Why financial services need to rethink authentication for a digital-first world

The last 10 years have seen significant changes in the debate around what the most important channel for business is – brick and mortar or digital channels. But in the shadow of the pandemic, and the accelerated shift towards digital it spurred across the world, that debate has been well and truly put to rest. We’re now in the digital-first era, and this has meant financial organisations such as banks have needed to significantly transform business models.

by Amir Nooriala, Chief Commercial Officer, Callsign

Banks have traditionally relied on branches to drive loyalty and deliver experiences to customers. But with digital channels such as websites and mobile apps now becoming the most important avenues for business, old methods of driving experience and loyalty have been replaced by digital factors, such as app ratings.

So, it’s no surprise that in a digital-first world, businesses must leverage digital-first solutions. But if satisfaction levels are judged by the quality of a digital experience, then businesses not only need to ensure smooth and seamless access to services but also make sure security is a top priority.

However, analogue solutions that many organisations in finance still use for customer authentication – such as one-time passwords (OTPs) – fall short of achieving these goals.

The pressure is on for businesses to find new, truly digital-first solutions that make their customers’ lives easier and differentiate their experience from competitors. But this is a balancing act that needs to also ensure the safety and security of every online interaction because if ease comes at a cost to security, businesses risk losing customers altogether.

Vulnerable systems built on outdated foundations

When it comes to financial institutions, in particular, the ability to adapt to the times has always been part of their success. Some banks are centuries old, and to remain relevant they’ve had to adapt their business models, services, and cultures countless times, all while maintaining the integrity of the sensitive information they hold.

However, over time, that imperative to maintain the safety of their data has led to the accrual of legacy systems for most organisations. While this has been a long-standing problem, in a digital-first world, legacy systems present a particularly glaring vulnerability when it comes to authentication.

Throughout the pandemic, hackers and ransomware attackers took advantage of global uncertainty and thousands of people faced a barrage of text message-based scams over this period. This highlighted the already significant problem with commonly used authentication methods that so many businesses rely on.

In fact, almost a quarter of people questioned for a recent Callsign survey said they received more texts from scammers than their own friends and family.

Organisations’ unwillingness or inability to stop utilising outdated authentication processes such as OTPs are fuelling a worsening crisis in scams and fraud. Businesses developing their digital transformation strategy need to see it as a chance to approach everything they do with a digital-first mindset, and not simply try and recreate digital versions of existing solutions.

And to make this a reality, organisations must rethink their systems in line with how their customers actually behave online and build their solutions accordingly.

The verified path to digital-first innovation

There are a number of technologies that are ideal for financial organisations looking to elevate their authentication methods to digital-first levels that seamlessly and frictionlessly integrate into their customer journeys.

One such solution is passive behavioural biometrics, software capable of taking into consideration millions of data points when verifying the identity of a user. The key difference between behavioural and physical biometrics – and why behavioural biometrics is the superior authentication method – is that it isn’t reliant on a single device (it’s device agnostic).

So, when combined with device and threat intelligence, the solution can circumvent the single point of failure issue that so many other authentication methods fall foul of.

This makes it ideal for our modern, digital-first world where customers want to use a variety of devices and channels to access online services. By making your authentication method device-agnostic, user experience can be ensured in a secure and non-disruptive way, whatever device is being used.

And as this solution can be seamlessly integrated into any point of the customer’s journey, it’s a much more fitting solution for a sector that has always been on the cusp of innovation.

Re-building for a new era of authentication

In order to thrive, organisations in the financial sector need to be prepared to interrogate every aspect of their operations to make sure they are delivering the most convenient and secure service to customers online.

To achieve this, organisations need to be prepared to re-lay their technological foundations. Elevating the importance of digital identity authentication is one such vital change, and businesses need to realise it will only continue to grow as a priority for customers going into the future.

Because the threat from bad actors and cyberattacks is only worsening. So, while innovation is key to attracting customers, security must be at the core if businesses are to retain loyalty. And it will take collaboration both internally and with partners to ensure that customers have the security they deserve.