Before COVID-19, the demand & volume on digital services was increasing at a significant rate. Now, with more users moving online, we are beginning to see an even greater push for businesses to digitize their services, putting an ever-greater emphasis on companies to offer seamless online experiences. What’s important is that as these organizations strive for superior service, they don’t neglect their security around customer authentication.
We are continually seeing fraud increase YOY as fraudsters target services who are yet to embrace the right level of identity & authentication. Whether it’s banking, retail, online entertainment, delivery services or even loyalty points, fraudsters are making use of vulnerabilities, from social engineering and SIM-swap tactics, to more advanced forms of attacks such as the targeting of the SS7 network. This paradox between protecting and prioritising their customers is a substantial challenge for many organizations. Now, more than ever, organizations need to embrace the right level of identity and authentication practices.
The trouble is, the first port of call is to turn to tactical solutions such as SMS OTPs to solve singular issues. Whilst these offer a certain level of security, they are by no means suitable to prevent all types of fraud or meet the needs of the entire customer base. With such a large adoption of SMS OTPs globally, SIM-swap attacks have risen and, as most businesses rely on baselining for protection, fraudsters are easily able to navigate their way through. We saw a recent example of this with an organization, who using our Real-Time Timestamp SIM-Swap service, detected 17% more high-risk SIM-swaps when compared against their existing baseline batch solution.
When reliant on single focus solutions, businesses often find themselves needing to protect the very thing they put in place to provide protection. However, with fraud and consumer expectations shifting at such a rapid pace, scaling technology quickly enough is a struggle for a lot of organizations, leading them to rely on these types of tactical fixes. However, businesses that work with partners who already have the technology to solve these challenges and are experts in specific areas, can scale without having to move their focus away from their strategic goals.
When choosing a technology partner, businesses should look to the applicability of the solution alongside capability. Rather than opting for vendors that only check for fraudulent activity, organizations should opt for solutions that intelligently identify the genuine customer by analyzing and correlating the location, device and behavioral data to determine if the user requesting access to their products and services, really is who they say they are. It is this level of insight that allows both secure and seamless user journeys to be built.
With more of our lives now captured as data, it creates a better opportunity for us to use this for good, to help better identify and respond to customer needs. Fraud is complex, and with more data at the disposal of the bad guys, this will continue to be the case. This is why layered contextual information is so important. Passive behavioural checks can prevent more complex fraud such as Automated Push Payments, where irregular behaviour can be flagged, and the user can be warned.
This approach to fraud and authentication also presents an opportunity to build better services for all customers, and particularly those who are vulnerable or ‘underserved’. The trouble with ‘catch-all’ solutions such as SMS is that they only meet the needs of a proportion of the customer base as users may not have access, ability or preference to use certain methods. This friction and frustration impacts payment journeys, leading to abandoned transactions.
By offering each individual customer the appropriate journey based on the contextual data and the type of transaction, organizations can move away from clunky payment processes to hyper-personalized payment experiences.
Customer expectations are shifting and with more online services than ever, the battle to win customer loyalty is more complex than ever. What’s clear is that the companies that will come out on top are those that can offer seamless payment experiences whilst assuring their customers are safe and secure.