.

CredoSDK
What permissions need to be granted in order for the App using your SDK to be able to collect data before scoring?

We collect data permissions from 8 main, broad categories-- Apps, messages, contacts, image and audio files, emails, calendars and downloads. We allow the customer to control which permissions they want to allow, and which they’d like to decline access to.

About CredoLab
What sets CredoLab apart?
  • Data sources: CredoLab uses permissioned metadata (defined as data about other data) to arrive at the credit score. No private nor sensitive information of the applicant is accessed or moved out of the mobile phone.
  • One-time analysis: Unlike many alternative data-based scoring solutions, CredoLab’s algorithm analyses data only once, at the time of application after explicit consent is received from the applicant. Other players that rely on browser data or social media data scrape the personal information of the customer on a regular basis for a long period of time, some perpetually.
  • Scalability: The AI-based algorithm learns and becomes more accurate and predictable as more data is fed into it. Therefore, the larger the set of data observed, the better the scoring.
  • Privacy: Applicant’s data is of the utmost importance to CredoLab. We explain what data we access, why we access it, and how we process it in full transparency. The Privacy Policy is publicly accessible to all users in multiple languages. Furthermore, CredoLab’s app does not proceed with any credit analysis unless the privacy consent and the necessary mobile Operating System’s permissions are given. Once these are received, the app captures only metadata, not private or sensible data. Once the data is analysed, the results is shared only with the lender tagged to a unique, randomly generated identifier, and not shared with any third party.

CredoApp
What permissions need to be granted in order for CredoApp to be able to collect data before scoring?

We collect data permissions from 8 main, broad categories-- Apps, messages, contacts, image and audio files, emails, calendars and downloads. We allow the customer to control which permissions they want to allow, and which they’d like to decline access to.

CredoApply
What if the customer refuses to grant permissions to access the device data?

Then CredoLab will not be able to generate a score for that applicant. The score is generated based on the information allowed to access.  The more permissions granted, the more accurate the score will be reflected and thus, higher the chances of getting a better approval score.

Scorecard Development
What happens during Data Collection?

Data collection is the process consisting of two steps: Gathering information from customers and Gathering information using the performance data.

In the first step, information is collected from the customers using White-label CredoApp, White-label CredoApply or CredoApp SDK. During this phase you can monitor the datasets uploaded onto CredoLab' servers to check it's quality (no duplicates etc). The data collected is used to train the AI algorithms used to select the most predictive delinquent behavioural patterns.

In order to build a tailor-made scorecard, you also need to provide us with performance data for the disbursed credit alongside the collected metadata from the customers. This performance data file should contain a binary target indicating if a borrower is “good” or “bad” (from credit risk perspective).

Given the behavioural nature of the score, we will tailor-make each scorecard based on the particular population and product that you want to assess.

CredoWeb
How big is the CredoWeb JavaScript?

Sizing is minimal as we simply implement a few lines of coding to embed the data collection and scoring algorithm into the application web page.

ScoreMe
How long does it take for ScoreMe to collect and process the data, and generate the credit score?

The process is completed faster than you can say "CredoLab". The app begins accessing data only after the customer has granted the required permissions. Within seconds the score is generated and presented to the customer. Do note that all ScoreMe does is take a 'snapshot' of the device usage and does not track information over time. Once the score has been successfully generated, the app is defunct and does not scrape any data in the backend.

You can get more information on how we handle the data under our privacy policies.

Service-Level Commitment
System monitoring

CredoLab agrees, represents, and warrants that it uses data leakage protection (DLP) mechanisms, network security via TLS, access control policy, system development lifecycle (SDLC), encryption protocols, software baseline configuration system, network security and firewall management, intrusion detection and/or prevention systems (IDS/IPS), environment segregation for relevant systems, and security logging and monitoring policy, among others. These help with the daily monitoring and performance of servers.

Data Privacy
Are any users' personal data shared with the vendor? If so, provide the list of data areas.

No. CredoLab doesn't collect and share user's personal info

CredoSDK
How long does it take for the App with your SDK to collect and process the data, and generate the credit score?

The process is completed faster than you can say "CredoLab". The app begins accessing data only after the customer has granted the required permissions. Within seconds the score is generated and sent to the underwriter. Do note that all the app needs to do is take a 'snapshot' of the device usage and does not track information over time. Once the score has been successfully sent to the backend, the app needn’t access any more information for scoring.

