Seamlessly identify legitimate users who share joint accounts, even if they share passwords.
With billions of data points available on the dark web, organizations can no longer trust static authentication even when correct credentials are presented. This poses a real dichotomy and companies are responding by adding more security layers to protect customer accounts.
Many organizations rely on device intelligence tools to decide whether a user is legitimate or not. When these systems see a user coming from a new or unknown location, IP or device, they will add friction to make sure it’s not a fraudster with stolen credentials trying to access.
Although this increases the security of the account, it also poses a problem to legitimate users who share credentials of one account and access it from different devices. The same happens to my partner and me: every time I leave Vancouver and I access my online banking account with my spouse’s credentials I get additional authentication hoops to jump through just check our balance.
Like Ryan said during the Finovate demo “If every time you changed your shoes, your friend stopped recognizing you, that would be a terrible experience in life. Why are we giving our users that same experience in the digital world?”
More users sharing a password
With the steady growth of products available online, more companies are offering group services that combine multiple users tied to one account or plan – such as Spotify’s Premium Family Plan or Netflix’s four profiles per account.
Users with one joint account or plan often share one password – they may have forgotten theirs, or simply have it memorized in their browser – making it harder for companies to understand if a new session from a new device and location is legitimate or not. This authentication challenge for companies results in additional friction on users even if they are legitimate.
Users are more than a device
Authenticating a user with device-based technologies is powerful, but it only gives you insight into one aspect of the user: the device they use to access the account, their connection, and their location. The question we ask is simple: do you want to trust the machine or the human? Users are more than a device: people move around, connect from different channels, and interact with each device differently.
Earlier in May, at Finovate, our colleague Ryan Wilk offered a walk-through of our universal identity solution to the 400-person audience. This solution solves the password-sharing problem that many companies are struggling with.
NuData’s universal identity solution shifts the way the industry understands the concept of device identification technology and puts the trust not on the device, but on the human behind it. The solution monitors how users behave, interact with their device, or move around the environment in real time, building a complete dynamic profile.
By using cutting-edge technology such as behavioral analytics or passive biometrics, even if I am trying to access my bank account outside of Vancouver with my spouse’s password, the system won’t need to step me up thinking I am risky, because it’ll recognize my behavior and know it’s me.
Check out our seven-minute Finovate Spring 2018 demo where you get a tour around our dashboard and the data we are able to gather around a user’s account – in this case, a bank account – to make better authentication decisions.