As digital banking continues to rise, consumers expect to onboard and access financial institutions and smoothly manage their finances on any connected device.
Wherever they are.
In parallel, financial institutions face a dramatic increase in the number of cyberattacks, with more sophistication and complexity.
Fraudsters and hackers continuously challenge the security measures in place by financial institutions to protect their customers’ sensitive data.
Here’s an example from the Facts the Fraud 2020 report from UK Finance. We see that, even though financial institutions in the UK do a fairly good job and prevent approx. 60% of all attempted fraud, it still poses a significant threat with big losses. Mobile banking fraud losses are increasing rapidly, up 92% in 2019.
Thus, risk management strategies and authentication policies need to adapt and be more automated to cope with an increased number of connections, the creativity of fraudsters, and new regulations.
Financial Institutions need to use multiple techniques to monitor each risk and cyberattack, but solving this can be a real challenge with several vendors involved.
There are five leading technologies to detect fraud, and Gemalto IdCloud supports them all:
We are continuously evaluating, improving, and integrating new technologies to our cloud services to ensure you always have the best possible protection and stay one step ahead of the fraudsters.
There’s more.
By adding risk management to your KYC services, you can introduce adaptive onboarding, such as starting the whole process by checking for any signs of potentially fraudulent activity, before launching the actual KYC process.
The goal is to prevent ID fraud and lower false acceptance rate (FAR), one of the most important KPIs to track during digital onboarding.
It is also possible to lower the total cost of ownership by avoiding additional checks and abandoning high-risk enrollments at an early stage.
The best way to combat new account fraud is with a holistic, multi-layered approach to security.
Using device reputation, IP intelligence, and population profiling technologies and learning to recognize your standard user’s everyday online interactions (comparing legitimate customer behavior and known fraudster behavior), it is possible to weed out criminals in real-time.
By adding smart risk management services to the access phase, every customer transaction’s risk level is analyzed in real-time. A recommendation on the most appropriate authentication method is given.
This process helps to make the right choice to minimize fraud, allow the transaction, block the transaction, or challenge the customer with a step-up authentication.
The result?
This can mitigate account takeover (ATO) fraud, and financial institutions can define a continuous adaptive authentication policy based on customer segmentation, customer preferences, use cases, and their own parameters.
You can also introduce silent login, as mentioned in PSD2.
This means you do not have to ask for an additional 2-factor authentication at login if you have risk management in place to confirm the user is genuine.
This user confirmation can be done with the customer profiling technology available in Thales Gemalto IdCloud, based on behavioral biometrics.
As all are running silently in the background, the solution provides a frictionless end-user experience.
Our risk management services are part of Thales Gemalto IdCloud.
Our cloud-based managed services let financial institutions combine KYC, authentication, and risk management to secure onboarding and access to digital banking services and enhance the customer journey.
This is done with one single simplified API.
Mobile biometric authentication is an approach to multi-factor authentication (MFA) to verify an individual’s identity that uses possession of a mobile device as a first factor and use of that device to verify a unique biometric identifier as a second factor.