You can get more information on how we handle the data under our privacy policies.

CredoApp
How long does it take for CredoApp to collect and process the data, and generate the credit score?

The process is completed faster than you can say "CredoLab". The app begins accessing data only after the customer has granted the required permissions. Within seconds the score is generated and sent to the underwriter. Do note that all CredoApp does is take a 'snapshot' of the device usage and does not track information over time. Once the score has been successfully sent to the backend, the app is defunct and can be deleted.

You can get more information on how we handle the data under our privacy policies.

Scorecard Development
Is there any specific requirements for the data being used to train the AI algorithm?

In order to build a robust scorecard, we recommend to collect metadata of about 5,000 users of which at least 300 to 500 are defaulters. The total number of uploaded datasets will depend on default rate, approval rate, and penetration of the mobile apps.

CredoApply
What is the difference between the light and full versions of CredoApply?

The CredoApply comes in two versions- full and light. The former offers a longer application which requires the customer to fill in more data, whilst the latter is quicker to fill in and requests lesser data.

CredoWeb
What permissions need to be granted in order for CredoWeb to be able to collect data before scoring?

No permissions are needed because our web solution only monitors the customer's behavioural pattern within the process of application. It is essentially a single-session data capture process.

ScoreMe
Can the ScoreMe collect data in the background?

No. The only time the app is active is when the customer initiates the scoring process. Once the score is sent to the backend, the app is defunct. It does not access any data or remain active in the background. The customer is free to delete the app right after the scoring is done.

You can get more information on how we handle the data under our privacy policies.

Service-Level Commitment
System availability

CredoLab agrees, represents, and warrants to undertake commercially reasonable measures to ensure that System Availability equals or exceeds the SLC of 95% during each calendar month, excluding Maintenance Windows, provided that any Unscheduled Downtime occurring as a result of the following exclusions: (i) incompatibility of Client’s equipment or software with the CredoLab Infrastructure; (ii) performance of Client's systems or website; or (iii) Force Majeure or (iv) any other circumstances that are not within CredoLab’s control which for purposes of this SLA is limited to scheduled or unscheduled interruptions caused by third party service providers (e.g., third party networks, domain name registrars) and outages on the part of internet service providers, shall not be considered toward any reduction in System Availability measurements or the application of Service Credits provisions. CredoLab shall comply with the following API requirements:

  • API Performance: Ability to handle a minimum request rate of 1 request per second (Supplier’s API should be able to serve at least this rate of requests). Ability to handle a maximum request rate of 20 requests per second (Supplier’s API should be able to “burst” to this maximum rate of serving requests). Each API Response should have an average response time < 4000ms (less than 4000 milliseconds).
  • API Availability: Supplier APIs shall achieve an uptime of 95% per month.
  • Should an emergency dictate a need for any period of non-Availability of CredoLab Infrastructure outside the Maintenance Window, or for a period of non-Availability exceeding 2,160 minutes, CredoLab agrees to schedule such non-Availability at least fourteen (14) calendar days in advance of its commencement with prior concurrence of the Client's representative. Any period of non-Availability outside of the Maintenance Windows shall be treated as “critical” Issue.

CredoSDK
What if the customer refuses to grant permissions to access the device data?

Then CredoLab will not be able to generate a score for that applicant. The score is generated based on the information allowed to access.  The more permissions granted, the more accurate the score will be reflected and thus, higher the chances of getting a better approval score.

CredoApp
Can the CredoApp collect data in the background?

No. The only time the app is active is when the customer initiates the scoring process. Once the score is sent to the backend, the app is defunct. It does not access any data or remain active in the background. The customer is free to delete the app right after the scoring is done.

You can get more information on how we handle the data under our privacy policies.

Scorecard Development
What happens in Data Preparation phase?

Data Preparation involves processing the raw data so that machine learning algorithms can uncover insights and make predictions. CredoLab uses proprietary software and algorithms to transform the raw data collected during the data collection phase into millions of  features which are a foundation of all further steps of a modelling process.

CredoWeb
From what instance does the JavaScript start capturing the data?

Data collections begins from the moment the customer begins the filling in application form and ends once the form is submitted.

ScoreMe
What if the customer refuses to grant permissions to access the device data?

