Snippet: Much like water flowing downhill, fraudsters take the path of least resistance. The advent of the EMV chip made card-present fraud more difficult, reducing it to an all-time low. And while this was great news for brick-and-mortar retailers, the fraudsters’ attention simply moved to the digital space, where banks must now contend with fraud in peer-to-peer payments, credit and debit cards, account takeover, and fraudulent account opening.

Much like water flowing downhill, fraudsters take the path of least resistance. The advent of the EMV chip made card-present fraud more difficult, reducing it to an all-time low. And while this was great news for brick-and-mortar retailers, the fraudsters’ attention simply moved to the digital space, where banks must now contend with fraud in peer-to-peer payments, credit and debit cards, account takeover, and fraudulent account opening. 

An expanded attack surface

Heading off this shift to card-not-present fraud is complicated by the increasing number of digital banking channels available for attack. Banks’ efforts to craft seamless cross-channel experiences, the hallmark of a true omnichannel service offering, have provided new opportunities for fraudsters to do some innovating of their own: developing new types of attacks that take advantage of the reduced friction that is typical of enhanced customer experiences.

This does not mean that a great customer experience inevitably increases the risk of fraud. Introducing strong customer authentication at relevant points and securing the transition between digital channels can reduce opportunities for attack significantly. Whether a consumer begins a transaction in a mobile app and completes it in a call center or starts it on an e-commerce website, where it’s stepped up to a mobile device, their experience can be both exceptional and secure.

A bad actor in control of a legitimate user’s account opens the door, not only to any number of fraudulent actions, but to co-opting previously uncompromised digital channels in service to further criminal activity. It is therefore critical that a bank has robust authentication measures in place for sensitive account activities like password changes, updating contact details and mobile telephone numbers, or changing authorized users.

Only allowing these activities to be initiated from trusted endpoints – registered browsers and mobile apps – is the simplest, and yet most secure and user-friendly solution. By leveraging a trusted endpoint for the most sensitive account changes, a bank can significantly decrease its fraud exposure while allowing users with trusted devices and browsers to transact – even for the most sensitive activities – without friction. This prevents scenarios where a fraudster transfers large sums of money out of an account via an automated clearing house or real-time payment rails like Zelle, while the account holder is unable to intervene until it is too late.

Including the consumer in security

Another essential component of a digital security strategy is a bank’s ability to detect and deter fraudulent digital account openings. Having the ability to perform a strong authentication during account opening has traditionally been difficult, especially in cases involving identity theft. Entersekt’s smart messaging solution meets this challenge by providing a digitally signed, end-to-end encrypted direct messaging channel to the customer’s banking app.

If a bank notices suspicious activity, it can now safely contact them to ask whether they have just opened an account or applied for a new line of credit, for example. The applicant can reply with just one touch – “Yes” or “No” – to immediately confirm whether the application is legitimate or not. They could also be prompted to provide additional details about their application over this second, trusted channel.

Who’s that calling?

The call center is another target for fraudsters, with traditional identity and verification checks relying on credit bureau data and other data sets that may have been compromised. It’s a high-friction, low-assurance scenario where a bank cannot be sure that a caller is who they say they are despite subjecting them to numerous time-consuming checks.

With multiple trusted endpoints linked to the customer, a bank can quickly establish whether a caller’s identity is legitimate. Our customer authentication solution provides several options to confirm identities, including via an in-app “Press to talk to an agent” link or by sending an authentication message to a trusted endpoint if a landline is in play. Interactions like this, orchestrating and securing customer journeys across multiple channels, really are key to distinguishing one digital offering from others.

Whether it be a phone, tablet, or web browser, a consumers’ digital footprint must correlate back to their real-world identity in the most trusted way, while also exposing them to the least friction possible. Putting down strong trust anchors on multiple devices frees banking customers to do it their way, to initiate a transaction on one channel and seamlessly complete it using another, if that is the most convenient path for them to take.


This email address is being protected from spambots. You need JavaScript enabled to view it. if you want to know more from our experts on omnichannel customer authentication.

Subscribe to our blog.


Customer authentication solution sheet

Steve Bledsoe

PRE-SALES SOLUTIONS CONSULTANT

A self-described security ninja for over 13 years, and with a strong focus on sales, payments and authentication, Steve leads the technical sales arm of Entersekt North America. Prior to Entersekt, Steve was a solution architect and sales engineer at VMware working extensively on security and data loss prevention products. He is an active member of the US Payments Forum and KinderGuardin, a non-profit Internet safety organization providing online security education for children and young adults.

Entersekt Logo

Entersekt is an innovator of customer-centric fintech solutions. Financial services providers and other enterprises rely on our patented mobile identity system to provide both security and the best in convenient new digital experiences to their customers, irrespective of the service channel. With us, they can concentrate on their innovation roadmap, while delivering intuitive, low-friction digital experiences to their customers.