As the world becomes increasingly digital, the need for strong cybersecurity is also increasing. Fortunately, modern technologies have made it easier to provide this security without sacrificing convenience. We'll explain how banks can leverage this to better protect and serve their customers.
The digital revolution has left no industry untouched, and banking is no exception. 85% of banks consider digital transformation programs to be a business priority, and 62% expect to be digitally mature by 2020.
Customers are a primary driving force. As consumer tech moves towards mobile and online connectivity, customers expect the same from their banks. Features such as mobile and online banking, remote deposits, and instant transfers are becoming essential requirements for banks. In 2017, about half of U.S. adults with bank accounts used mobile banking. With smartphones becoming the primary computing device worldwide, the demand for mobile banking will only increase.
Risks and Threats of Digitalization
Digitalization isn't without its risks. In 2016, banks faced attempted fraud attacks worth more than $19 billion. While they were able to successfully prevented $17 billion in losses, the remaining $2.2 billion was due to online banking and other electronic transactions. Not only do banks need to embrace digitization, they also need to do so while offering greater customer convenience and greater security.
Compared to tech companies, banks are also subject to more regulations. According to McKinsey & Company, 30% of banks experienced increases in compliance costs of over 50% over the last 5 years, and 46% expect costs to increase in the next 5 years. New rules like the EU's General Data Protection Regulation (GDPR) is expected to cost some companies an estimated £800 million
However, banks can't wait either. If retail and corporate banking customers switch to digital companies at the same rate that people have adopted new technologies in the past, the industry's return on equity (ROE) could drop to 5.2% by 2025. Several major banks are planning to spend over $4 billion on modernizing their IT infrastructures and training employees on using new technologies effectively. If more banks learn the tools at their disposal and develop skills in digital marketing and analytics, the industry could add $350 billion to its bottom line in three to five years.
Modernizing Authentication to Meet Customer Expectations
Many banks rely on conventional authentication methods for mobile banking, such as usernames and passwords, tokens, and one-time codes. But these methods have two problems:
- They disrupt the user experience by requiring users to manually enter information or to complete a subprocess before continuing
- Attackers can steal or intercept this data and effectively bypass the controls
Not only does this leave the user with a poor experience, but it does little to protect them from attackers. Fortunately, digitization opens banks to modern authentication methods that offer greater security and convenience.
With behavioral biometrics, banks can leverage everyday technology to seamlessly and securely authenticate users. Behavioral biometrics works by evaluating how users physically interact with their desktop and mobile devices. It tracks a number of metrics that are virtually impossible to duplicate when compared to passwords or tokens. For example, it can pick up on the angle that a user holds their mobile device, the speed that users type at or even their preferred hand that they use the mouse, etc. By combining these very precise measurements, a detailed user profile can be created that is virtually impossible to either steal or copy. The result is a faster and less disruptive experience for users that doesn't compromise security.
Simplifying PSD2 and SCA Compliance
The EU's new Second Payment Services Directive (PSD2) directive standardized data sharing in the financial industry. It allows banks and their customers to share financial information with third parties through standardized APIs, interfaces, and services. However, this also opens up banks to new threats, since it allows financial information to travel through third parties much more easily.
Because of the risks involved, PSD2 requires any organisation offering electronic payment or transaction services to protect their consumers by implementing Strong Customer Authentication (SCA). SCA means that users must prove their identity using at least two of the following elements: (1) something that they know (PIN or password), (2) something that they own (device or smart card); and (3) something that they are (biometrics, e.g fingerprint or facial scan). Behavioral biometrics is part of the third category and provides many benefits that surpass basis SCA requirements including continuous authentication and risk-based authentication. Another added bonus is that while these methods drastically simplify the user experience, they also make it possible for users to complete higher-risk transactions.
So yes, behavioral biometrics is indeed key to your digital transformation. The need to balance user experience with security by enforcing more seamless user verification processes where banks will need to keep their focus - especially as banks become more digital and need to address their customers’ needs adopting modern methods when it comes to user authentication and methods of fraud protection.