Best Practices for Switching from Hardware to Software Tokens

Jeannine Mulliner, January 15, 2018

The smartphone has become indispensable. According to Deloitte’s latest Global Mobile Consumer Trends1 report, a survey of 17 developed countries found that one in five consumers checks their phone >50 times a day.

The explosive adoption of mobile apps and devices is changing how banks authenticate customers in the digital world. One trend we expect to continue into 2018 and beyond, is the drive to upgrade customer authentication technology from hardware authentication to software tokens.

At OneSpan, we are seeing an increase in the number of inquiries from banks on best practices for migrating from hardware to software authentication. To answer these questions, we interviewed a bank that recently made the transition. One of the bank’s top learnings was that successfully switching customers to a new authentication method has as much to do with managing change and driving adoption, as it does with choosing the right technology.

Discover the latest trends in Mobile Banking Malware and how to fight them

Discover the latest trends in Mobile Banking Malware and how to fight them

Watch this OneSpan webinar and gain insight into new Technologies and Strategies to fight the latest trends in Mobile Banking Malware. Trust and a better customer experience will be a direct result.

Watch Now

Software Tokens: Adoption Best Practices

While this bank’s customers have used OTP hardware tokens for years, the bank knew that introducing software tokens would ensure strong security coupled with a faster, easier user experience. (Prior to software authentication, customers had to remember multiple passwords; forgotten passwords blocked customers from transacting and required a reset by the helpdesk.)

To get the project started, the bank developed a cost analysis to compare the two authentication methods. The analysis remains confidential, but the projected cost savings for the software authentication were so compelling the bank’s Project Manager confirmed that, “from a cost perspective, using only hardware was no longer an option for us.”

However, the bank had concerns about customer adoption. They surveyed their customer base to validate customers’ readiness to accept software tokens. The research showed that most customers actually wanted both. Customers want the convenience of using their mobile device, knowing that if something goes wrong (e.g., lost phone, dead battery, etc.) they have a hardware backup.

If you are considering migrating your customers to soft tokens, here are four important lessons this bank shared with us:

  1. Survey customers to validate their readiness to accept software authentication. Survey responses will help identify any resistance to the new authentication method, and will help you prepare accordingly.
  2. Tailor your customer communications. Not all customers are tech savvy. Segmenting and customizing communications to different user groups will increase adoption. As an example, adapt your messaging and communicate differently to slow adopters vs. mobile-first customers.
  3. Produce short explainer videos. Many customers prefer to watch a video rather than read the information on your website or client portal. Use short videos to explain the value (why authenticate through a mobile app on your phone instead of your OTP hardware) and demonstrate how it works.
  4. Scale the helpdesk. A small percentage of customers will need the most support. Plan accordingly to ensure a smooth transition for those customers, as well as your helpdesk staff.

Software Token Adoption at 62%

In the full case study, this bank explains that while their mobile-first customers were interested in software tokens, not everyone wanted to use their smartphone as an authentication method. In fact, the bank had to overcome three barriers to adoption:

  1. Lack of familiarity with, and therefore trust in, software tokens.
  2. Concerns about having too many apps already (not wanting to run out of space on the phone).
  3. Concerns about loss or theft of the phone.

As a result, the bank decided to move forward with a hybrid hardware and software authentication system — while designing their customer communications to promote the software option. The Project Manager explained that tailoring their customer communications was crucial to the bank’s success:

“We noticed that initially, customers are resistant to change.
But once they try mobile authentication,
they are very satisfied and stay with it.
That’s why communication is so important.
You have to convince customers to try it.”

Not surprisingly, the way the banks explains the new authentication methods to customers directly influences adoption. The bank first promotes the software token, presenting the hardware option only if the customer does not have a smartphone. By promoting the mobile authentication option first, the bank saw 62% of the first wave of migrated customers activate the soft token.

Customer Satisfaction

One of the most noticeable benefits was the level of customer satisfaction among those who tried the software token.

“Feedback from people who activated the soft key
has been very positive. It’s a lot easier to use.”

-The bank’s Project Manager

“Overall, the majority of customers did not have any trouble understanding software authentication, and were very happy we introduced it. They found the information on the website, read it, and were able to activate and start using it without any helpdesk support.”

For detailed insights and best practices on how this bank took a phased approach, tailored their communications, and simplified the activation process, read the full case study.


For 20 years, Jeannine has been writing about technology and how to apply it to solve everyday challenges. In her role as Content Director at OneSpan, Jeannine leads a team of writers and content developers focused on helping financial institutions and other organizations gain value from security