Finance
A privacy pandemic: How financial services can rise to the challenge of identity
By Amir Nooriala, COO, Callsign
The financial services industry has always set the benchmark when it comes to authentication. Long before fintech start-ups drove mass-market adoption of online banking apps, high street banks that allowed their customers to access services online always had stringent security procedures. Remembering the fourth and seventh characters of a password, plus the name of your first pet, became commonplace.
Now, as consumer expectations continue to shift further in the light of the pandemic, financial services businesses are once again having to pivot. As services shift online, a dichotomy has formed where consumers demand the highest levels of security to keep their data safe, while having as frictionless a journey as possible, something that initially seems counter-intuitive.
The rising tide
Financial fraud is on the up. UK Finance estimates that £1.26 billion ($1.75bn) was lost last year alone to scams in the UK. Phishing messages, fake emails pretending to be from banks and insurers, spoof phone calls, and social engineering are all common. But, due to the COVID-19 pandemic and stay-at-home orders, other forms of scam have pushed to the forefront.
With the nation spending more time at home and ordering things from the internet, the country has become a hunting ground for bad actors looking to make money.
There’s been a worrying rise in the number of SMS scams claiming to be Royal Mail, fueled by the number of people shopping online, which asks people to pay additional fees to receive a parcel. In March 2021 alone, it is thought that there was a 645% increase in these sorts of postal service scams.
These scams, coupled with other examples, such as false messages about vaccinations, texts claiming to be from the government, or those which claim to be from businesses or banks, have all dented consumer trust.
Data in the wild
Callsign research found that almost a third (32%) of UK consumers are more concerned about their privacy than they were before the pandemic. Of those, 33% feel their privacy concerns have increased because they don’t know what data is being collected about them, and 29% say it’s because they’ve shared more as they access online services more frequently.
Given the way the various lockdowns forced the nation to change its habits and become more reliant on the internet, it’s no surprise bad actors saw an opportunity to pounce.
It’s clear consumers are increasingly concerned about what can be found about them online in the wake of the pandemic, and businesses – especially banks and businesses within the financial services sector – need to step up to assuage these fears and prevent access to fraudsters.
What can the FS industry do?
Financial service providers in the UK already adhere to strict regulations. However, with consumers more alert to privacy than ever before, the FS industry needs to consider how it can rise to the challenge of combining security with the sort of user experience their customers have come to expect.
To further improve security for consumers, the Financial Conduct Authority (FCA) will soon require merchants and Payment Service Providers (PSPs) to adhere to a new set of protocols called Secure Customer Authentication (SCA).
The SCA will require two out of three identifiers to be met in order to process payments for consumers. These include something a buyer knows (like a pin), something they have (like a phone) and something they are (a physical identifier).
This is the perfect opportunity for the FS industry to bring biometrics to the forefront of their authentication strategies; improving security and reducing friction.
Traditional security processes have been problematic, with passwords becoming less robust, with only 36% of consumers in the UK claiming they’re confident in the security of their passwords. In order to better protect customers and reduce fraud, biometrics must become the norm, but not all biometrics are the same. Traditional biometrics were static (physical) and anchored around your face or fingerprint. The time is to move away from these and onto behavioral biometrics which are passive and privacy preserving
The advantages of behavioral biometrics
With consumers more aware of privacy issues than ever before, any digital identity solution must take in to account the preservation of customer privacy. Businesses mustn’t hold on to the personally identifiable information (PII) of customers unless it’s absolutely necessary.
In the last ten years, biometric technology has rapidly evolved from a niche technology into a mainstream solution for the financial sector. There are two distinct types of biometric technology: static biometrics – identifiers like fingerprint, face, voice, iris, retina, vascular, palmprint; and behavioral biometrics – dynamic inputs such as typing and swiping patterns when customers are logging in to access online banking, products and services.
The advantage of behavioral biometrics in particular is that they’re incredibly hard to fake. Mimicking the exact way someone types in a password is not easy for a scammer. Moreover, behavioral biometrics can be used so that they don’t collect or use any PII – including images of customer faces, so they preserve privacy.
They also allow for timely interventions. For example, behavioral biometrics can identify when someone is logging in using only one hand to type – a common marker of someone being on the phone while accessing a service. This could mean they’re being socially engineered, and extra checks and warnings can take place to try and prevent any fraudulent activity.
By making the switch to biometrics, the financial services industry can make it much safer for consumers, while also reducing friction. Ultimately, as the world spends more time accessing services online than ever before, consumers need to trust that their money, data, and identity are safe, and it’s up to the FS industry to meet that challenge and build that trust.
-
Top Stories4 days ago
Talgo’s top shareholder in talks with Stadler over takeover bid, report says
-
Top Stories4 days ago
Google, Apple breakups on the agenda as global regulators target tech
-
Business4 days ago
The Future of Global Trade Will Be Green or Not at All
-
Business4 days ago
4 Ways Cargo Insurance Can Help Your Small Ecommerce Business