Connect with us

Top Stories

THREE WAYS TO OVERCOME THE CHALLENGES OF SCA REGULATIONS WITH INTELLIGENT AUTHENTICATION

Frederik Mennes, Director of Product Security, Security Competence Center, OneSpan

 

Security is hot on the agenda for banks and financial institutions. Breaches and fraud are becoming commonplace, and cyber-criminals are continuing to look for new and innovative ways to exploit vulnerabilities. Pressure is also coming from customers and regulators, who have increasingly high expectations that companies are keeping data secure, especially financial. Indeed, the banking industry is one of the most heavily regulated across the world, and in the EU, the 14 September deadline for PSD2 is fast approaching.

The Strong Customer Authentication (SCA) rules, as part of PSD2, are intended to enhance the security of e-commerce payments and limit fraud. Once SCA comes into effect, customers purchasing more than €30 worth of items will be required to be authenticated by two out of three elements: something the customer knows (PIN, password, security question), something the customer has (a device), and/or something the customer is (biometric data such as fingerprints, or facial recognition).

With some banks choosing to opt for mobile phone verification as one of the options, concerns were raised that almost a third of online purchases could fail, and thousands of UK customers could be frozen out of online shopping if they don’t own a mobile phone or can’t access signal. Subsequently, the FCA recently delayed the introduction of SCA for e-commerce payments by up to 18 months.

Banks are now faced with the challenge of meeting the SCA regulations surrounding authentication, while also providing a seamless user experience, and meeting customer expectations.

Here are three ways to overcome challenges with SCA regulations.

 

Adopt intelligent adaptive technologies

One way they can achieve this is by adopting intelligent authentication technology. These are powered by AI and machine learning, and assess the risk level of a transaction based on vast and disparate data, including transaction details, customer behavior, the integrity of the device and mobile apps, and other contextual data points. This information is then used to determine what level of authentication is required. Crucially for SCA, intelligent authentication isn’t limited to one or two methods, such as a PIN and mobile phone text. A range of authentication methods can be employed depending on the situation.

For example, if a customer tries to make a large clothes purchase online, but doesn’t have mobile phone signal, instead of being required to enter a PIN and a one time PIN via push notification or mobile appthey could use a fingerprint instead. Or, if the customer doesn’t have access to a mobile phone at all, the bank could phone the customer on their landline, providing an automated code for them to enter.

Crucially, by adopting intelligent authentication banks will be able to comply with the SCA rules of authentication by two different elements, without limiting customers to certain authentication methods that might not be convenient, such as a mobile phone text verification.

 

Fight fraud with risk-based security

As well as ensuring banks are compliant with SCA regulations, intelligent authentication is also a key solution for helping banks drive down fraud. Fraud cost banks £1.2 billion in 2018, and new incidents of financial fraud were being reported every 15 seconds during the year, making it a top priority. With money, customers, and reputation on the line, banks need to ensure they’re making necessary changes to combat fraud.

However, it’s increasingly difficult to identify fraud across multiple digital channels. To stay ahead banks need to take a risk-based, context aware approach to security, including authentication. With intelligent authentication, the risk of a situation is determined and authentication levels adjusted accordingly.

For example, if a customer tries to make a larger than usual payment, from an untrusted device, in an uncommon location, it is more likely to be an attempt at fraud. However, people don’t live in boxes, or behave the same way all the time, and it’s entirely possible that the payment attempt is genuine.

Therefore, instead of denying the transaction, resulting in potentially unnecessary frustration, intelligent authentication challenges the customer accordingly. Instead of only asking the customer to present a passcode as authentication, because the transaction is unusual, additional authentication is required, such as a fingerprint.

Intelligent authentication is a great example of banks being able to take advantage of emerging technologies to identify and prevent fraud, without compromising the user experience.

 

Balance security and the experience

The banking landscape is shifting rapidly, with advances in technology and the rise of challenger banks. Customers are demanding more from their banks, and expect a fully digital and seamless experience at all touch points, whether that’s purchasing an item online, or taking out a loan.

At the same time, regulations are placing far more importance on security than ever before, and with the relentless threat of fraud and cyber-attacks hanging over banks, ensuring their customers are secure needs to be a top priority.

Consumers don’t want to see or pay for security anymore; it’s just expected. Intelligent authentication is one way banks and financial institutions can deliver the dream of a secure and seamless banking experience while also remaining compliant with regulations such as SCA.

