Authentication is one of the most crucial defenses against financial crime like fraud and scams, yet authentication strategies are in flux. A rapidly evolving threat landscape, coupled with tightening regulatory requirements and accelerating digitalization, is putting pressure on banks, credit unions, and other financial organizations to rethink their current approaches to authentication.
Escalating risks and cutting-edge technology alone do not dictate authentication strategies, however. As financial organizations look to phase out the password and scale up reliance on technologies such as facial recognition and other biometrics, they contend with their customers’ complex attitudes toward authentication.
Aite-Novarica Group conducted a summer 2022 survey of 2,276 consumers across the U.S., the U.K., and Singapore on their attitudes toward authentication. The results were fascinating—if alarming, at times. Although consumers often do not understand the technology underpinning authentication, they have clear preferences on which authentication methods they use in accessing online banking and making an online purchase. Here are a few key ways organizations can balance consumer preferences with modern authentication capabilities.
1. Listen to Consumers—Within Reason
As financial organizations fine-tune their approaches to authentication, listening to consumers will be key. Still, consumer preferences must be balanced alongside security concerns, as consumers are often more attuned to customer experience than they are security.
Consumers are creatures of habit. They are drawn toward authentication methods they are comfortable and familiar with, as well as methods they find easy to use and over which they have control. This means that their preferences often do not align with the most effective measures in detecting fraud.
In the U.S. and the U.K., most consumers still overwhelmingly prefer the username and password combination, despite its waning efficacy and vulnerability to fraudsters. This preference is often accompanied by poor password hygiene, which spells trouble for consumers and their financial organizations alike—especially as financial crime and economic uncertainty grow.
Among risk management executives, the very concept of authentication is changing: Once conceptualized as a one-time event, authentication is now viewed as more of a continuous and dynamic process, one that captures a greater breadth of consumer interactions with their digital channels. Given this evolution, passwords have become archaic—they are not suited to the modern world of risk and technology.
2. Ease Your Customers Into Newer Security Options
The introduction of innovative authentication methods will be crucial in combatting sophisticated financial crime, but doing so gradually will help prevent friction and other negative customer experiences. Consumers are more likely to embrace new authentication methods through continued exposure rather than an abrupt introduction.
According to the survey data, consumers worldwide are gradually adapting to more innovative authentication methods despite the long-held preference for the username and password. Since 2018, a preference for facial recognition has significantly risen, most likely due to the prevalence of facial recognition as an authenticator on smart devices.
In Singapore, consumers are most inclined to prefer the fingerprint biometric: Singapore has been very progressive in integrating biometrics into its national ID scheme, and multi-factor authentication (MFA) regulations are mature and stringent. Younger generations are also more inclined to favor biometrics like facial recognition, eye biometrics, and fingerprint biometrics, which is unsurprising given the tech-heavy environment in which they have grown up.
This link between exposure and preference is good news. For consumers who are hesitant to leave behind the username and password, continued exposure to a spectrum of innovative authentication methods will help them embrace biometrics. Providing choice will also be integral in easing the transition, as consumers prefer to have control in selecting the methods used to authenticate them.
3. Prioritize Continuous Authentication While Keeping Customers Happy
Amid these varied attitudes toward authentication, financial organizations are tasked with balancing anti-fraud measures alongside high expectations for customer experience. Consumers have very little tolerance for friction and expect their digital interactions to be seamless and quick.
A single negative customer experience could be enough for a customer to sever ties: Unauthorized transactions, false declines, and non-reimbursement in the case of victimization by a social engineering scam are all cause for a customer to leave their financial organization. Clearly, financial organizations cannot afford to get the all-important issue of authentication wrong. Continuous authentication will be essential in both ensuring security and elevating the customer experience.
As financial organizations navigate this changing environment and refine their authentication strategies, there are several steps they can take to ease the transition from the username and password, tamp down on both friction and fraud, and safeguard against customer attrition. Providing choice, listening to customers, and prioritizing continuous authentication will be especially key in ensuring smooth change.
For further insights on global consumers’ attitudes toward authentication and how financial organizations can best manage this landscape, read Aite-Novarica Group’s reports Global Consumers’ Authentication Preferences: Between Fraud and Friction in Digital Banking and Global Consumers’ Authentication Preferences: Frustration, Fraud, and Declines in a Changing E-Commerce Landscape.