Other parts of this series:
Thanks to the proliferation of smartphone-embedded biometric sensors and a near-universal acceptance of password-less authentication, consumer grade physiological and behaviorally-based biometric authentication is now a mature technology that is quickly becoming commonplace. While the idea of using biometrics for authentication is not new, a critical mass movement within financial services has brought biometric authentication into the mainstream, driven by the following factors:
- Regulatory requirements under the Payment Services Directive 2 (PSD2) and its strong customer authentication (SCA) provisions, as well as Open Banking
- The rapid and steady escalation of payment fraud-related financial losses
- Recent improvements in biometric authentication technology and products
Financial services firms and their customers can now look forward to putting an end to the complexities of password-based authentication (including lost or hard-to-remember passwords and password theft) to enjoy a new level of security delivered with greater ease and efficiency.
The time is right to examine how to best integrate biometric authentication into the financial services security environment.
The benefits of biometric authentication
Biometric authentication offers numerous benefits over password-based authentication, including:
- An enhanced user experience (it’s consumer-friendly and works in real-time)
- Improved risk management (firms can save time and money while defending against fraud)
- Greater authentication accuracy (which reduces the risk of fraud and related financial losses)
Additionally, by including behavioral authentication in the biometric authentication process, banks can better protect against fraud by transparently assessing customer behavior for a specific transactional scenario—in the moment. This allows firms to not only reduce risk but also to further enhance the customer experience by:
- Decreasing friction in low risk situations
- Increasing security in high risk transactions
- Avoiding having to decline a customer’s transaction
Recent technology advances have made implementing biometric authentication easier and more straightforward for financial institutions than in the past.
From biometric to multi-factor authentication
As technology enhancements dovetail with new business needs and challenges, well-deployed, multi-factor authentication can help financial services firms take advantage of enhancements in authentication processes not only for online and mobile banking customers, but also in situations that still depend on legacy channels—such as branch and contact centers.
These enhancements promote organizational synergy, improve customer interactions and realign the financial services sector’s customer service offerings with the expectations of what is rapidly becoming an increasingly digital, interconnected and brand-neutral population. There are now options for leveraging offerings from established and trusted vendors as well as new entrants to the marketplace.
The current challenge—and how to address it
The emerging challenge financial services firms face now is how to take advantage of the dramatically improved customer experiences and security capabilities multi-factor authentication makes available while avoiding vendor lock-in or unnecessary commitment to a particular biometric modality, strategy or architecture.
We believe the solution to this challenge is an “authentication hub” model that allows firms to:
- Pick and choose between both biometric and non-biometric authenticators
- Embed existing authentication technologies—thereby reducing or eliminating technical debt
- Deploy a flexible architecture for greater fluidity, while at the same time facilitating compliance with emerging legislation
- Offer contextual, risk-based and persistent authentication to help reduce fraud and improve the customer experience
- Prompt customers for a secondary, or step-up, authentication if an omni-channel risk threshold is breached
In my next post, I’ll delve more deeply into the factors driving the need for “authentication in the New” as a backdrop for sharing Accenture’s concept of the authentication hub.
For a comprehensive view of all aspects of the authentication hub and “authentication in the New” please see Accenture’s Biometric Authentication in the New Digital World.