E-commerce companies risk the displeasure of their customers if there is a security failure but always have the option to win back their customers if the worst happens. Banks, however, have a lot more to lose if a customer has been compromised. Customers think of changing banks the way they think about moving – a big decision, a huge hassle, and no going back. Banks hold too much in trust for customers, and if they feel their trust has been violated, customers will not hesitate to bail.
So keeping that trust secure is among the highest priority – one that butts up against another consumer desire to deliver a fast and innovative mobile banking experience. Satisfying both these needs has historically been a tight rope to walk, but new technologies offer much-needed relief.
Mobile usage is rapidly outpacing desktop logins at financial websites across the globe. Mobile banking customers are more engaged, logging on an average of 14-15 times per month vs. four to five times for banking customers on a desktop. Focusing on improving customer engagement in the mobile space, and making mobile apps indispensable, can further cement brand loyalty when customers have more options available than ever before. Failing to deliver this deep customer experience means losing customers to more agile competitors, and making new customer acquisition extremely difficult.
Of course, easy-to-use mobile experiences comes with a price, it makes the app more attractive to online criminals. This muddies the waters, resulting in higher-risk transactions, and less data to adjudicate between good users and bad. Mistakes get made, and false positives and false negatives rise sharply.
Under old systems, it’s no simple matter to make those calls, because legitimate customers have a very low tolerance for incidents of fraud. Even how they discover fraud has a huge impact. In a recent study on consumer behavior, if banks alert customers to fraud, only 2.5%of customers would leave that bank; but if customers discovered that fraud on their own, there was a four-fold increase in customer churn, and one in five customers defect to another institution. Banks spend years developing that relationship, so why risk it? Especially when there are alternatives.
And if customers don’t like risk, financial institutions like it even less, and for good reason. Since 2010, incidences of card-related data breaches have increased over 340% and the theft of login and password data has increased over 300%. Consumers who have had their account information stolen are 10 times more likely to be the victim of financial fraud, and worse a portion will experience true identity theft – a crime with lifetime ramifications.
Striking that balance, protecting against security threats while at the same time satisfying consumer demand for convenience and functionality, is driving nearly 80% of financial institutions to invest in technology solutions that do both. Often these investments are diametrically opposed, either increasing risk by making consumer access more convenient or decreasing customer engagement by making account security standards even more stringent. Solutions must be found that don’t compromise either, keeping mobile banking both easy to use and secure.
To do that, we need to move beyond tradition to devise new solutions. A combination of device ID, data matching and static usernames and passwords does not guarantee a legitimate login, just as failing to match dos not necessarily indicate fraud. Attempts to add dynamic elements like one-time passwords and SMS texts to authenticate, adds too much customer friction, resulting in confusion, backlash and rejection. The solution? Passive biometrics and behavioral analytics working passively in the background to protect customer interactions and block fraudsters all without customer friction.
For the short term, an increasingly mobile-first world suggests we will continue to authenticate with static information like usernames, passwords and device IDs. But by using a combined approach of passive biometrics and behavioral analytics on top of existing authentication solutions, it is possible to strike that balance of a frictionless customer experience and increased security. Even better, those financial institutions that are able to confidently authenticate their customers can push out individualized offers and provide a streamlined user experience, further strengthening customer trust and engagement, and ultimately increasing the bottom line.
Ok, so eliminating fraud completely may have struck you as an April Fools Joke, but we really are closer to making it a reality.