Share this post
Not all banking customers are tech-savvy. Many are not proficient in identifying common attacks, unintentionally creating opportunities for fraudsters to target these vulnerable customer bases.
What’s more, institutions deploying different solutions per channel at login, during a transaction, or at checkout during online shopping, create a disjointed authentication experience and are less effective against attacks. These measures only prompt fraudsters to jump to a different channel or change the nature of their attack — meaning fraud is seldom eliminated.
The limitations of single-channel authentication
The big risk with this type of single-channel approach is that it inhibits authentication platforms from obtaining and leveraging the additional context needed to eliminate friction and combat fraud. And this has a big impact on customers. Forcing them through a rigid journey on a device or channel that is not available or familiar to them will inevitably cause friction and a great deal of frustration.
On the technology side, single-channel authentication also prevents solutions from accessing the context from one channel to inform and improve authentication journeys on another. Both these factors create a disjointed experience that can break the customer’s trust and result in transaction abandonment and customer churn.
Quite simply, banks must prioritize the user experience when establishing a safe environment for transactions. Not only does fixing the user experience mean more transactions, but if done via a cross-channel solution, it also means better security. Though many financial service providers realize that authentication methods need to change, they may not know the next step to create the right balance between strong security and seamless customer experiences.
Enhancing security and customer experiences with cross-channel authentication
Cross-channel authentication means using a single authentication platform across all digital and payment channels. This breaks down the silos between channels, improving security and creating a seamless and familiar customer experience.
There are many authentication offerings available today, including:
- App-based authentication,
- FIDO authentication,
- Risk-based authentication,
- and more.
Cross-channel authentication means using a single authentication platform across all digital and payment channels.
Individually, these methods contribute to combating fraud and mitigating threats, but they fail to gather the full context of each customer’s transaction. That’s because they’re often deployed as a single vendor’s solution that either does not talk to the rest of the ecosystem or takes a lot of effort to facilitate a valuable data exchange. Furthermore, no individual solution offers 100% coverage across the spectrum of user devices or fraud attack vectors.
The result is gaps in coverage across an institution’s channels, either through their customer authentication mechanisms, the use cases they offer, or the authentication methods available to customers.
Entersekt’s approach to customer authentication is different
Entersekt’s customer authentication solution is unique as it provides not only secure, but near-frictionless cross-channel authentication experiences. How?
Well, if a transaction is assessed as low risk, a customer’s payment should go through without friction. However, depending on an organization’s policy and risk tolerance, they may choose to challenge the customer for certain transactions. Cross-channel authentication adds tremendous value at this stage. For the customer, this step-up authentication is a secure and seamless experience because they validate the payment using the same authentication mechanism used to log in or perform other transactions with the bank. It’s a familiar and hassle-free experience.
Benefits for banks are that there’s no need for a separate authentication mechanism. Nor do they need to get bogged down trying to integrate their current authentication solution with their ACS.
Entersekt’s partnership with Capitec Bank demonstrates how FIs can enhance the security of e-commerce payments and reduce friction at checkout. Capitec uses Entersekt’s market-leading 3D Secure solution, which harnesses the risk-based authentication (RBA) provided by NuData Security, a Mastercard company. RBA enables the solution to silently track a user’s behavior and identify high-risk interactions in real-time for a seamless, secure user experience.
Looking ahead, this is only the tip of the iceberg, though.
The next frontier: from risk-aware to Context Aware™ Authentication
Context Aware™ Authentication is the next frontier. By intelligently layering RBA within our cross-channel solution, Entersekt will take the entire authentication experience up several notches. This will be achieved by combining an ecosystem of third-party integrators and a collection of both silent and active authentication mechanisms to create the most secure and seamless user experience possible, across all digital channels.
Ultimately, it will provide a complete, context-rich picture of both the user and the interaction in real-time and allow for a curated authentication journey for the customer, for that specific interaction.
Unfortunately, banks using static, single-channel authentication policies do not take additional context into account, and their customers need to jump through extra hoops just to approve their transactions on another device or channel, which might not even be enrolled with them at the time of authentication.
Entersekt’s Context Aware™ Authentication solution will leverage the context of each interaction between the customer and the institution to determine the best authentication mechanism to employ in the moment. This is the key to building the next generation of authentication solutions.
Security needs to have great user experience. But to achieve that, you need to know what your customer is doing, where they are doing it from, and on which device, along with details of which authenticator is available. Only then can the best, most secure authentication experience be selected for that transaction.
Context gives us all that. Hello, Authentication 2.0!