 

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Top Stories

WHAT DOES 2020 LOOK LIKE FOR P2P LENDING?

By Roberts Lasovskis, Investment Platform Lead, TWINO

 

It’s a new year; time for resolutions and forward planning, positivity and drive. But the peer-to-peer industry would do well to engage in a bit of introspection as well; a look back to the year gone by, which serves as a more than useful reminder of what can happen in less propitious times, even for the well-intentioned.

2019 saw two major failures in the European peer-to-peer market, with both Lendy’s collapse in May and FundingSecure in October putting investor capital at risk. Between the two, a combined £240m of savers’ money was put at risk, leading to the inevitable questions of regulators. On top of the two lenders failing, the well-established Funding Circle came into difficulties with its new withdrawal processes raising investor concern. But in all three stories from last year is a sign of how peer-to-peer can succeed in 2020, providing last year’s lessons are learnt.

 

Roberts Lasovskis

Embracing regulation

There is one aspect of the two peer-to-peer collapses last year that stood out for much of the criticism from both media and investors. Both Lendy and FundingSecure came advertised as ‘approved by the FCA’, yet in collapse, both displayed structural faults and warning signs that should perhaps have been noticed earlier. Managing credit risk is an expensive learning process, but should be taken very seriously, and using as many data sources and as much testing as possible. Inevitably, these high-profile failures will cause a tightening of regulation across the industry, which should be welcomed.

The industry should embrace the ongoing development of its regulation – it is not something to just be tolerated and survived. Higher levels of scrutiny from administrators lead to better industry structures and more robust business models that generate greater trust from consumers. This is an inevitable step for a maturing industry, and now is the time for peer-to-peer to ensure its regulations are fit for purpose, and that investor money is not put at unnecessary risk.

But regulation is about more than just stopping the high-profile failures and helping to build consumer trust in the sector. When implemented properly, regulation encourages the development of better products; companies are forced to innovate and adapt to meet the new challenges, eliminating the number of shortcuts or ‘easy options’ that are taken when developing a product for consumers. Ultimately, this creates safer and more sustainable returns for investors.

 

Transparency is key

One of the major lessons the past year has taught us is the importance of transparency, particularly when communicating with investors. But whether it’s investors, borrowers or other industry partners, transparency and clear communication are key to rebuilding trust in the P2P sector, and even as specifically as in individual products or companies. Take Funding Circle as an example. It is undoubtedly one of the most successful businesses in the sector, and yet has been suffering a recent crisis in trust, which has been largely caused by customers not fully understanding what procedural changes are going to mean for their money.

The changes in question are not necessarily the full problem. The model is no less safe, and the business is no less high-profile. Nor do investors automatically object to the idea of a delay before they can access their money (look at fixed-term savings accounts for example). As with all peer to peer lending platforms, it is simply a question of understanding risk – customers misinterpreted the changes as a sign that their money was under threat and understandably rushed to protect it.

 

The customer is king

Fintech exploded as a sector in the wake of the 2008 financial crash, as a reaction to bad practices in the financial services industry. The industry was created with a promise of ‘customer-first’ products; solutions to fix the shortcomings in finance and financial services, and to pivot them back to a consumer-focus. From product development to marketing and communications, peer-to-peer must remember where it came from and ensure that the customer always comes first.

This is particularly important should another economic downturn materialise, as many are predicting within the next couple of years. Fintech businesses emerged as the success stories from the last downturn by creating solutions that focused on their customers. They should do so again.

For all the perceived problems in the P2P sector, the fundamental market for the products have not changed; investors who want to generate good returns still need to be connected with those seeking convenient loans. By remembering where it came from, and the problems it set out to solve, the sector can still thrive in 2020, even if the predicted economic downturn does transpire. To avoid the pitfalls other providers have fallen into, peer-to-peer must embrace regulation, communicate with transparency and focus on leveraging their expertise to provide trustworthy customer-centric solutions.

Continue Reading

Top Stories

WHAT ARE THE PAYMENTS TRENDS FOR 2020?

By Sunil Dixit, VP of Product, Adyen

 

There are some big changes in store in 2020, some obvious, some less so. In the payments landscape, it’s all about user convenience and customer experience, whether that’s through increased security for card users, or new ways to pay. Fragmented payments systems and services, from online to in-store, will move towards a unified centralised payment stack. We think there are a few trends to watch in 2020.

