Anyone following the news knows that cybersecurity is a hot topic across all industries. This is especially true for the financial services industry. With hacks and online fraud on the rise, banks are doing everything they can to reassure customers that their digital information is safe and secure.
And in 2016, this means thinking beyond traditional security measures like a simple username and password combination or a personal identification number (PIN). Digital authentication technologies have evolved beyond passwords, and now include biometric data, like a fingerprint or voice identification, and digital identify authentication, which could combine a user’s device and location, for example.
Banks are increasingly adopting emerging technologies to minimize the opportunities hackers have to conduct illegal activities. Here are three areas that illustrate how banks are stepping up their fraud prevention game through the use of digital authentication technologies.
Federated Digital Identity
One of the biggest friction points for both security teams and users is having multiple identities and logins for different systems. That’s why forward-thinking institutions are exploring the move to a single, federated digital ID that users can authenticate themselves with across different institutions and product lines.
Giving users a single ID provides greater security. Login information isn’t being passed around among multiple systems, so hackers have fewer access points to exploit. Banks are also being forced to comply with increasing cybersecurity regulation as the federal government tries to combat illegal activities like money laundering. Having a single ID would allow financial institutions to quickly access that user’s unique digital token, thereby eliminating unnecessary fraud investigations.
An early sign of this model is USAA’s partnership with the federal government. The goal of the partnership is to allow USAA’s members to access their banking and government accounts with a single username and password. This will serve not only to make things more convenient for the user, but to allow both the U.S. government and USAA to focus their security efforts on protecting just a single digital identity. (USAA’s customer base is restricted to active and former U.S. military members and their families.)
While centralizing IDs and logins makes sense on the front end, banks are looking at the blockchain and distributed networks to provide additional security on the back end. The blockchain acts as a digital public ledger, and the technology was originally designed for bitcoin transactions. Because information on the blockchain isn’t stored on a single computer or server, it removes the risk of a central point of security failure.
Since blockchain technology authenticates users based on a device-specific token, hackers can’t just steal user data from a central server for the purpose of fraudulent usage. The blockchain also facilitates true peer-to-peer transactions, eliminating the need for middlemen who verify ACH transfers, for example. This eliminates yet another potential access point for hackers.
That’s why payment technology companies like Dwolla are turning to blockchain to enhance security. They partnered with BBVA earlier this year to create a real-time payments platform on the blockchain. The idea is to still provide the convenience of digital payments, but facilitated by the Blockchain to provide an additional layer of security.
The next big wave in preventing online fraud for banks might just be biometric authentication technologies. In fact, USAA is in the process of rolling out user authentication with software that recognizes the facial contours of users before allowing them to log in. Since things like fingerprints and facial features are nearly impossible to duplicate by hackers, biometrics could provide even more security than device-specific tokens.
In addition to providing secure access, biometrics take away the need to use other sensitive data for authentication purposes. Things like phone numbers, emails and Social Security numbers wouldn’t have to pass back and forth during the login process, thus decreasing their vulnerability of being hacked.
Banks are forced to walk a finer line than ever, balancing convenience with security and fraud prevention. Technologies like the federated ID, blockchain and biometrics are being recognized by financial institutions as the next wave in fraud prevention. If banks are able to steadily phase these in and fortify potential security gaps along the way, they'll be able to more effectively keep the bad guys out while keeping the customer experience smooth and seamless.