Then CredoLab will not be able to generate a score for that applicant. The score is generated based on the information allowed to access.  The more permissions granted, the more accurate the score will be reflected and thus, higher the chances of getting a better approval score.

Service-Level Commitment
Bandwidth availability

CredoLab agrees, represents, and warrants to use commercially reasonable efforts to determine the source of any excess packet loss or latency and to correct such problem to the extent that the source of the issue is on CredoLab Infrastructure or network.

Data Privacy
How long will the data be kept by the CredoLab?

The metadata assessed and the score generated on your customers are stored by CredoLab for your use as long as the contract is valid. On termination of the contract, this data is deleted from all servers.

Data Privacy
Where will this data be stored?

The data extracted is stored in the form of a Json (or JavaScript) file on secure clouds provided by Amazon, Microsoft or a secure local server depending on our client's and country's policy and regulation. We are generally compliant with respective governmental regulations and local data is kept within the country, but CredoLab remains the sole proprietor of the data collected.

CredoSDK
Can CredoSDK be integrated into my app via the Ionic framework?

Yes. Please get in touch with us at info@credolab.com for more information on this.

CredoApp
What if the customer refuses to grant permissions to access the device data?

Then CredoLab will not be able to generate a score for that applicant. The score is generated based on the information allowed to access.  The more permissions granted, the more accurate the score will be reflected and thus, higher the chances of getting a better approval score.

Scorecard Development
What happens in the Segmentation phase?

Segmenting, or clustering, is an unsupervised machine learning algorithm where the target is not known. CredoLab always tests different types of segmentation to make sure the data is homogeneous from a digital footprint point of view. Typically, we use Android version, data availability, device brand and other features to build homogeneous segments in order to increase the overall predictive power of an ensemble of scorecards. This step ensures that demographic information about the individual phone user is NOT included. Variables such as age, sex, income level, etc. are NOT considered for modelling nor extracted from the mobile device for any other purpose.

CredoWeb
Does the JavaScript monitor the browser activity before or after this?

No. The JavaScript is activated when the customer starts filling application form and stops the moment the form is submitted.

ScoreMe
How many languages can ScoreMe support?

Currently the app supports 7 main Asian languages; Simplified Chinese, English, Indonesian / Malay, Thai, Burmese, Vietnamese and Tagalog. To change the language, simply tap on the relative icon in the menu.

Service-Level Commitment
Disaster recovery

CredoLab agrees, represents, and warrantsto use standard industry practices to regularly back up all data stored on behalf of the Client in accordance with the Schedule below, and implement a disaster recovery plan in the event of a site catastrophe or other Force Majeure Event that prevents CredoLab from delivering the Services or the client from accessing the Services or CredoLab’s Infrastructure, and agrees to use commercially reasonable efforts to have the Services restored to operation as soon as practicable

CredoSDK
Does CredoSDK support integration via Flutter?

Yes. Please get in touch with us at info@credolab.com for more information on this.

CredoApp
How many languages can CredoApp support?

Currently CredoApp supports 7 main Asian languages; Simplified Chinese, English, Indonesian / Malay, Thai, Burmese, Vietnamese and Tagalog. To change the language, simply tap on the relative icon in the menu.

Scorecard Development
What happens in the Feature Selection Phase?

Feature selection eliminates irrelevant or redundant features with the aim of increasing accuracy of the scoring model. We typically reduces the number of features from 1,300,000 to about 5,000 via fast and greedy algorithms. We then apply sophisticated proprietary algorithms to accurately select a few dozens of the most predictive and stable features. We always use a few different feature selection algorithms to ensure that we focus on features that are relevant to the problem we are trying to solve (predict risk).

Service-Level Commitment
Data backup and retention

CredoLab agrees, represents, and warrants to back up all Client Data (including but not limited to File Data, Database Data, and Archive Data), on a daily basis using a combination of full and incremental backup procedures. In addition, CredoLab shall archive database logs to permit recovery to a specific point in time if necessary. Backups will be executed automatically using a predefined schedule. Backup records will be rotated offsite on a periodic basis to ensure availability in the event of a site catastrophe. CredoLab agrees to archive and retain such records using predefined schedules and policies.

Service-Level Commitment
Recovery of data

CredoLab agrees to exercise commercially reasonable efforts to restore data files from archived copies as quickly as reasonably practicable, as necessary as a result of system failure or data corruption or losses. Client acknowledges that the amount of time required to restore data files is dependent upon numerous factors, including, but not limited to, severity or the relevant data corruption or loss. Any expense relative to data restoration is for the account of CredoLab.

