THE IDENTITY CHALLENGE: Just how can BANKS KNOW WHO'S WHO?
Technology has transformed the world of banking, bringing various new services to the table and revolutionising the way in which customers manage their finances. The days are gone of fixed branches and localised appointments. Today's banking is done with the click of a button. However, technologies have also brought with it new challenges, particularly in regard to identity and authentication. These two things are no longer as easy to achieve as they used to be.
Customers can interact with banks through a growing number of channels. Consequently, there are myriad factors that banks need to take into account to facilitate the different options. The question of how and when to authenticate identity has become particularly important, as has the data which is used and the processes that are set up to ensure strong customer authentication compliance. What's more, consumers now expect unified services with a seamless experience and will have no qualms about going elsewhere if banks can’t provide them.
What is identity and authentication?
Before answering this, it is important to clarify what we mean by identity and authentication, and how the terms differ. Organizations use identity to make sure that only authorised individuals can access information for that appropriate reasons. Authentication, however, is the key in the lock for identity, allowing customers to go on to execute transactions.
Authentication is required in all channels of interaction, and there are varying means to do it. For example, banks can use knowledge factors for example passwords, possession factors for example ID cards or authentication tokens, and inheritance factors such as biometrics to verify users. Each factor features its own unique challenges, however, presenting various security flaws such as weak credentials or the chance of losing physical tokens.
Moreover, within the era of digital banking, criminals can counterfeit many pieces of information to compromise user identities. It has devastating consequences for all involved, whether it be customers whose data is compromised or banks whose reputation is broken. Identity theft is clearly a grave threat.
The extent of the problem
Identity fraud is a growing concern that affects both businesses and customers, especially when fraudulent activity affects innocent people's credit ratings. It has therefore become vital that banks do something to preemptively detect identity theft. But this is, of course, much easier said than done.
Modern hackers are using powerful tools to steal identity information. For instance, geospoofing enables criminals to use intermediate computers to cover their IP address and appear in a location that matches the stolen credentials. Elsewhere, hackers are implementing bots that use automated scripts to guess passwords.
The extent of the identity problem becomes clear when we look at the statistics. For example, studies have shown that it takes the average victim seven months being aware of identity fraud,. In some cases, it may even take years.
What's more, once a panic attack is discovered, the average cybercrime victim in the UK spends 14.8 hours dealing with the aftermath. These are worrying facts, taking into consideration the large volumes of money and sensitive data on the line.
With all this in mind, if the established players can't give a strong anti-fraud service via a user-friendly authentication system, it'll only be a matter of time until consumers take their custom to more agile fintechs and challenger banks. So how can these problems be resolved?
The AI solution
Proving identity is the critical first step in preventing theft. After all, only when you have confidence in the interaction can you begin to validate another requests. However, the greatest issue is gaining this confidence, and also the rise of remote requests increases the challenge.
If it is true that technologies have complicated matters with regard to identity and authentication, it's also true that it holds the key to resolving the problem. For example, AI-enabled programmes are actually capable of authenticating payments in real-time. They are able to also quickly recognise fraudulent tries to steal logins or log counterfeit payments.
Despite this, an alarmingly few financial institutions are leveraging the right solutions. Research shows that only 10% of organisations are actively using ML analytics to orchestrate authentication. While 50% are in the process of implementing these solutions and have them on their road maps, a worrying 40% are not.
With this in mind, banks need to take steps to prove the need for AI and advanced analytics. Additionally, they must demonstrate how these solutions may bring new levels of flexibility and convenience to customers.
AI and advanced analytics are helping banks to preemptively detect identity theft rather than having to deal with the aftermath. By understanding the “normal” behaviour of customers, they can limit the amount of false positives and unnecessary challenges. This helps to reduce customer frustration while maintaining security in the process.
The sooner you invest, the earlier you benefit
Technology has changed the face of identity and authentication. The advantages brought to banking are significant and also the risks of inaction rapidly expanding. When innocent people begin falling prey to cybercriminals, it dramatically affects the user experience. This is a key issue for banks to overcome in the era of open banking and digital payments.
For all of the benefits that AI and advanced analytics bring, there is an alarming lack of adoption in the industry. As a result, it falls towards the banks themselves to become the power for change and to demonstrate the company value that these solutions bring to financial services.
Those who neglect to implement powerful AI-based authentication will soon feel the impact on the bottom line as customers flock elsewhere looking for increased security and a smoother journey.