Banks Are Gaining the Upper Hand on Fraud with Modern SaaS Authentication
We regularly host webcasts on topics such as fraud prevention, authentication, and digital security best practices. If you missed our recent webcast, Future-Proof Authentication with a Modern Cloud-Based Platform, hosted by American Banker, here is the 5 minute summary. The full presentation is available on-demand.
The COVID-19 pandemic has raised a variety of security concerns with banks facing increasingly sophisticated fraud attacks. At the same time, we’re seeing more demand from customers for better digital experiences along with new opportunities to drive down operational costs in an increasingly digital world. Modernization initiatives, like cloud-based SaaS solutions, address all of these issues and enable fast deployment of new technologies for constant improvement. The decision to switch to cloud-based solutions is an easy one that provides lasting benefits – both for customers and financial institutions.
During the webinar, we asked our audience (50% financial services professionals), “How far along are you with the modernization of your end user authentication?” Almost 50% replied “Not Sure” and only 7% said that modernization has been prioritized. This matches trends we’ve been seeing in the industry as a whole, with many FIs being only in the early stages of the process.
“Most major financial institutions are well aware of the imperative for action and have embarked on the necessary transformation. However… most are only at the beginning of their journey… [with] many facing challenges in terms of funding, complexity, and talent availability.”
– McKinsey & Co., April 2020 “Next-gen Technology transformation in Financial Services”
The Current State of Bank Modernization
The pandemic has also pushed many companies towards accepting modern solutions at faster rates. In addition to an increase in fraud, there has been heightened demand for improved digital channels and an improved user experience (UX) along with the growing imperative on the business side to reduce operational costs.
However, one of the main pain points that we hear from customers with an on-premise infrastructure and related technology is that digital transformation and the ability to deploy new technologies is difficult to achieve with inflexible, legacy on-premise platforms.
Customers are demanding more digital interactions and far fewer in-person touchpoints, and cloud technology is key to supporting business continuity. It provides the flexibility to quickly deploy new authentication technology as well as the scale, performance, and security to ensure customers can conduct their transactions securely and conveniently.
The high costs associated with maintaining physical branches and on-premise authentication processes is another key driver in the trend towards modernization. The biggest motivator, however, is the draw of “future-proof” technology. The flexibility to add new security technologies quickly and easily is critical to addressing sophisticated attempts of fraud and meeting evolving customer experience expectations. In addition, modern web services with simple API’s enable streamlined development efforts and integrate easily with third party applications. These drivers are leading companies to focus on future-proof SaaS strategies and solutions..
In our second poll question, we asked audience members, “What does modern authentication mean to you?”
The highest number of responses landed on risk-based authentication, SaaS/cloud-based platform, and biometrics. This is very similar to what we’re seeing in research. The ease of integrating new technologies, particularly around biometrics, has really increased in recent years along with incorporating new technologies at your own pace. It’s important to be able to link older and newer technologies (i.e. hardware authenticators and biometrics), so companies can make updates as they see fit.
OneSpan Cloud Authentication (OCA)
OneSpan Cloud Authentication (OCA) is a “lightweight” cloud-based authentication solution. OCA is generally seen as an initial stepping-stone to modernizing authentication and a move to a platform that makes it much easier to integrate new authentication technologies. It also supports a wide range of hardware and software authentication technologies thereby ensuring a good fit for each unique use case. Our customers have been able to fully deploy OCA to production very quickly and with very few IT resources.
Whichever authentication solution you ultimately choose, it should fully address three criteria:
- Built on a modern cloud-based platform that is fast to deploy, leverages a single API integration, and requires very little IT resources and Professional Service maintenance and support
- Supports all the authentication options you require to stop fraud while boosting user experience
- Provides a single, integrated platform to address future requirements
OneSpan Cloud Authentication works from two main angles – protecting the user, and protecting the app itself. During the pandemic, there was an uptick in phishing attacks, which led to end-users being the most at-risk targets for fraud. For this reason, it is imperative to employ authentication solutions with a balance of strong UX and a range of security features to ensure users are protected but as undisturbed as possible by the security measures in place.
To protect the end user, OneSpan uses technologies such as Cronto® codes, a fully encrypted QR-like code that provides transaction security and an easy UX. Cronto codes can be used to onboard new user devices, log in to an account, and ensure a secure communication pathway from the financial institution to the user. This enables the bank to control the transaction authorization process, sending fully encrypted transaction details for the user to view and approve.
In addition to authenticating the end-user, companies must also protect their apps, which are open to a host of attacks. By employing OneSpan’s app shielding, financial institutions can rest assured that their apps are protected, and that their fraud teams will receive real-time alerts notifying them of malicious attempts and activities.
Possibly the most advantageous element of OCA, however, is that the cloud-based system allows companies to slowly increase and change authentication requirements as needed. Mobile devices, while clearly a security risk in their own right, actually give us a huge amount of information that we can use to continuously validate user actions and authenticate transactions. By incorporating features such as risk analytics, you can use usage patterns, geolocations, and more to evaluate transactions for fraud. By leveraging machine learning, we are able to create detailed user profiles and pick out patterns to preemptively block attacks that are determined to be suspicious.
When we combine all of these tools together, you get a “full stack” authentication system – meaning you’re using the correct level of authentication at the correct time. This introduces a much greater challenge for fraudsters, as they cannot have a standard plan of attack against a dynamic security system that might ask for a biometric scan for one transaction and a push notification or liveness test for the next. At the same time, we are not disturbing the user with unnecessary security protocols – only asking for further authentication when truly needed – thus addressing security and UX concerns simultaneously.
Once you’re using the cloud, it’s easy to leverage all of these different components and switch out features to meet the needs of your customers now and in the future.
OneSpan Cloud Authentication is the first step to authentication modernization, opening up a host of options to enhance security and user experience:
- Quick and easy to deploy
- Extensive hardware and software authentication options
- Convenient push notification-based mobile provisioning