 

Network Tokenisation

Ecommerce is continuing to expand and it’s supporting the rise of the subscription economy and innovative platform business models. With more sensitive card data than ever being shared to complete payment at the checkout, protective steps must be taken to secure this information by all parties. To combat the rise in fraud, tokenisation will become an increasingly common way to protect payment details. In the first half of the year 140,344 fraud attacks were recorded by RSA’s Fraud and Risk Intelligence (FRI) team. That represents 32 attacks every hour and is an increase from 86,344 in the last six months of 2018. So, what is tokenisation, and how can it help?

Tokenisation is used to safeguard a card’s payment card number (PAN) by replacing it with a worthless, unique string of numbers – a token. Payment tokens are generated per card, per merchant. This means that the customer’s sensitive PAN is substituted by a token and not transmitted during the transaction, making the payment more secure. The beauty of network tokenisation is that it helps protect businesses and customers from the financial hits of data theft. Even if hackers manage to steal tokenised data, they cannot use the stolen tokens to pay online since they are unable to link the token to payment information stored securely by the payment partner. Furthermore, network tokens are always up-to-date. If your payment card changes after a loss or theft, the token can still be used to pay, ensuring you can continue to enjoy streaming services without disruption.

 

Strong Customer Authentication (SCA)

The implementation of the second Payment Services Directive (PSD2) will continue to roll out across Europe in the new year, with certain transactions requiring authentication for purchase. 3DS 2.0 uses the full capabilities of mobile devices to create a more secure way to identify the customer, without adding friction to their checkout experience.

Some banks are expected to launch SCA in a gradual fashion over the course of 2020, with others not going live until the end of this year. This is due to the European Banking Authority announcing a delay in the deadline of PSD2 enforcement to 31st Dec 2020. There is still a lot of ambiguity for merchants looking to ensure they are able to support the new directive. With the possibility of EU regulators enforcing PSD2 at different times, businesses will need technology that can dynamically apply SCA to ensure payments aren’t declined due to SCA not being active.

 

Biometrics take centre stage

2019 saw the first biometric fingerprint credit card issued by a UK bank – expect 2020 to see more of this kind of payment innovation. With smartphones unlocking themselves through facial recognition and fingerprint scanning, biometric security is already ingrained into most of our lives. As payment providers look to increase security, both in response to PSD2 regulations and the increasing sophistication of fraud tactics, biometrics data is going to become an incredibly important tool for purchases. Beyond the UK and Europe, Australian and Brazilian banks are getting on board with 3DS 2.0, ahead of the decommissioning of 3DS 1.0 over the coming years.

Transactions through 3D Secure 2 already incorporate biometric authentication such as fingerprint and voice recognition or facial scans into the process. Even better, 3DS 2.0 can use data collected in checkout to authenticate a transaction without intervention from the customer. This creates an improved customer experience for mobile transactions that require strong authentication.

Expect to see your personal features becoming a more secure way to pay as banks and merchants look to step up their fight against fraudsters.

The payments landscape moves fast to support on-the-go customers carrying smart mobile devices. Self-service kiosks in quick service restaurants, endless aisle inventory in retail, apps that can be a hotel key card as well as a mode of booking and paying for an overnight stay. All these experiences offer exciting possibilities for improving customers’ lives and provide unprecedented levels of data and insights for businesses. Make sure your payments stack is ready for 2020 to deliver the experiences your customers deserve.

 

Continue Reading

Magazine

Partner Events

Trending

Banking3 days ago

BANKS UNDER ATTACK: HOW FINANCIAL INSTITUTIONS CAN PROTECT DIGITAL GROWTH

By Victor Acin, Threat Intelligence Analyst, Blueliv   Financial services firms are increasingly being told to embrace disruption in order...

Banking3 days ago

THE ROLE OF NEW TECHNOLOGY IN DEVELOPMENT OF MYANMAR’S BANKING INDUSTRY

U Htoo Htet Tay Za, Managing Director, AGD Bank   Myanmar’s economy is one of the fastest growing in Asia...

Business3 days ago

WHY 2020 IS THE RIGHT TIME FOR FS MODERNISATION

Chris McLaughlin is chief product and marketing officer at Nuxeo   Few would argue against the notion that the UK...

