Tackling fraud without the friction
For much of its history, banking was a personal business, with customers interacting directly with their bankers and visiting bank branches when specific needs arose. In today’s world, however, consumers expect full banking functionality online and on their mobile devices, which means the industry needs to find other ways to optimize the customer experience via multiple channels and devices.
The problem is that the conservative personal history of banking has made it more difficult for the industry to adopt the latest technology. That’s not to say the banking industry’s concern around expanding functionality on these new platforms is unfounded. The faceless nature of mobile and online banking does present unique risks for financial transactions.
A decade ago, when the bank I once worked for started to provide customers with limited online access to their accounts, I saw, first-hand, that 70% to 80% of the accounts opened online were fraudulent. The industry quickly realized it lacked the tools to effectively verify a customer’s identity. One of the first tools developed to address this issue was knowledge based authentication (KBA), which the industry still uses today. KBA verifies a customer’s identity by asking a question that only that customer should be able to answer. KBA has been fairly effective in preventing fraud, but it can detract from the user experience.
The rise of mobile devices means the banking industry is again dealing with the same security challenges it faced with the launch of online banking. However, today’s consumers are more savvy and have greater expectations of a frictionless customer experience and fraudsters have become more resourceful in accessing consumer data to do harm.
Working to improve the customer experience while still protecting against more advanced fraud, banks have begun implementing dynamic KBA. These improved KBA questions are easier for a consumer to answer; for example, asking where a customer went on vacation last month rather than the dollar amount of a transaction made five years ago. Given the smaller space available on a mobile device, creating more effective questions and decreasing the overall number is one way to improve the customer’s experience.
Financial institutions also now employ frictionless methods for fraud prevention, such as using advances in digital data collection to verify IP addresses and device reputation. Banks can use IP addresses to confirm if a customer is accessing his or her account from a home address or if the IP address raises a red flag (i.e. the IP address is from Russia while the customer is based in the U.S.). The industry also is adding another layer of fraud protection by leveraging the data available through a consumer’s devices, such as their mobile number, a device’s location or a device’s unique International Mobile Equipment Identity number.
While the industry is still in the infancy of partnerships for compiling and analyzing big data to improve fraud detection, frictionless methods for fraud prevention have made great strides over the last few years and will continue to be a source of innovation for the banking industry. One such area we can expect to expand in 2016 is the use of biometric data for fraud detection. Financial institutions will soon be able to partner with organizations that have access to finger prints, for instance, to verify a customer with the touch of a button on their phone. Facial recognition technology is already available and its use will likely expand in 2016, enabling customers to take a selfie to verify their identity before making a financial transaction on their mobile device.
Fraudsters remain diligent in their efforts to match each new advance in technology. With this as a backdrop, every bank’s fraud detection plan must be agile and scalable. While past solutions typically included a limited number of customer attributes to verify identity, solutions now include hundreds of attributes. Fraud’s fluid nature means detection models lose effectiveness over time. The depth of data now available allows solution providers to rapidly update and correct their fraud detection models rather than completely reinvent their model as solution providers have in the past.
Consumers’ expectations for easy mobile and online banking access and functionality will only continue to grow. An optimized customer experience with expanded capabilities will serve as key differentiators for banks and credit unions working to retain customers and grow their brands. This means financial institutions must keep fraud prevention tools in the background of the customer experience but in the forefront of their business operations.