How to Protect Digital Identity of Your Customer in Omnichannel Banking?
The last two years have been rough ones cybersecurity-wise. In 2017, banks worldwide lost $16.8 billion to cybercrime. No wonder that, 71% of banking executives (up from only 34% in 2017) are now focusing their digital investments on cybersecurity tech.
Cybercrime does not only cost banks their assets: it costs them their image and customers. According to a survey conducted by Identity Theft Resource Center, due to unauthorized activity on their accounts, 28% of customers left their banks, and 22.4% left their credit card companies. Another study goes even further stating that the modern consumers expect their banks to proactively mitigate and reduce the chances of fraud, identity theft and any other types of security risks that may result in their personal data being compromised.
Certainly, most banks are glad to oblige. Nevertheless, in the omnichannel banking, customer identity protection becomes a “balancing act” of offering greater security without hampering the CX. That’s why progressive institutions are now looking into new mechanisms for complex digital identity management (and security), rather than trying to “patch” individual entry-points to the systems.
What is a Digital Identity?
In short, a digital identity definition is this:
This information is used to authenticate the user automatically, without the intervention of a human.
In case with online banking, the customer’s identity is authenticated through common verification methods – password and security questions, perhaps his zip code, and the last four digits of his social security number. Each of these things provides a layer of verification so that the bank knows a customer is whom he says he is.
The Growing Role of Digital Identity in Omnichannel Banking Experiences
Banking consumers want fast and efficient service. They want to access their accounts and perform transactions from anywhere and on any device they may be using. In fact, 58% of banking consumers want omnichannel experiences, and that number will only grow. At the same time, they want protection. Moreover, they count on their banks to keep their accounts and their identities safe.
When a banking customer acquires a new device or uses an existing device to access his online banking functions, the bank will immediately require identity verification of multiple types. In many instances, the consumer will also receive an email notification that a new device was used to access his account, requesting that the user verifies that it was indeed him who did this – another layer of protection.
Are all of these measures foolproof? No. If they were, banking consumers would not face identity theft and the use of their debit and charge cards for illegal transactions. Most often, this is the fault of the consumer, because his digital identity in cyberspace goes beyond just his baking. However, the institution must also play a role in guarding against such breaches.
Enter Self-Sovereign Identity Based on Blockchain
Digital identity management has always been a coordinated effort between the individual consumer and any enterprise with which he does business. The consumer provides certain information that is then housed in the enterprise’s system. This may include key elements of digital identity and electronic signature features, along with even newer technologies of fingerprints and facial/voice recognition. All of these digital identity solutions serve to enhance digital identity and security, but, again, no computer system, whether in-house or cloud-based is totally secure.
What if the consumer himself had complete control over his personal credentials without having to provide them to any enterprise, except on a “need-to-know” basis? This is the promise of self-sovereign identity through blockchain technology.
Blockchain technology, originally developed for digital currency transactions, has now expanded into a number of other economic sectors, including fintech. In essence, information, contracts, data, and documents can now be entered into a secure, immutable “storage” system, made up of blocks. Each block is connected to the one before and after it, and access to those blocks is only granted on a permission-based function.
A consumer enters his identity information, including an e-signature, into a block. He then controls his digital ID and will only have to provide that information, or parts of it, as he chooses. That control takes the onus off of the institution to protect and provide the digital identity protection that customers demand. In addition, consumers can engage in omnichannel retail banking, provide their electronic signatures, engage in the online signing of documents, all by giving permissions as needed. This promises to become the new identity 2.0
Of course, much of this still lies in the future, as consumers become more informed and certainly more comfortable with blockchain and its benefits. Until then, omnichannel banking solutions will have to rely on other state-of-the-art security measures.
Business Benefits of Implementing Digital Identity Functions
Digital identity functions began in retail. Consider Amazon, for example. Once a customer has set up an account with username and password, there are plenty of options to streamline purchasing from that point forward. Amazon saves personal information, frequent shipping addresses, credit and debit cards that have been used, etc. This streamlines experiences for returning customer who, with just a few clicks, can complete their purchases, no matter what device they use.
These same benefits apply to omnichannel banking:
- Customers have the digital services that they want and, indeed, demand.
- Banks can keep track of all of the touchpoints they have with their customers through a variety of channels. This places communication with customers on a much stronger footing.
- With the right software in place, banks can offer secure electronic signature functions on any device that would ease the process of doing business on the go.
- Banks will realize lower costs. When chatbots can take over more routine tasks for consumers, through multichannel banking, the need for live service agents is reduced. The saving in salaries and benefits can be substantial.
- Through the use of a variety of security tools, banks can provide multi-factor authentication that will provide digital identity protection, no matter what device a consumer may be using. The end result? Convenient consumer banking while still keeping user data secure. For example, consider just the element of secure electronic signature. With the right software in place, a bank can verify a secure electronic signature for purchases, electronic document signing (e.g., mortgage loans, credit applications, etc.) on any device.
Still, consumers do worry about the amount of personal information and data that any enterprise, including banks, hold and the security measures that are protecting that data. Huge security breaches in recent years have heightened this worry – Target, the U.S. Departments of Defense and IRS, Experian, to name just a few.
