The identity challenge: How can banks know who’s who?


Technology has transformed the world of banking, bringing all manner of new services to the table and revolutionising the way that customers manage their finances. Gone are the days of fixed branches and localised appointments. Today’s banking is done with the click of a button. However, technology has also brought with it new challenges, particularly in regard to identity and authentication. These two things are no longer as easy to achieve as they used to be.

Customers can interact with banks through a growing number of channels. As a result, there are myriad factors that banks need to take into account to facilitate the different options. The question of when and how to authenticate identity has become particularly important, as has the data that is used and the processes that are put in place to ensure strong customer authentication compliance. What’s more, consumers now expect unified services with a seamless experience and will have no qualms about going elsewhere if banks can't provide them.

Hidden Insights: The identity challenge: How can banks know who’s who?
Hidden Insights: The identity challenge: How can banks know who’s who?

What is identity and authentication?

Before answering this question, it is important to clarify what we mean by identity and authentication, and how the terms differ. Organizations use identity to ensure that only authorised individuals can access information for the appropriate reasons. Authentication, on the other hand, is the key in the lock for identity, allowing customers to go on to execute transactions.

Authentication is required in all channels of interaction, and there are varying means to achieve it. For example, banks can use knowledge factors such as passwords, possession factors such as ID cards or authentication tokens, and inheritance factors such as biometrics to verify users. Each factor has its own unique challenges, however, presenting various security flaws such as weak credentials or the risk of losing physical tokens.

Moreover, in the era of digital banking, criminals can counterfeit many pieces of information to compromise user identities. This has devastating consequences for all involved, whether it be customers whose data is compromised or banks whose reputation is damaged. Identity theft is clearly a grave threat.

The extent of the problem

Identity fraud is a growing concern that affects both businesses and customers, especially when fraudulent activity affects innocent people’s credit scores. It has therefore become vital that banks take action to preemptively detect identity theft. But this is, of course, much easier said than done.

Modern hackers are using powerful tools to steal identity information. For example, geospoofing enables criminals to use intermediate computers to hide their IP address and appear in a location that matches the stolen credentials. Elsewhere, hackers are implementing bots that use automated scripts to guess passwords.

The extent of the identity problem becomes clear when we look at the statistics. For example, research shows that it takes the average victim seven months to become aware of identity fraud,. In some cases, it can even take years. What’s more, once an attack is discovered, the average cybercrime victim in the UK spends 14.8 hours dealing with the aftermath. These are worrying facts, considering the large volumes of money and sensitive data at stake.

With all this in mind, if the established players can’t provide a strong anti-fraud service via a user-friendly authentication system, it will only be a matter of time until consumers take their custom to more agile fintechs and challenger banks. So how can these problems be resolved?

The AI solution

Proving identity is the critical first step in preventing theft. After all, only when you have confidence in the interaction can you begin to validate the other requests. However, the greatest problem is gaining this confidence, and the rise of remote requests increases the challenge.

If it is true that technology has complicated matters with regard to identity and authentication, it is also true that it holds the key to resolving the problem. For example, AI-enabled programmes are now capable of authenticating payments in real-time. They can also quickly recognise fraudulent attempts to steal logins or log counterfeit payments.

Despite this, an alarmingly small number of financial institutions are leveraging the appropriate solutions. Research shows that only 10% of organisations are actively using ML analytics to orchestrate authentication. While 50% are in the process of implementing these solutions or have them on their road maps, a worrying 40% are not.

With this in mind, banks need to take steps to prove the value of AI and advanced analytics. In addition, they must demonstrate how these solutions can bring new levels of flexibility and convenience to customers.

AI and advanced analytics are helping banks to preemptively detect identity fraud rather than having to deal with the aftermath. By learning the "normal" behaviour of customers, they can limit the number of false positives and unnecessary challenges. This helps to reduce customer frustration and friction while maintaining security in the process.

The sooner you invest, the sooner you benefit

Technology has changed the face of identity and authentication. The benefits brought to banking are significant and the risks of inaction rapidly expanding. When innocent people begin falling prey to cybercriminals, it dramatically affects the user experience. This is a key issue for banks to overcome in the era of open banking and digital payments.

Once an attack is discovered, the average #cybercrime victim in the UK spends 14.8 hours dealing with the aftermath. These are worrying facts considering the large volumes of #money and sensitive #data at stake. Click To Tweet

For all the benefits that AI and advanced analytics bring, there is an alarming lack of adoption in the industry. As a result, it falls to the banks themselves to become the driving force for change and to demonstrate the business value that these solutions bring to financial services.

Those who fail to implement powerful AI-based authentication will soon feel the impact on the bottom line as customers flock elsewhere in search of increased security and a smoother journey.

Talk to us at SIBOS about how SAS is helping global banks to ensure that they are dealing with legitimate customers without affecting the customer journey.



About Author

Ian Holmes

Previously, Ian gained extensive banking industry leading experience through fraud strategy roles, with specific expertise in payments fraud covering cards and application fraud. His career developed from the ‘ground up’ to embrace analytics and strategy. Ensuring the bank was best placed to prevent fraud attack Ian gained deep expertise of decisioning systems. Ultimately, Ian became Head of Card Fraud in the UK division of HSBC and was recognised globally by his contemporaries. Joining SAS in 2011, Ian’s global role is to provide fraud expertise to drive the product enhancement; pre-sales and business implementation of the banking fraud solution globally. Ian’s team are SME’s and solution experts whom support current customers to maximise fraud performance as well as presenting business case capability to potential clients. Ian’s fraud expertise is pivotal in retaining SAS’ recognition and reputation in the industry, supporting marketing initiatives and strategic collaboration with key third party vendors is key.

Leave A Reply

Back to Top