Identity & Fraud

Authenticate Right the First Time

Authenticate Right the First Time

April 29, 2020 | Laurie Anderson

Authentication Strategies for Today’s Digital Age

Carefully orchestrated authentication and identification strategies are critical in today’s digital era, especially since legacy systems used to detect and mitigate fraud are being aged out. Accurately identifying customers can be challenging for financial institutions (FIs), particularly early in the transaction process and acquisition phase. Nonetheless, identifying and authenticating customers is paramount to knowing who you are doing business with and to help mitigate fraud in the midst of expected business growth. 

Companies need to manage digital authentication in a more complex manner than ever before. Incidents of new account, account takeover and synthetic identity fraud are growing at an annual rate of 100 percent or more.[1] This creates increasing vulnerabilities for FIs that are expanding their digital sales and services.

Clearly, to fight existing and evolving fraud effectively without disrupting the consumer’s experience, organizations must change how they approach identity authentication and fraud prevention. Employing advanced authentication strategies is essential for mitigating risks—and establishing the “gold standard.” That's especially important given the increasing number of transaction touchpoints, both in-person and digital.

Advanced Authentication Strategies are Essential for Mitigating Risks

The combination of behavioral biometrics, identity information and machine learning can help identify patterns to determine if a consumer is genuine. It also helps to create a strategy around how you challenge those who pose a risk. You can generate new insights by harnessing consumer interaction data from your website, CRM or loan origination system; connecting it with third-party data; and applying continuous learning layers. The new insights can help answer key questions: 

Improve Pass Rates While Blocking Fraudsters

By incorporating flexible, adaptive machine learning and artificial intelligence, FIs discover valuable customer insights often overlooked by legacy systems or the human eye alone.  We’re seeing customers make headway against fraud by implementing new digital authentication practices, including:

Pre-populated consumer verification:

Pre-populated data in nine keystrokes during online checkout eases the customer interaction. This translates to a higher conversion rate. A major technology company that connects auto dealers with credit unions implemented this strategy, and it reported a better consumer experience and reduced fraud.

Secure one-time use hyperlink: 

Consumers enter one set of credentials to access online services to help:

  • Increase productivity
  • Keep data more secure
  • Reduce costs associated with lengthy credentialing processes
  • Increase security, as secure links are more reliable and easier for consumers to remember than static passwords 

Document verification:

This verifies the authenticity of a government-issued identity document. It also authenticates that the consumer’s selfie photo matches their photo on the document, allowing identity proofing.

  • Helps to answer: is this person more likely the person that they say they are
  • Improves customer experience as the consumer doesn’t have to physically show proof of identity

Account verification: 

Helps to minimize risk for businesses by matching the consumer’s credit card and/or bank account (checking, savings, direct deposit and money market accounts (excluding HELOC accounts)) presented for payment with their Personal Identifiable Information (PII) data.

  • Verifies a consumer’s identity, and
  • Verifies a credit card or bank account is associated with that consumer
  • Helps to answer three driving questions:
    1. Is this person more likely the person they say they are?
    2. Is the account/card real?
    3. Is the consumer an authorized user of the account?

Choosing the right identity authentication solution depends on where authentication is needed in the customer lifecycle. Multi-factor identification is a recognized best practice that uses at least two of these three verification methods:

  • What they know: Passwords or answers to knowledge-based authentication (KBA) question 
  • What they have: Mobile phone ownership or identity documents 
  • Who they are: Biometric identifiers

Identify your Maximum Viable Person

By combining one or more of the new digital authentication strategies with these best practices can help identify and authenticate customers -- helping you find your Maximum Viable Person.

  1. Use diverse data sources

    Unique data assets build holistic identity profiles that can signal anomalies in PII and behavioral characteristics. This occurs not only in credit decisioning processes, but in verification, authentication and fraud prevention as well.
  2. Improve authentication processes

    A robust combination of authentication techniques through single-factor authentication (signing into a password-protected account) and multi-factor authentication (MFA) processes apply second and even third checkpoints to authenticate a person more effectively.
  3. Embrace analytics

    Advanced analytics—coined by Stanford as “the science of getting computers to act without being explicitly programmed”—empowers your organization to detect linkages and suspicious patterns. As a result, it reduces time and money spent on manual reviews, and helps protect your organization’s reputation.
  4. Orchestrate and optimize

    Many organizations experience high false-positive rates in their internal fraud prevention measures. However, reaching out manually to question applicants is an inefficient use of staff resources. It can also cause delays that prompt consumers to move on to competitors. Therefore, by implementing digital attributes and behavior pattern logic that run in the background to identify risks, you can orchestrate an appropriate, automated interaction with the consumer, as well as authenticate a person’s identity as passively as possible.
  5. Monitor your customers

    Dynamic economic conditions, shifting trends and evolving regulations continually impact businesses—both positively and negatively. This makes it imperative to stay updated on the account activity of your user base. This can be done by continually checking your user base with some of the authentication strategies mentioned previously.
  6. Keep improving

    Intelligence gained from knowing your customers will streamline initiatives to create and sustain customer loyalty.

By integrating various authentication processes that are currently fragmented, you’re enhancing your organization’s ability to offer a true omni-channel experience. In addition, applying stronger authentication methods across channels will help reduce the risk of fraudsters using the weakest channel as a “beachhead” for attacking other channels.  Learn more about how you can establish your own gold standard of identity authentication and fraud prevention in our recent webinar, The New Era of Identity: Authenticate Right the First Time.

[1] Source: Aite 2018 Analyst Report