A Personalized Experience that Doesn’t Get Too Personal: Key Data Privacy Concerns
Consumers do want personalized experiences. On the balance, however, they do not want to provide any more personal information than is absolutely necessary for any enterprise, including banks.
The challenge for banks is this: they do have to collect a lot of personal information, including social security numbers because they have to remain in compliance with government regulations related to KYC (know your customer) and prevention of money laundering. They must ensure that their customers, and the transactions they complete, are legitimate and law-abiding. At the same time, they must assure their customers that their personal information is securely stored and that only what is required will be used for any transaction on any device. All of this requires the right software, with the strongest security measures in place.
The biggest issue is that customers may love the convenience, but they have little idea of what it entails. For instance, a recent survey revealed that 92% of the general public doesn’t know what is open banking directing and how exactly it will affect them. What is more, 51% of respondents claim that they will not share their financial data even if it could secure more personalized product and services recommendations to them.
So how do you win consumers’ trust technologically and remain compliant with new data privacy acts such as GDPR? Consider leveraging AI solutions.
Cognitive analytics can simultaneously help banks proactively fight crime, and understand customer behavior patterns better, especially when it comes to decision-making. By detecting and analyzing key pattern, AI solutions can establish the “normal” individual customer interactions with the bank; and the suspicious patterns. For instance, smart algorithm can identify unusual customer taps or swipes on the user’s smartphone by benchmarking those against historical data, and instantly notify the security team if any abnormalities are detected. Further, AI algorithms can leverage geo-data to spot transaction anomalies, flag sensitive cross-border conditions and verify customers’ place of business.
On the other hand, the same algorithms can be deployed to offer a greater level of customer personalization, in near real-time. For example, banks can greatly improve the lending process by programmatically analyzing the customers’:
- Geo-location (proximity to a retail outlet);
- Historical spending data (purchase history);
- Credit score.
This could both improve the customers’ satisfaction with provided services and the bank’s bottom lines.
More Methods and Technologies for Protecting Customer Digital Identity
All financial services organizations (including banks) realize a 9.5% increase in revenue if they offer an omnichannel approach. However, with such an approach comes the increased opportunity for digital ID compromises that must be mitigated.
Both “soft” (face, voice, signature and keystroke recognition) and “hard” (iris, fingertip recognition) biometrics modalities are being explored as an authentication method by banks. The majority of customers (86%) have already used finger recognition in banking at least once in 2017, and 87% consider it to be the most secure method of digital authentication.
For additional security, banks are also increasingly switching to multi-authentication hubs – compounding platforms that would facilitate multi-factor and multi-modal authentication by utilizing behavioral data. The particular advantage here is that such “hubs” can be plugged once and reused to govern multiple business processes: cross-channel authentication, transaction authorization and so on.
An authentication hub can include the following components:
- Mobile KYC (Know Your Customer) with biometric authentication framework can govern identification and verification for digital user account sign-up and onboarding. A number of security solutions are already available to capture customer ID documents as well as biometrics (e.g. facial features or fingerprints) and reconcile that data for fast remote verification.
- Risk engine that will assess all the users’ behaviors across different devices and provide contextual information for granting or denying certain actions.
- e-Signature can eliminate the need for in-person visits.
- A selection of authenticators that can be used interchangeably for different types of transactions. This will allow you to leverage both new-gen authentication methods as well as legacy ones such as PINs, OTPs and so on.
Augmented identity solutions are also on the rise, enabling banks to deploy biometric payment cards and new-gen adapting authentication methods. You can learn more about this innovative approach to security from our previous post.
“Identity-as-a-Service” (IDaaS) solutions
To battle “password fatigue” without compromising security, a lot of banks are increasingly adopting cloud IDaaS solutions, offering Single Sign-On (SSO) functionality. The financial industry specifically, can benefit from federated SSO solutions because they issue a time-limited secure token to verify user access, instead of transmitting username/password to the app over the network. This additionally eliminates such problems as:
- Customer account lock-ins that result in additional support queries;
- Non-compliance risks for storing customer passwords.
Additionally, most IDaaS solutions will allow you to create custom policy-based access management for applications and APIs to enhance security even further while satisfying the increasing compliance requirements from regulators.
Multiple Levels of Defense are a Must.
Specifically, invest in creating two independent lines of cyber defense that would:
- Securely safeguard frontline units;
- Perform company-wide cyber risk management operations.
Ultimately, the solution for banks lies in finding the right provider for their security needs. Often, in-house staff is not sufficient. What is needed is an expert resource that can look at the specific needs of a banking institution, its omnichannel functions, and then develop the right security plan for those needs and functions. The plan may lie in biometrics; it may lie in blockchain; it may lie in an IT infrastructure that will prevent data loss and threats to security. As mobile apps are developed, moreover, additional layers of security must be built into those apps as they are developed. Testing and assessments must occur to ensure that any vulnerabilities are identified and resolved. In addition, of course, there are the new security requirements, such as those of GDPR, which must be included.
If you are looking to provide an omnichannel experience for your customers (and you must if you intend to remain competitive in the banking marketplace), then you need to discuss your security needs with experts in this arena. Infopulse is ready to have that discussion with you, to evaluate your current status, and to develop an IT infrastructure plan that will provide your customers with the confidence and trust they need to make their omnichannel banking choice.