Published by Jessica Weisman-Pitts
Posted on September 28, 2023
6 min readLast updated: January 31, 2026
By: Seshika Fernando, Vice President of Banking and Financial Services at
By: Seshika Fernando, Vice President of Banking and Financial Services at WSO2
In today’s digital landscape, customers expect seamless, personalized experiences from all their interactions, including their banking services. However, striking the right balance between providing top-notch security and a superior customer experience (CX) has long been a challenge for financial institutions.
Traditional user-driven customer identity and access management (CIAM) systems have often left banks grappling with this dilemma—with the need for frequent customer verifications resulting in a clunky, inconvenient user experience, undermining customer trust.
Thankfully, data-driven behavioral authentication (DBA) offers a promising solution that could transform the way banks approach this challenge.
Here’s a look into the world of DBA and its potential to improve the security and customer experience landscape in banking. By automatically verifying customers in the background, using the wealth of data already collected through banking processes, DBA has the power to create a harmonious relationship between security and CX.
User-driven authentication mechanisms have long been the standard in banking. These mechanisms rely on customers providing information at each verification point, which can lead to multiple interruptions during a single digital banking session. This approach not only creates a cumbersome experience but can also leave customers feeling untrusted.
Multi-factor authentication (MFA), a common method used to enhance security, further exacerbates the issue by necessitating additional verification steps throughout digital interactions. Customers are growing weary of these frequent interruptions, especially during critical financial transactions.
The struggle to balance security and customer experience is illustrated by the metaphorical see-saw. Banks often find themselves prioritizing security at the expense of a smooth CX, resulting in a less-than-desirable banking journey. Conversely, banks that lean toward improving CX may find their efforts hindered by authentication technology limitations.
Attempts to reduce friction have been made through the introduction of biometric verification, but this still requires specific actions from customers and is only available to those with biometric technology access.
In the words of Constantin Mares, Chief Digital Officer at OTP Bank Romania, there is a strong need for a more data-driven approach in banking: “Replacing the existing authentication factors with biometrics has improved the customer journey significantly, but we would prefer to improve it further, especially to adopt more data-driven authentication.”
DBA offers a compelling alternative to this dilemma by enabling banks to simultaneously enhance security and CX. It leverages vast amounts of customer data collected during banking processes to automatically verify users in the background, eliminating the need for frequent interruptions.
DBA works by creating a comprehensive customer profile using five categories of information: identification, usage, behavioral, demographics, and life events. The customer profile created using historical data is harnessed to perform verification against the live data as the customer engages with the system. The verification process may utilize multiple methods such as combination scoring, threshold setting, and machine learning.
Since verification is performed in the background, as the customer is engaging with the system, it can be performed periodically or before specific actions, such as transferring funds to a new recipient or creating a new account. The flexibility of DBA enables banks to adjust verification frequency according to their risk profiles, reducing interruptions for customers.
While some banks have embraced DBA, others are in the early stages of adopting this technology. The authentication capability spectrum varies, but forward-thinking banks are already reaping the rewards of this innovative approach. Benefits include:
In the world of DBA, security and CX are no longer at odds but instead form a virtuous cycle. Take for example, Starling Bank, which places a high priority on both security and CX. According to Starling’s Chief Technology Advocate Jason Maude, “At Starling, we’ve got rid of this need for balance between security and CX. We now have a system that says both aspects (security, reliability, customer safety, and regulatory compliance, along with delivering new products and features and delighting customers) are very important, so let’s go for both. We built a system where these two things are mutually reinforcing instead of contradicting each other.”
DBA represents a significant step forward in the banking industry’s quest to balance security and CX. By leveraging data to verify users seamlessly in the background, banks can meet customer expectations for personalized experiences while enhancing security. This innovative approach not only builds customer trust and loyalty but also positions banks to compete effectively in the evolving landscape of open banking. As banks continue to adopt DBA, the future promises a synergistic relationship between security and CX, ultimately benefiting both customers and financial organizations.
Bio: As the Vice President of Banking and Financial Services at WSO2, Seshika Fernando plays a vital role in helping banks worldwide optimize and accelerate their digital initiatives. She frequently speaks at international technology conferences, where she shares her insights and expertise on various topics such as open banking, security and privacy, digital identity, data science, and digital transformation. She holds a BSc (Hons) in Computer Science from the University of Colombo, Sri Lanka, and an MSc in Finance from the London School of Economics, UK.
Behavioral authentication is a security method that verifies users based on their behavior patterns, such as typing speed and mouse movements, rather than traditional passwords.
Multi-factor authentication (MFA) is a security system that requires two or more verification methods to gain access to an account, enhancing security beyond just a password.
Machine learning in banking refers to the use of algorithms and statistical models to analyze data, enabling banks to improve decision-making and enhance customer experiences.
Explore more articles in the Banking category
