Creating Secure Mobile Interactions for Online Banking

By

Banks have a lot more to lose than money if a security measure fails. These financial institutions strive to create a relationship built on trust with their customers, and it’s not one easily broken. Consumers think about changing banks as they do about moving: it’s a big hassle that no one wants to deal with. But will do it without hesitation if they feel their bank has violated trust.

Customers demand fast and innovative mobile experiences that are still secure. That goes double for online banking. To preserve the security of a consumer authentication and interaction, while meeting and exceeding customer demand for responsive mobile experiences, FIs are looking to passive biometrics and behavioral analytics to satisfy both needs.

Consumer preference is driving the demand for change. Mobile usage worldwide is rapidly outpacing desktop logins at financial websites. Mobile banking customers are more engaged, logging on an average of 14-15 times per month versus four to five times for traditional online banking customers using desktop computers. Focusing on customer engagement in the mobile space can further cement brand loyalty, making your mobile app an indispensable resource your customers rely on and use every day. Failing to deliver the experience that consumers demand means losing customers to more agile competitors, as well as making new customer acquisition extremely difficult.

It is critical in this consumer-driven landscape to offer convenient and easy online access, but it comes with a price. As we deploy easier-to-use and more friendly online services, they become more attractive to online criminals, resulting in higher-risk transactions and less data to adjudicate between good and bad users.  Compounding this risk is the fact that banking customers have a very low tolerance for incidents of fraud – but how they found out about it also has a huge impact. In a recent study on consumer behavior, if banks alert their customers to the fraud, only 2.5 percent of those customers would leave that bank; but if customers discovered fraud on their own, there was a four-fold increase in customer churn, with one in five customers defecting to another institution. Unlike a retailer that has a breach, if a customer’s account at a bank is compromised, they will not likely be won back over time. Banks spend years developing that deep well of trust, so why risk it? Breaking that trust comes at too high of a price.

Financial institutions don’t like risk any better than consumers do; in fact, they are extremely risk averse, and for good reason. Since 2010, incidences of card-related data breaches have increased over 340 percent. Theft of login and password data has increased over 300 percent in the same period.  Consumers who have had their account information stolen are 10 times more likely to be the victim of financial fraud, with a subset of those consumers experiencing true identity theft – a crime with lifetime ramifications.

A balance must be struck between protecting against security threats and the consumer demand for convenience and functionality. The need for this balance is driving nearly 80 percent of financial institutions to invest in technology solutions that boost customer engagement and bolster security. Often these investments are diametrically opposed, either increasing the risk profile of an institution by making consumer access more convenient or increasing account security at the expense of consumer satisfaction and engagement.  Solutions must be found that don’t compromise the ideal state – both easy to use and secure. Trust and safety!

Traditional methods of consumer identification use single points of static data to predict risk. It is glaringly apparent that we need to move beyond tradition to devise new solutions. We’ve relied too long on device identification, static data points and usernames and passwords to define legitimate access. Having all these elements match up in an account application, login or transaction does not mean that interaction is safe and, inversely, having anything fail to match up should not remove all faith that an interaction is valid. Attempts to add dynamic elements, like one-time passwords and SMS text messages, to the authentication equation have traditionally met with consumer confusion, backlash and rejection – or all out abandonment. It simply adds too much friction.

The reality of an increasingly mobile-first world suggests that we will continue to labor under the burden of authentication based on static information such as usernames, passwords and device IDs. But not to despair, by using a combined approach of passive biometrics and behavioral analytics atop existing authentication solutions, it is possible to strike that balance of frictionless customer experience and increased security.

And that’s not all; financial institutions that are able to confidently authenticate their customers can push out individualized offers and provide a streamlined user experience, which strengthens customer trust and engagement and increases bottom-line dollars. The layered authentication approach is a true win-win scenario.

About The Author: Robert Capps is the vice president of business development for NuData Security. He is responsible for developing and nurturing strategic alliances, partnerships and channels. Robert is a recognized technologist, thought leader and advisor with over twenty years of experience in the design, management and protection of complex information systems – leveraging people, process and technology to counter cyber risks. In his previous role at RedSeal as a senior director, Robert was responsible for technical, security and customer operations. Prior to RedSeal, Robert was senior manager, global trust and safety at StubHub. Robert can be reached online at Twitter @rwcapps or via www.nudatasecurity.com




Edited by Maurice Nagle


SHARE THIS ARTICLE
Related Articles

What does an IT support team do?

By: Contributing Writer    8/15/2022

Most IT support teams are tasked with day-to-day troubleshooting. This ranges from fixing machines and networks to physically maintaining them by chan…

Read More

Top 7 Tips for Making Open-Source Software More Secure

By: Contributing Writer    8/15/2022

In the wake of high-profile security threats, companies and governments are increasingly turning to open-source software as one of the ways to avoid s…

Read More

Security for Playing Online Casino Games on Your Mobile

By: Contributing Writer    8/12/2022

Technology has transformed how humans perceive and do things. One of the sectors that technology has dramatically improved is the online gaming sector…

Read More

Fans Ready to Embrace Stadium Digital Future

By: Greg Tavarez    8/10/2022

In Oracle Food and Beverage's report, 70% of attendees would prefer to have service jobs replaced by digital solutions in the future.

Read More

Twilio Cyber Attack: Social Engineering is Real and Really Dangerous

By: Matthew Vulpis    8/9/2022

Phishing is commonly used by cyber criminals, as an attack that exploits an organization's last line of cyber defense - the employees

Read More