Breaking down silos: why cross-channel and Context Aware™ Authentication will change the game

by Schalk Nolte

Share this post

Not all banking customers are tech-savvy. Many are not proficient in identifying common attacks, unintentionally creating opportunities for fraudsters to target these vulnerable customer bases.

What’s more, institutions deploying different solutions per channel at login, during a transaction, or at checkout during online shopping, create a disjointed authentication experience and are less effective against attacks. These measures only prompt fraudsters to jump to a different channel or change the nature of their attack — meaning fraud is seldom eliminated.

The limitations of single-channel authentication

The big risk with this type of single-channel approach is that it inhibits authentication platforms from obtaining and leveraging the additional context needed to eliminate friction and combat fraud. And this has a big impact on customers. Forcing them through a rigid journey on a device or channel that is not available or familiar to them will inevitably cause friction and a great deal of frustration.

On the technology side, single-channel authentication also prevents solutions from accessing the context from one channel to inform and improve authentication journeys on another. Both these factors create a disjointed experience that can break the customer’s trust and result in transaction abandonment and customer churn.

Quite simply, banks must prioritize the user experience when establishing a safe environment for transactions. Not only does fixing the user experience mean more transactions, but if done via a cross-channel solution, it also means better security. Though many financial service providers realize that authentication methods need to change, they may not know the next step to create the right balance between strong security and seamless customer experiences.

Enhancing security and customer experiences with cross-channel authentication

Cross-channel authentication means using a single authentication platform across all digital and payment channels. This breaks down the silos between channels, improving security and creating a seamless and familiar customer experience.

There are many authentication offerings available today, including:

  • App-based authentication,
  • FIDO authentication,
  • Risk-based authentication,
  • and more.

Cross-channel authentication means using a single authentication platform across all digital and payment channels.

Individually, these methods contribute to combating fraud and mitigating threats, but they fail to gather the full context of each customer’s transaction. That’s because they’re often deployed as a single vendor’s solution that either does not talk to the rest of the ecosystem or takes a lot of effort to facilitate a valuable data exchange. Furthermore, no individual solution offers 100% coverage across the spectrum of user devices or fraud attack vectors.

The result is gaps in coverage across an institution’s channels, either through their customer authentication mechanisms, the use cases they offer, or the authentication methods available to customers.

Entersekt’s approach to customer authentication is different

Entersekt’s customer authentication solution is unique as it provides not only secure, but near-frictionless cross-channel authentication experiences. How?

Well, if a transaction is assessed as low risk, a customer’s payment should go through without friction. However, depending on an organization’s policy and risk tolerance, they may choose to challenge the customer for certain transactions. Cross-channel authentication adds tremendous value at this stage. For the customer, this step-up authentication is a secure and seamless experience because they validate the payment using the same authentication mechanism used to log in or perform other transactions with the bank. It’s a familiar and hassle-free experience.

Benefits for banks are that there’s no need for a separate authentication mechanism. Nor do they need to get bogged down trying to integrate their current authentication solution with their ACS.

Entersekt’s partnership with Capitec Bank demonstrates how FIs can enhance the security of e-commerce payments and reduce friction at checkout. Capitec uses Entersekt’s market-leading 3D Secure solution, which harnesses the risk-based authentication (RBA) provided by NuData Security, a Mastercard company. RBA enables the solution to silently track a user’s behavior and identify high-risk interactions in real-time for a seamless, secure user experience.

Looking ahead, this is only the tip of the iceberg, though.

The next frontier: from risk-aware to Context Aware™ Authentication

Context Aware™ Authentication is the next frontier. By intelligently layering RBA within our cross-channel solution, Entersekt will take the entire authentication experience up several notches. This will be achieved by combining an ecosystem of third-party integrators and a collection of both silent and active authentication mechanisms to create the most secure and seamless user experience possible, across all digital channels.

Ultimately, it will provide a complete, context-rich picture of both the user and the interaction in real-time and allow for a curated authentication journey for the customer, for that specific interaction.

Unfortunately, banks using static, single-channel authentication policies do not take additional context into account, and their customers need to jump through extra hoops just to approve their transactions on another device or channel, which might not even be enrolled with them at the time of authentication.

Entersekt’s Context Aware™ Authentication solution will leverage the context of each interaction between the customer and the institution to determine the best authentication mechanism to employ in the moment. This is the key to building the next generation of authentication solutions.

Security needs to have great user experience. But to achieve that, you need to know what your customer is doing, where they are doing it from, and on which device, along with details of which authenticator is available. Only then can the best, most secure authentication experience be selected for that transaction.

Context gives us all that. Hello, Authentication 2.0!

Schalk Nolte

Entersekt CEO

entersekt logo_withslogan_GreenNavy_RGB
Article by Entersekt

More To Explore

Membership

Merchant Community Membership

Are you a member of The Payments Association?

Member benefits include free tickets, discounts to more tickets, elevated brand visibility and more. Sign in to book tickets and find out more.

Welcome

Log in to access complimentary passes or discounts and access exclusive content as part of your membership. An auto-login link will be sent directly to your email.

Having trouble signing?

We use an auto-login link to ensure optimum security for your members hub. Simply enter your professional work e-mail address into the input area and you’ll receive a link to directly access your account.

First things first

Have you set up your Member account yet? If not, click here to do so.

Still not receiving your auto-login link?

Instead of using passwords, we e-mail you a link to log in to the site. This allows us to automatically verify you and apply member benefits based on your e-mail domain name.

Please click the button below which relates to the issue you’re having.

I didn't receive an e-mail

Tip: Check your spam

Sometimes our e-mails end up in spam. Make sure to check your spam folder for e-mails from The Payments Association

Tip: Check “other” tabs

Most modern e-mail clients now separate e-mails into different tabs. For example, Outlook has an “Other” tab, and Gmail has tabs for different types of e-mails, such as promotional.

Tip: Click the link within 60 minutes

For security reasons the link will expire after 60 minutes. Try submitting the login form again and wait a few seconds for the e-mail to arrive.

Tip: Only click once

The link will only work one time – once it’s been clicked, the link won’t log you in again. Instead, you’ll need to go back to the login screen and generate a new link.

Tip: Delete old login e-mails

Make sure you’re clicking the link on the most recent e-mail that’s been sent to you. We recommend deleting the e-mail once you’ve clicked the link.

Tip: Check your security policies

Some security systems will automatically click on links in e-mails to check for phishing, malware, viruses and other malicious threats. If these have been clicked, it won’t work when you try to click on the link.

Need to change your e-mail address?

For security reasons, e-mail address changes can only be complete by your Member Engagement Manager. Please contact the team directly for further help.

Still got a question?