What is customer authentication?
Customer authentication is the process of verifying a customer’s identity when they want to access a device or authorize an action like a bank payment on their mobile app. Customer authentication methods to prove the customer is who they say they are can include passwords, OTPs or more modern, secure authentication like biometrics or multi-factor authentication solutions.
Customer authentication is the process of verifying a customer’s identity when they want to access a device or authorize an action like a bank payment on their mobile app. Customer authentication methods to prove the customer is who they say they are can include passwords, OTPs or more modern, secure authentication like biometrics or multi-factor authentication solutions.
Why is customer authentication essential in banking?
In banking, customer authentication is essential, because financial institutions must be able to differentiate their customers from financial criminals. However, this can sometimes result in a tradeoff between strong security and a good user experience. In e-commerce payments, for instance, customer authentication must be secure and provide a seamless user experience to prevent customer frustration and high cart abandonment rates.
If we look at banking payment flows, for example, customer authentication occurs at different stages depending on whether the transaction is a pull or push transaction. In push transactions, like instant payments, customer authentication is the first step of the process. While in pull payments, like subscription or membership payments, customer authentication occurs towards the end of the process to verify the payee.
Banks also use customer authentication to verify their customers when they log in to their banking device, when they contact the bank’s call center, or to open a new account, for instance.
How do industry bodies support customer authentication?
Industry regulatory bodies help banks and credit unions protect their customers from fraud through authentication standards like EMV 3-D Secure for secure e-commerce payments, Fast IDentity Online (FIDO) for digital identity authentication, and in Europe and the UK, Strong Customer Authentication (SCA), which requires multi-factor authentication measures, and the Second Payment Services Directive (PSD2), supporting retail payment innovation and security
In banking, customer authentication is essential, because financial institutions must be able to differentiate their customers from financial criminals. However, this can sometimes result in a tradeoff between strong security and a good user experience. In e-commerce payments, for instance, customer authentication must be secure and provide a seamless user experience to prevent customer frustration and high cart abandonment rates.
If we look at banking payment flows, for example, customer authentication occurs at different stages depending on whether the transaction is a pull or push transaction. In push transactions, like instant payments, customer authentication is the first step of the process. While in pull payments, like subscription or membership payments, customer authentication occurs towards the end of the process to verify the payee.
Banks also use customer authentication to verify their customers when they log in to their banking device, when they contact the bank’s call center, or to open a new account, for instance.
How do industry bodies support customer authentication?
Industry regulatory bodies help banks and credit unions protect their customers from fraud through authentication standards like EMV 3-D Secure for secure e-commerce payments, Fast IDentity Online (FIDO) for digital identity authentication, and in Europe and the UK, Strong Customer Authentication (SCA), which requires multi-factor authentication measures, and the Second Payment Services Directive (PSD2), supporting retail payment innovation and security
What is strong customer authentication?
Strong customer authentication (SCA) refers to the security standards for online payments. SCA forms part of the Second Payment Services Directive (PSD2), the regulations for digital payments in the EU. To comply with SCA, financial institutions need to use two-factor authentication, such as knowledge and possession, as a minimum level of security. The aim of SCA is to make it safer for consumers to make online payments and to reduce payment fraud.
Example:
A banking customer wants to make a transfer from their one account to another in their mobile banking app. To open their banking app, they first need to verify their identity through customer authentication measures like biometrics or a username and password. Once they have verified their identity, the bank knows it is them transacting, rather than a fraudster, and the customer gains access to their accounts to make the transfer.
Explore further:
Keywords:
Authentication | Passwordless authentication | Payments
Strong customer authentication (SCA) refers to the security standards for online payments. SCA forms part of the Second Payment Services Directive (PSD2), the regulations for digital payments in the EU. To comply with SCA, financial institutions need to use two-factor authentication, such as knowledge and possession, as a minimum level of security. The aim of SCA is to make it safer for consumers to make online payments and to reduce payment fraud.
Example:
A banking customer wants to make a transfer from their one account to another in their mobile banking app. To open their banking app, they first need to verify their identity through customer authentication measures like biometrics or a username and password. Once they have verified their identity, the bank knows it is them transacting, rather than a fraudster, and the customer gains access to their accounts to make the transfer.
Explore further:
- Watch: Entersekt’s customer authentication solution strips away complexity to deliver a smooth, hassle-free experience.
- Blog: How biometrics stop instant payments becoming instant fraud.
- Video: Learn more about EMV 3-D Secure.
Keywords:
Authentication | Passwordless authentication | Payments