Confirm your customer: how strong authentication leads to more transactions

Dewald Nolte|15 November 2017
Confirm your customer: how strong authentication leads to more transactions

Losses from card fraud approached $23 billion worldwide in 2016, according to the 2017 Nilson Report, and with the rising tide of data breaches and other cyberattacks, that sum is projected to reach $33 billion by 2021.

Banks and merchants continue to increase security measures within their digital platforms and payment systems — in fact, Bank of America has reported an “unlimited cybersecurity budget” — with the goal to decrease fraud while not decreasing the number of transactions. That means confirming customers’ identities without detracting from their user experience.

When customers don’t feel safe transacting online or via their mobile devices, they will likely explore other options. According to the American Express 2017 Digital Payments Survey:

  • 37 percent of users abandon online purchases when they do not feel secure;
  • 73 percent of merchants report that their level of fraudulent online sales has increased or remained the same during the past year; and
  • 58 percent of merchants who experienced an online sales increase said that enhanced security features “played a very significant role.”

A strong connection

As more consumers use banking apps on their digital devices, issuers are increasingly required to confirm customer identities and verify accounts during transactions. The traditional model (where banks rely on email confirmation and assume the risk of compromised customer information) hurts the financial institution and diminishes customer loyalty and trust.

A well-executed active authentication solution not only reduces fraud, but also increases transaction volume. For a German card issuer, a mobile app security solution with strong, push-based authentication decreased fraud by 95 percent while successful transactions increased by 29 percent in less than 5 months. A more interesting statistic about this implementation is that over the same period the revenue for the issuer increased by 15%. Compare that to risk-based authentication, which according to BI Intelligence prevented $6.5 billion in fraud, but blocked $8.6 billion worth of legitimate transactions, thereby effectively stopping $2 billion worth of legitimate transactions. 

The way forward

So where is the US banking market headed? A look at the Revised Payment Services Directive (PSD2) in Europe provides clues, as this framework requires strong customer authentication (SCA) based on the user’s device and either a PIN or biometric feature. The benefits of active authentication, which requires real-time responses to push notifications, accrue to both sides of the transaction:

  • Users are engaged and feel in control during transactions;
  • This empowerment builds trust, leading to more transactions; and
  • Institutions get digitally signed proof of consent, which supports non-repudiation.

Most customers prefer to be involved and engaged in the authentication process; they actively choose security measures, and prefer a visual indicator of these. Banks invest heavily to secure their mobile banking platforms, but in doing so, they often create an environment that detracts from the user experience.

It shouldn’t be an “either/or” proposition between security or customer convenience. Successful financial institutions are choosing both, with an active authentication solution that confirms customers and makes their digital banking experience friction-free.

About the author

Dewald Nolte

Dewald Nolte

SVP partnerships & alliances

Dewald co-founded Entersekt in 2008. He’s responsible for expanding our global network of strategic alliances and technology partners. Having been involved in several projects further afield than Entersekt, including the A-Darter missile program for Denel Dynamics, his technical ability is as impressive as his solid business acumen.

Subscribe to our newsletter for our latest news, press releases and events

logo entersekt

Entersekt is an international software development company based just outside of Cape Town, South Africa.

We are leaders in authentication, app security, and payments enablement technology, offering a highly scalable solution set with a track record of success across multiple continents.