Fintech Security: Considering Authentication Across Finance
It’s common knowledge that we have entered a digital-first era. Although we’ve always been moving towards this, the pandemic has massively accelerated the shift, and organisations like retail stores and banks no longer have a physical anchor point to drive loyalty. We are seeing consumers head to the app store and decide who they’re going to shop or bank with based on the highest app rating.
With that in mind, not only is digital-first the most crucial channel now, but it must be both very secure from a trust perspective, and seamless in terms of the log-in experience – which is often complicated by one-time passwords and other time-consuming authentication methods.
The onus is now on all sectors and industries to ensure they provide their customers with the solutions they need to make their lives easier and safer. Financial organisations need to think about the ways in which their products and services can be made digital-first and fit for how customers behave online, specifically when it comes to keeping them safe when interacting online.
Systems are currently vulnerable
Financial institutions have had to transform their services and business models countless times over the centuries to keep up with technological and cultural changes – no mean feat considering the amount of data and sensitive information they’ve always held.
However, as a result, the presence of legacy systems can be a point of vulnerability to these institutions. And these days, those legacy systems are potentially leaving them open to fraudsters as older technology often doesn’t have the most robust authentication methods in place.
Digital transformation provides banks with an opportunity to build everything with a digital-first mindset. Organisations need to rethink online consumer behaviour and then use technology to build the processes to accommodate that.
Facing the challenges
Financial services institutions’ failure to consider a digital-first approach can have immense implications for the safety of customers. For example, authentication processes that have been merely digitised, such as one-time passwords, are particularly prone to exploitation by criminals.
The pandemic demonstrated this all too clearly, as thousands of people faced a deluge of scams involving text messages. Nearly a quarter of respondents (24%) from Callsign’s latest research say they receive more texts from scammers than their own friends and family.
Financial institutions that rely on the digitised version of outdated processes like this are fuelling the rise in scams and fraud by creating opportunities ripe for cyber-attackers – this is why it’s vital for companies to evolve with what customers expect and need from their services.
Implementing the right technology
Financial institutions need the right technologies to become digital-first. The way they verify and authenticate their users must involve tech that seamlessly integrates into user journeys without causing unnecessary friction.
An example of this is behavioural biometrics. It is vastly superior to physical biometrics in many ways, primarily because it’s device-agnostic – not reliant on a single device. And in an age where customers use a variety of devices and channels, device agnosticism is vital to ensuring the user experience is improved in a safe, secure, and non-disruptive way.
Passive behavioural biometrics also uses millions of data points to verify if a user is genuine when layered with device and threat intelligence and removes the single point of failure that plagues most traditional authentication methods. Customers expect frictionless journeys, and this type of tech can be seamlessly incorporated into any point of the process, making it a far better authentication method that’s fit for a digital-first financial services industry.
What’s next for the industry?
Financial institutions need to look at the very technological foundations on which their businesses are established and ensure they’re appropriate to deliver the best digital service for their customers. Simultaneously, they must consider all their customers’ needs when it comes to authenticating their identity and make this a priority rather than an add-on when innovating processes from the ground up.
Strong digital foundations rely on teams working together – not in siloes – to ensure fraudsters are denied any opportunity to exploit customers and that consumers are instead provided with the security that they deserve.
About the author: Amir Nooriala, Chief Commercial Officer at Callsign, has a track record of business growth across the technology and financial services sector. His previous positions include OakNorth, Barclays, and Accenture.