Moving beyond Today’s IT Security Silos

Can financial institutions make authentication more convenient and flexible for customers without sacrificing the rigor of the IT security? This question came up repeatedly at the recent BAI Payments Connect Conference in Las Vegas.

Today, most institutions enforce different and limited authentication requirements for each channel:  branch, Web site and mobile, and ATM. Authentication credentials that work for one channel often do not work for others.

For example, if you find yourself at an ATM machine without your ATM or debit card, you will not be able to withdraw money, even if you know the user name and password of your online bank account and even if you have your driver’s license with you—the same driver’s license you have presented countless times to tellers to prove your identity when withdrawing cash. This channel—the ATM—requires a card and a PIN. No other credentials will suffice.

Imagine if you could also use your driver’s license and a one-time password delivered to your mobile phone in that situation.  Your financial institution knows lots about you and your account. Could they use that knowledge to make accessing money and services more convenient?

Multifactor Authentication Is Critical

Of course, convenience cannot come at the cost of security. All channels must be secure. And that means that all channels will continue to require multifactor authentication.

Multifactor authentication is authentication that requires data points from at least two independent “factors” (or categories of information). To date, most multifactor authentication solutions have relied on the same two factors: something you have (such as an ATM card) and something you know (such as a PIN).

Recently, it has become feasible to make use of a third factor:  something you are.  Biometric technology is now more precise and more affordable, enabling institutions to take advantage of facial recognition, voice scans, fingerprints,  and other biological measures to aid in authenticating customers.

Offering a Choice of Authentication Factors

In the future, financial institutions could collect and make use of all the information they have about their customers to make authentication more flexible and convenient. The diagram below contrasts the traditional authentication silos that exist in many institutions today with a more flexible approach to multifactor authentication that may be realized in the coming years.

Multifactor authentication silos and flexibility

At the Payments Connect conference, panelists and attendees alike recognized the potential benefits of this more flexible approach. At the same time, they realized that the merit of these authentication services will ultimately be decided by customers. Institutions should experiment with various approaches to discover which ones customers prefer.

As this new technology shows, the IT transformations taking place in financial services involve more than just mobile banking and Big Data. As institutions upgrade their infrastructure to accommodate a Web-savvy, mobile-first customer base, many aspects of customer interactions will be challenged and transformed. To succeed, these transformations will make accessing and managing money convenient for customers without reducing industry standards for security.