New payment channels are also causing disruption. Internet banking, tap-and-go devices, and buy now pay later options are changing the way consumers use and think about money.
In response to these changes, many finance firms have fast-tracked planned digital transformation programs. The shift is also being driven by a lack of vendor support for legacy systems and a need to replace ageing core systems with more nimble alternatives.
The power of the customer
Increasingly, consumers are viewing the service they receive from banks in the same way they do social media and online shopping. If they don’t like the experience, they’ll go somewhere else.
Indeed, a recent survey found that 56 per cent of consumers abandoned an online service when the login experience was too frustrating.
For financial firms, the challenge therefore becomes one of offering a frictionless experience while at the same time preventing cyber criminals from accessing their network. This is where customer identity and access management (CIAM) solutions take centre stage.
CIAM platforms allow a financial services firm to build, test, and optimise digital experiences that seamlessly weave together the necessary identity capabilities that both delight and protect customers.
Capabilities of a CIAM platform include registration, self-service account management, consent and preference management, single sign-on (SSO), multi-factor authentication (MFA), application programming interface (API) security, access control, directory services, and dynamic authorisation.
CIAM offers a financial services firm and its customers some significant benefits. These include:
- A seamless user experience:
Customers want to be able to access their accounts through any device they choose and at any time. Having single sign-on (SSO) capabilities in place allows customers to access the apps or websites associated with their account through a single login.
This eliminates the need for multiple passwords, and frustrating password resets, which improves the customer experience and reduces IT support costs. Customers can also update their account profiles through self-service features, process transactions, retrieve information, and manage data privacy settings at any time.
- Unified customer profiles:
Increasingly, customers expect a personalised experience from their chosen service providers. CIAM enables unified customer profiles to be created and stored in a secure directory to provide consistent, multi-channel experiences and personalised interactions.
- A reduction in fraud:
Cyber criminals view banking and other financial accounts as high-value targets. Fraudsters with stolen credentials, including username-password combinations, can take over legitimate user accounts if identity security measures are not in place.
Multi-factor authentication (MFA) and two-factor authentication (2FA) require users to provide proof of their identities from two or more of these categories:
- Something you know, such as passwords, PINs and answers to security questions
- Something you have, such as a smartphone or other device, hard tokens, key fobs and smartcards
- Something you are, such as physical traits verified through fingerprint scans, voice or facial recognition, retinal scans, and other methods
Thankfully, fraudsters rarely have multiple proofs of identity. To reduce friction for legitimate customers, risk-based authentication can evaluate customer behaviour, device data, and other contextual factors in real time to determine the risk level and add MFA only when needed. Limiting the need for additional authentication to high-risk situations, such as logins from a new device or location, can streamline access for customers.
- Limit the scope of data breaches:
Data breaches can be caused by rogue insiders, employees falling for phishing attacks, or inadvertent mistakes made by IT or development teams. CIAM foils data breaches by encrypting data so that it can be difficult or impossible for hackers to use. It can also alert administrators of suspicious activity.
- Improve privacy and regulatory compliance:
In Australia, financial services is a highly regulated sector, and standards-based identity and access management platforms are needed to achieve full compliance. Merging CIAM solutions with identity verification solutions can allow a financial services firm to meet their obligations both domestically and around the world.
Putting it to work
Identity verification, also known as identity proofing, ties digital identities to real-life identities. Just as a bank customer visiting a branch location would be asked to show ID to open an account, online verification does the same thing.
Items used to confirm identity could include a driver’s license, government-issued ID card, or biometric data, such as fingerprints or verified photos used for facial recognition. Identity verification can be integrated directly to a firm’s mobile app to help ensure customers are who they claim to be.
It’s clear that Australian financial firms that use their digital transformation projects to incorporate customer identity will be far better placed to improve service levels and ensure their customers remain loyal in the longer term.
Ashley Diffey, head of APAC and Japan, Ping Identity