Data Privacy
Which cloud storage provider do you use?

CredoLab has been working with Microsoft Azure for our cloud storage solutions. If your country or company has any other service provider you’d like to use instead, we could confirm on this after checking the security levels and the integration requirements from our side.

CredoSDK
Does CredoLab provide SDK in React Native?

No. Our SDK is available in Android native library only (CredoApp SDK).  However, SDK module can be integrated into an application written on React Native.

Scorecard Development
What happens during Model Building?

Credit risk models are built to provide a quantitative estimate of the probability that a customer will display a defined behaviour as provided by the bank with their performance data. In our modelling stage, we always divide the available data into a training set, a validation set, and a test set. Consistent with industry practices, the training set is used for fitting the model, the validation set is optionally used to optimize parameters, and the test set is used for reporting the accuracy of the final model with its chosen parameters. Dividing up the dataset in this way for different purposes serves to provide better estimates of actual model performance on individuals who are either new-to-credit or new-to-bank.

Data Privacy
Is there any other steps you take ensure data security?

All data collected are encrypted at all times - when at rest as well as in transit. Production data, the data used to generate the scorecards once you go live, are restricted from being used in test and development systems unless the data is appropriately masked or sanitised to protect sensitive information (if any). Data leakage protection (DLP) mechanisms are put in place to monitor and prevent the data form leaving the organisation via removable media or via a network. We maintain separate and appropriately segregated development, test and production environments for all Client`s relevant systems.

CredoSDK
What is the Xcode version compatible with CredoSDK?

Xcode 11.3.

Scorecard Development
What happens during Model Deployment?

This step is carried out by you along with our assistance.

Model deployment in data science refers to the application of a model for prediction using new data. Depending on your requirements, the model deployment phase can be as simple as generating a report or as complex as implementing a repeatable data science process.

We will provide you with a manual for this step. The manual contains the details of the datasets being used for model building, the subset of features being selected as the most predictive to be included in the final model. The manual also includes the model performance (train vs. test) and the charts summarizing the distribution of the users per risk score.

Data Privacy
What are your data security incident management efforts?

We have a formal security incident monitoring, reporting and response process to identify, report, and appropriately respond to known or suspected security incidents. Theft or loss of user systems (such as workstations or laptops) considered security incidents and follow our incident reporting process.

CredoSDK
What is the Swift version CredoSDK supports?

Swift version 5.2 and higher.

Scorecard Development
What happens during Model Calibration?

Model calibration is done after a model is deployed in production. Model calibration is the process of fine-tuning and improving the model with new data coming from the same bank. Tuning a model involves changing parameters such as learning rate or optimizer. Or model-specific architecture factors such as number of trees for random forests and number of and type of layers for neural networks.

During the first 12 months, we recommend you share the performance data on a monthly basis. With this data, we can fine tune the model and improve it. As the portfolio matures, we recommend to perform a quarterly or semi-annual calibration.

Part of the calibration process is again out-of-sample and out-of-time validations. These are important steps to avoid overfitting, the practice in which the model fits the empirical data too well which results in less accurate predictive results for the new set of input data.

Service-Level Commitment
SLA Announcement

CredoLab agrees, represents, and warrants to use all commercially reasonable efforts to have the Services running and available to the Client continuously, every day, in dedicated environments of at least 95% during any monthly billing cycle (“Service Level Commitment” or SLC) and a mean time of between any non-Availability equal to or greater than one hundred twenty days (120).

A Scheduled Downtime may be scheduled by CredoLab as reasonably necessary for maintenance, updating, or repair by giving the client at least eight (8) hours advance written notice, unless a shorter notice period is required under the circumstances. The notice will specify the date and start time of the Scheduled Downtime and the expected period during which the Services will non-Available. CredoLab agrees to use commercially reasonable efforts to minimize the effects of such Scheduled Downtime on the Client's regular business operations.

Please refer to the sections below for more on our service level commitment.

Data Privacy
Who will have access to the data within CredoLab?

Only authorized and trained employees of Research and Development department have read only access to the data. In addition to this, the customer success team working with you will also have access to the data, after your explicit authorization.

Couldn’t find an answer to your query? Get in touch with us directly at faqs@credolab.com.