Digital commerce exploded in 2020 … and with it so did the risk of fraud including identity theft, account takeover, and fraudulent card-not-present (CNP) transactions. At $18.3M per year per company, the cost of cyberattacks is highest in banking with ecommerce breaches accounting for 80% of all payment card related investigations. Then there’s ransomware payments, which BlackFog estimates will hit $20B in 2021. Plus, it is important to note that the threat landscape is not just external – according to Verizon’s 2020 Data Breach Investigations Report, 27% of attacks in banking originate with staff, of which 18% is malicious and another 9% is due to error.
At the same time, retailers are rushing to keep up with consumer privacy protection regulations like GDPR and PSD2 in Europe, California’s CPA, and CDR in Australia, among others. E-commerce sites must balance consumer protection and privacy with the customer experience, where more friction leads to abandoned applications and shopping carts. Fighting fraud, maintaining compliance, and delighting customers is indeed a tall order.
The key to success for financial services providers is to adopt a modern identity approach for both workers and consumers.
The high assurance approach for your workforce
Financial services employees routinely have access to client records and other sensitive information. This means a high assurance approach should be taken to secure workforce identities and access. Consider credential-based passwordless authentication where a digital certificate provisioned onto the employee’s mobile device transforms it into their trusted workplace identity, granting secure access when the phone is unlocked with the worker’s biometrics. Removing the password effectively eliminates all password hacks. Implementing single sign-on (SSO) with passwordless authentication offers employees one set of secure credentials. Other high assurance workforce use cases include email signing and encryption, as well as continuous identity assurance.
Delight customers with seamless, secure transactions
On the financial consumer side, the key is to delight the customer with transactions that are both seamless and secure, starting with identity verification. Mobile identity proofing supports fully digital customer self-service identity verification and onboarding – no in-person ID checks required (except when required for AML3 compliance).
3D-Secure is recommended for CNP transactions, where higher risk transactions are flagged for additional verification. Transaction signing and verification for online purchases is made possible with a mobile push confirmation code generated cryptographically.
Want to learn about how to increase security while improving the experience for your financial workforce and customers? Join our upcoming webinar: How to fight fraud, delight customers, and increase cybersecurity in the financial services industry.