The COVID-19 pandemic has had a significant impact on security in the finance sector, reports HID Global.
The shift towards digital financial services in recent years, along with accelerated adoption of mobile and online banking during the COVID-19 pandemic has radically changed customer expectations for online services. Financial Institutions are under pressure to deliver both seamlessness and security. Customers are looking for fast and frictionless digital journeys as well as fast payments, transactions and login processes.
Customers also want to feel like the organisations are taking their security seriously and want technologies like biometric authentication and fraud risk alerts. Even so, the overwhelming emphasis on seamlessness and ease of use suggests that in order to be acceptable to customers, biometric authentication and fraud risk alerts must be part of a smooth and efficient process.
Preparation, automation and scalability are critical. Financial institutions should always assume they are under attack and proactively use technology to be prepared.
A key component of a business’ risk management strategy is optimisation around preventing fraud, automating online threat detection and being able to continuously validate the identity of the users.
Technology should be scalable to support businesses in becoming more dynamic. Technology is there to enable them to grow/partition/isolate and adapt to any regulatory requirement and threats that consumers, banks and fintech providers could encounter, such as protection against zero day malware or from identity theft by using biometrics to identity and authenticate users.
Finding the balance between usability and security starts with identifying the key internal stakeholders which have operations that impact the customers.
They can be part of the tech, the business, the security, or the legal team, as long as they are aligned around the customer experience.
Second, remember that gaining trust is the end goal. The outcome is dependant on the stakeholders’ measurement of success within the constraint of their organisation and jurisdictions.
When trying to establish the user experience (UX) and find the right balance between usability and security, the consumer experience might not be attributed to a specific channel. For instance, when consumers are making online payments, or just simply trying to apply for a new telephone or mobile phone account, it would typically require multiple touchpoints from the consumer. These entry points that are part of the consumer experience can also add and introduce certain risks.
Having a way to correlate multiple channel behaviours from the consumer significantly helps better identify and analyse fraud by looking at all the cross-channel data available. This is a very important factor in making sure consumers can transact securely across their end-to-end journey.
What are the upcoming trends that every financial institution should be aware of?
Automation – More and more financial businesses and ecosystems are adopting technologies such as machine learning that enable them to automate certain decision-making processes that range from preventing fraud to business processes around financial payments and others.
Cash is no longer king (COVID-19 has taught us that) – Digital consumers that have been traditionally paying their transactions on typical money-based accounts will also start to be more open to digital payment forms. Still, this trend is not about finding the next Bitcoin, but more about finding how consumers can securely store and protect their digital asset from bad actors.
Broadening the use and number of digital channels – Consumers are adopting not only the mobile phone but also different smart home/IoT devices to conduct their daily activities. For instance, in the case of internet banking services, many banks have adopted chatbots to add or re-establish customer channels that bring different user experiences.
Cloud-based identity – More service providers including banks will rely on trusted identities based in the cloud. We see a fleet of open standards including FIDO2, Open ID and federated identity technologies that help identify online consumers by providing stronger consumer authentication, combined with risk management and behavioural biometrics.
Regulations – Open Banking regulation establishes data ownership with the customers. This is an opportunity for more players in this ecosystem to participate. The adoption rate will be staggered and influenced by different regulatory schemes across the world.
Striking the right balance between speed, seamless customer experience and security is not a new challenge for FIs, but the on-demand nature of digital has made it mission critical for organisations looking to build trust and meet high customer expectations.
Security and compliance are also at the heart of many FIs’ motivations for rolling out digital banking services.
Customer awareness of these risks is also changing attitudes towards friction within the onboarding and login processes, with a clear majority of respondents reporting that customers felt ‘positive’ about a small amount of friction. This suggests that authentication methods – if they are part of a seamless customer journey – can prove reassuring for customers and form a key pillar of customer engagement.
The methods available to FIs for authenticating users and transactions are also changing rapidly: while multi-factor authentication is still widespread, other advanced biometric authentication technologies are catching up, such as keystroke pattern, fingerprint or facial recognition. The resulting picture is therefore one of an industry responding to profound technological and pandemic-related disruption.
Customers are expecting their FIs to offer digital experiences that combine ease of use with the highest levels of data privacy and security protocols. To tackle this challenge, the majority of FIs have begun to implement automation of parts of the onboarding, login and transaction and sign in process with a range of new technologies. The results however suggest that there is still work to be done if they are to meet customer expectations of fast, seamless and secure digital journeys.
For more information, visit: www.hidglobal.com
This article was originally published in the February 2022 edition of International Security Journal. Pick up your FREE digital edition here.