Top Stories3 days ago

WHAT DOES 2020 LOOK LIKE FOR P2P LENDING?

By Roberts Lasovskis, Investment Platform Lead, TWINO   It’s a new year; time for resolutions and forward planning, positivity and...

Business3 days ago

WHY MAKING MONEY ON YOUR MOBILE IS EASIER THAN YOU MIGHT THINK

Aaron Brooks, Co-Founder of  Vamp   For Millennials and Generation Z, becoming a social media influencer is an increasingly desired...

Interviews4 days ago

DIFFERENTIATION – THE KEY TO THRIVING IN A SATURATED MARKET

Graham Glass, CEO of Cypher Learning   What has enabled Cypher to continue to grow in an increasingly saturated market?...

Finance4 days ago

WILL BLOCKCHAIN REVOLUTIONIZE FINANCE?

By Ken Timsit, ConsenSys   Over the last 10 years, researchers, software developers, start-ups, and large companies have been conducting...

Banking4 days ago

FIVE FINANCIAL SERVICES TRENDS FOR 2020: BIGTECHS SWOOP IN, BANKS GO ON THE OFFENSIVE AND CRYPTOCURRENCY STALLS

Rahul Singh, president of financial services at HCL Technologies   We’ve just finished a very exciting decade in financial services, with new...

Wealth Management4 days ago

COMBATING INSURANCE FRAUD WITH MACHINE LEARNING

By Georgios Kapetanvasileiou, Analytical Consultant at SAS   Most insurance companies depend on human expertise and business rules-based software to...

Business4 days ago

DELIVERING SUCCESSFUL IT SYSTEMS THROUGH THE POWER OF PARTNERSHIPS

By Mike Smith, Executive Director, Virgin Media Business (Direct)   Is there anything more frustrating than finding out your bank account...

News4 days ago

BATTLEFACE RECEIVES INVESTMENT FROM FINTECH VENTURES FUND

battleface Inc., a rapidly growing tech-enabled insurance startup focused on providing travel insurance products for unconventional travellers worldwide, announced today...

News4 days ago

VANQUIS BANK PARTNERS WITH HOOYUTO DIGITALISE KYC PROCESSES

HooYu KYC digital journey deployed during the customer lifecycle on a risk-based approach   Leading customer onboarding and KYC technology...

Banking4 days ago

WHY NEOBANKS ARE ON THE RISE IN THE UK

New research by SmallBusinessPrices.co.uk analyses how neobanks are on the rise and why they’re so popular amongst consumers compared to...

Finance5 days ago

RECOLLECTING 2019 CRYPTOCURRENCY TRENDS & LOOKING FORWARD TO 2020

Marie Tatibouet is the CMO at Gate.io   It has been a bold and progressive year for the digital asset...

Banking6 days ago

WILL HONG KONG REMAIN THE JURISDICTION OF CHOICE FOR OFFSHORE BANKING?

Hong Kong has traditionally been seen as a tax haven and the financial hub of Asia, if not the world....

Technology6 days ago

HOW CHARITIES CAN MEET TOMORROW’S DIGITAL CHALLENGES?

By Steve Georgiou, Business Consultant at Xpedition    Charities are under constant scrutiny for how they handle their finances. Budgets...

Business6 days ago

RECALL YOUR REPUTATION: HOW TO HANDLE PRODUCT RECALLS

By Alex Balcombe, Partner at Harris Balcombe   John Lewis, Tesco, and Hotpoint have all been in the news in...

Business1 week ago

THE WORLD’S MOST ENTREPRENEURIAL COUNTRIES PERFECT TO START A BUSINESS IN

Latona’s has analysed The Global Entrepreneur Monitor data to reveal the world’s most entrepreneurial nation. Analysing each country by a...

News1 week ago

MENDIX SUPPLIES RABOBANK WITH LOW-CODE PLATFORM TO BUILD NEW CORE ONLINE BANKING APPLICATION

New online portal leverages low-code’s speed and flexibility   Mendix, a Siemens business and the global leader in low-code and...

Finance1 week ago

RETIREMENT ANNUITIES AND THEIR ADVANTAGES EXPLAINED

By Gerard Visser, Financial Planning Consultant at Alexander Forbes   There are a number of ways to save and a...

Trending