Jason Tooley, Chief Revenue Officer at Veridium, and board member at techUK, comments on how digitally authenticating consumers plays an integral role in supporting the growth of mobile financial service offerings to consumers:
Digital IDs are the foundation for a streamlined secure banking experience
Digital banking is now firmly embedded into everyday life in Europe. In data revealed by a recent MasterCard survey customers value security and convenience as the most important factors in managing their money online, emphasising the opportunity banks have in leveraging consumer confidence in their personal technology. Of more than 11,000 people quizzed across 11 European markets, 84% use digital banking at least once a month and 38% at least once a week. Nearly two thirds are using banking services from traditional providers, but digital-only banks are on the rise and are now being used by one in five customers. The consumer’s own digital technology is at the heart of the engagement with financial services organisations for the long term.
New banking services can be established quickly today with the rise of fintech capabilities and the expansion of open banking strategies; but gaining acceptance and broader usage relies heavily on the combination of a secure user experience and accessibility from the consumer’s own devices. This is the balance between accessibility, user experience on one side of the coin and security on the other with added regulatory compliance for the consumer and the bank. Without both areas being addressed, adoption will accelerate due to the rise of mobility but the risk of loss of confidence associated with fraud will damage the brand and ultimately revenue for the bank. Brand damage due to the risk of cybercrime and fraud is likely to have an increased impact in the open banking, post PSD2 world.
The increasingly millennial population, having grown up immersed in technology, expect to leverage their consumer technology to create a frictionless experience. One area being adopted heavily by consumers is the ability to create a digital identity on their own device and use this to access their device and applications. Consumers recognise this creates a good user experience and makes them highly productive on the move; but how do banks ensure support for this requirement in a world of cybercrime, fraud and identity theft?
The traditional method of creating secure authentication of identity for a consumer has been to use passwords as a primary mechanism, with a One Time Passcode (OTP) type technology as a second factor for authentication. It is widely recognised that a password based approach is fundamentally challenged by the ease of compromise if passwords are simple to steal or detect, or through methods such as phishing. In cases where highly complex passwords are implemented, then the likelihood of password lockouts and reduced productivity for consumers creates a negative user experience. When consumers are faced with the additional need to use an OTP, either hardware or software based, or through SMS, this adds friction into the end user experience.
From a bank’s perspective, creating new digital services in the cloud rather than on premise in the bank’s data centres also creates regulatory challenges for the bank. Banks need to ensure both its employees and the cloud service employees need to be reticent of who can access their customer information. Satisfying the regulator therefore becomes a full-time task for many banks as they drive towards greater agility. Adding to the regulatory challenges, the constant changes in the financial services sector necessitate new ways of proving identity, including GDPR and the upcoming PSD2 deadline coming into force in September.
Solving this problem is imperative for the banks, both global and digital; payment service providers and the FinTech community in general; the balance of great user experience for the consumer and strong, secure experience delivered by the enterprise is the winning formula. The use of digital identities to authenticate access, transactions creating a non-repudiating, auditable approach is the innovation that banks are looking for.
With Open Banking creating new services and an added need for accountability in the process of authenticating identity, it’s an ideal time for financial services organisations and FinTechs to build a digital authentication strategy into their Open Banking environments to match the expectations of consumers and the regulator. This will create an approach where banks and FinTechs can develop a consistent strategy around interoperability with digital authentication implemented as part of the launch of new services. This approach will, undoubtedly, be focused on the user experience and mobility requirements; but now adding the security and requirements by the bank and regulator will be imperative.
It’s incumbent on all areas of the financial services sector from global banks to the FinTechs to be working collaboratively to create the combination of a secure experience and great digital experience. This is where a bank’s digital transformation journey integrates with a successful Open Banking or PSD2 strategy.